Create Hosted Zone

In this section you will create an Amazon Route 53 public hosted zone for your desired domain. ExternalDNS will dynamically update the records of this zone based on the Ingress resources in your EKS cluster.

Note

If you already have a hosted zone for your desired domain, you may proceed to the Verify section.

Procedure

  1. Specify the DNS name suffix (domain) for the hosted zone:

    root@rok-tools:~# export DOMAIN=<DOMAIN>
    

    Replace <DOMAIN> with your desired domain. For example:

    root@rok-tools:~# export DOMAIN=apps.example.com
    
  2. List all the available hosted zones:

    root@rok-toos:~# aws route53 list-hosted-zones \
    >     --query 'HostedZones[].{ID:Id,Name:Name,Private:Config.PrivateZone}' \
    >     --output table
    
  3. Create a managed zone in Cloud DNS.

    Warning

    If you already have a zone for your domain skip this step. Otherwise you will end up with a new, dangling one.

    root@rok-tools:~# aws route53 create-hosted-zone \
    >     --name "${DOMAIN}." \
    >     --caller-reference "aws-$(date +%s)"
    
  4. Obtain the zone ID:

    root@rok-tools:~# export AWS_ZONE_ID=$(aws route53 list-hosted-zones | \
    >     jq -r '.HostedZones[] | select(.Name=="'${DOMAIN?}.'") | .Id')
    
  5. Obtain the Amazon nameservers for your hosted zone:

    root@rok-tools:~# aws route53 list-resource-record-sets \
    >     --output json \
    >     --hosted-zone-id ${AWS_ZONE_ID?} \
    >     --query "ResourceRecordSets[?Type == 'NS']" | \
    >         jq -r '.[0].ResourceRecords[].Value'
    ns-2048.awsdns-64.com
    ns-2049.awsdns-65.net
    ns-2050.awsdns-66.org
    ns-2051.awsdns-67.co.uk
    
  6. Update your nameservers to forward DNS queries for DOMAIN to the Amazon nameservers found above.

Verify

  1. Ensure that a managed zone for your desired domain exists:

    root@rok-tools:~# export AWS_ZONE_ID=$(aws route53 list-hosted-zones | \
    >     jq -r '.HostedZones[] | select(.Name=="'${DOMAIN?}.'") | .Id') && \
    >        echo ${AWS_ZONE_ID?}
    /hostedzone/Z08893681AKMCJZ2MRWZ4
    
  2. Obtain the Amazon nameservers for your hosted zone:

    root@rok-tools:~# aws route53 list-resource-record-sets \
    >     --output json \
    >     --hosted-zone-id ${AWS_ZONE_ID?} \
    >     --query "ResourceRecordSets[?Type == 'NS']" | \
    >         jq -r '.[0].ResourceRecords[].Value'
    ns-2048.awsdns-64.com
    ns-2049.awsdns-65.net
    ns-2050.awsdns-66.org
    ns-2051.awsdns-67.co.uk
    
  3. Ensure that the domain is delegated to the exact same nameservers found above:

    root@rok-tools:~# host -t ns ${DOMAIN?}
    apps.example.com name server ns-2048.awsdns-64.com.
    apps.example.com name server ns-2049.awsdns-65.net.
    apps.example.com name server ns-2050.awsdns-66.org.
    apps.example.com name server ns-2051.awsdns-67.co.uk.
    

Summary

You have successfully created an Amazon Route 53 public hosted zone.

What’s Next

The next step is to create an IAM role for ExternalDNS.