Domain Name System (DNS) Delegation with Azure DNS Zones

Anand Rao · July 31, 2018

In a lot of our cloud related journeys, Managing DNS and  sub-domains for specific needs is a common challenge. If you add to that the need for cross hosting DNS  for sub domains across multiple IAAS makes it a little challenging for starters.

In this post ,  I will cover my example of hosting my primary DNS  on AWS ,  creating a DNS Zone for a sub domain in Azure and pointing a single A-Record on the subdomain to my Concourse instance running on Azure ( actually to the load-balancer in front of Concourse). Typically ,  your primary Name servers will reside on the domain registrar you have used for your registration. a few examples are , , AWS route53  and more. It is very possible you can create zone based delegation on the service you registered. But,  when you use  the Automation created as part of PCF-Pipelines ,  there  are some zone ( sub zones ) created by the pipelines on the DNS  service  on the IAAS  you are installing. This has been the primary driver for me to write this post to explain cross service DNS delegation.

  1.  Lets create a new DNS  Zone in Azure for the subdomain - 
  2. Here, you can see that I created not only a Zone, but a A-Record pointing to my load balancer for concourse as well. We also should copy the Value field in the NS-Record.                                  
  3. Now I login to my AWS Route-53 Console where I registered my primary DNS. You could have done this in one of many Domain Name Registrars. All of them will allow you to do what I will explain here in this step.                                                                                                            
  4. Login to the AWS Console and Make your way to Route-53
      Click on the Zones link to get you to the Zone Listing.                                                                     
      On the listing , click on the record for the primary domain.                                                                 
      Now its time to link the Zone created in Azure to the primary domain. We do this by adding a NS-Record on the primary Zone and pointing the name servers to the list we copied from the Azure DNS Zone.                                                                                                                              
      Here we go ,  we have not successfully delegated our DNS for a subdomain.  

      As a test for this ,  I have created an entry on my sub-domain in Azure-DNS called an A-Record. This is a pointer to a specific IP Address for a given domain name.  In this case  I want all requests  for to go to the IP Address of the load-balancer in front of the concourse cluster we created  per this blog post
      You can extract the IP Address  of the load-balancer  with the sample  command below on the bbl folder and add the A-Record on the zone ( sample Screen shot below).  

      anandrao at Anands-MBP in ~/pivotal/repos/bbl-az/bbl
      $ bbl lbs
      Concourse LB: bbl-env-ontario-2018-07-31t05-15z-concourse-lb (

      Open a browser and confirm that the link for the wings ( concourse on Azure )  works. 

      Quick links to the "The PCF on Azure" Blog Series : 

    Twitter, Facebook