There’s no technical topic I’ve written about in this space more than DNS: 2001, 2003, 2007, 2009. My efforts to keep the Elections PEI servers online after a hurricane were valiant, but ultimately stymied by a DNS server in my basement that lacked power.
Needless to say, when I write about DNS, it’s generally an after-action review of some calamity.
Today is different!
I’ve been using Amazon Route 53 for DNS for some year now: it dovetailed well with my use of other Amazon services, both personally and for clients, it was relatively simply to manage, and worked without fail.
When I migrated this blog, and other servers I manage, away from Amazon, though, it made less sense, especially as the absence of other services made more evident that Route 53 not inexpensive. Here’s a chart that shows Route 53 charges relative to my monthly Amazon bill:
No, it’s not going to break me, but when I realized that Hetzner, where I’ve been hosting this blog post-Amazon, offers DNS for free, I was motivated to migrate.
What sealed the deal was realizing that I could use DNSControl to make the migration painless.
DNSControl supports managing DNS in both Route 53 and Hetzner via API, meaning I could import the existing zones from Route 53 and export them out to Hetzner.
Here are the basics of what I did.
I installed DNSControl on my MacBook Air:
brew install dnscontrolI created a skeleton dnsconfig.js file, with:
var DSP_R53_MAIN = NewDnsProvider("r53_main");
var DSP_HETZNER = NewDnsProvider("hetzner_v2");
var REG_CHANGEME = NewRegistrar("none");I created a creds.json file with the credentials for Route 53 and Hetzner (after generating the API keys using the respective systems on each for doing so):
{
"hetzner_v2": {
"TYPE": "HETZNER_V2",
"api_token": "REDACTED"
},
"r53_main": {
"TYPE": "ROUTE53",
"AWS_ACCESS_KEY_ID": "REDACTED",
"AWS_SECRET_ACCESS_KEY": "REDACTED",
"AWS_REGION": "us-east-1"
}
}Then, zone by zone, I grabbed the existing Route 53 information, for example:
dnscontrol get-zones --format=js r53_main ROUTE53 whatsmylot.com >> dnsconfig.jsThis populated my dnsconfig.js file with sections like:
D("whatsmylot.com", REG_CHANGEME,
DnsProvider(DSP_R53_MAIN),
A("@", "135.181.248.33"),
);To switch these over to Hetzner required a simply search and replace of DSP_R53_MAIN with DSP_HETZNER, followed by a:
dnscontrol previewto check for any errors (there were a few edits require for zones that used Route 53-only features), and then:
dnscontrol pushto push the zones to Hetzner.
All of which just worked.
After some testing to ensure everything imported cleaning, the final step was logging into Webnames.ca, where all my domains are registered, and updating the DNS servers to point to Hetzner’s instead of Amazon’s.
A side-benefit of all of this is that, per DNSControl’s founding principle number one, DNS should be treated like code. This means I can store it in a repository, maintain it with a text editor, and migrate it just as easily the next time I want to move.
There is a sense of deja vu to all this: back in the days when I ran my own DNS servers, I took a similar approach, with a homebrew system that took zone information from text files and created the files that BIND needed.
It’s nice to finally have been able to write a good news DNS post!
About This Blog
I am Peter Rukavina and this is my blog. I am a writer, letterpress printer, and a curious person.
To learn more about me, read my /now, look at my bio, listen to audio I’ve posted, read presentations and speeches I’ve written, or get in touch (peter@rukavina.net is the quickest way).
I have been writing here since May 1999: you can explore the 25+ years of blog posts in the archive.
You can subscribe to an RSS feed of posts, an RSS feed of comments, or a podcast RSS feed that just contains audio posts. You can also receive a daily digests of posts by email. I also publish an OPML blogroll.
Elsewhere: Instagram • YouTube • Vimeo • ORCID • OpenStreetMap • Internet Archive • PEI.art • Drupal • Github.
Add new comment