Mod 4 - Lab - Configure Azure DNS

Download as pdf or txt
Download as pdf or txt
You are on page 1of 6

1/25/2021 AZ-103-MicrosoftAzureAdministrator

Scenario
Lab: Configure Azure DNS
All tasks in this lab are performed from the Azure portal (including a PowerShell Cloud Shell session)
Objectives

Exercise 1:
❕ Note: When not using Cloud Shell, the lab virtual machine must have the Azure PowerShell 1.2.0 module (or newer) installed
Configure Azure
DNS for public https://docs.microsoft.com/en-us/powershell/azure/install-az-ps
domains

Exercise 2: Lab files:


Configure Azure
DNS for private Labfiles\Module_04\Configure_Azure_DNS\az-100-04b_01_azuredeploy.json
domains
Labfiles\Module_04\Configure_Azure_DNS\az-100-04b_02_azuredeploy.json

Labfiles\Module_04\Configure_Azure_DNS\az-100-04_azuredeploy.parameters.json

Scenario

Adatum Corporation wants to implement public and private DNS service in Azure without having to deploy its
own DNS servers.

Objectives

After completing this lab, you will be able to:

Configure Azure DNS for public domains

Configure Azure DNS for private domains

Exercise 1: Configure Azure DNS for public domains

The main tasks for this exercise are as follows:

1. Create a public DNS zone

2. Create a DNS record in the public DNS zone

3. Validate Azure DNS-based name resolution for the public domain

Task 1: Create a public DNS zone

1. From the lab virtual machine, start Microsoft Edge, browse to the Azure portal at http://portal.azure.com
and sign in by using a Microsoft account that has the Owner role in the Azure subscription you intend to
use in this lab.

2. In the Azure portal, navigate to the New blade.

3. From the New blade, search Azure Marketplace for DNS zone.

4. Select DNS Zone, and then click Create.

5. From the Create DNS zone blade, create a new DNS zone with the following settings:

Subscription: the name of the Azure subscription you are using in this lab

Resource group: the name of a new resource group az1000401b-RG

Name: any unique, valid DNS domain name in the .com namespace

Resource group location: (US) East US (or a supported region near you)

Task 2: Create a DNS record in the public DNS zone

1. From your lab computer open a Powershell session, run the following in order to identify the public IP
address of your lab computer:

https://microsoftlearning.github.io/AZ-103-MicrosoftAzureAdministrator/Instructions/Labs/04 - Configure Azure DNS (az-100-04b).html 1/6


1/25/2021 AZ-103-MicrosoftAzureAdministrator

Code  Copy

Invoke-RestMethod http://ipinfo.io/json | Select-Object -ExpandProperty IP

❕ Note: Take a note of this IP address. You will use it later in this task.

2. From the Azure Portal, start a PowerShell session in the Cloud Shell.

❕ Note: If this is the first time you are launching the Cloud Shell in the current Azure subscription, you will be asked to
create an Azure file share to persist Cloud Shell files. If so, accept the defaults, which will result in creation of a storage
account in an automatically generated resource group.

3. In the Cloud Shell pane, run the following in order to create a public IP address resource:

Code  Copy

$rg = Get-AzResourceGroup -Name az1000401b-RG

New-AzPublicIpAddress -ResourceGroupName $rg.ResourceGroupName -Sku Basic -AllocationMethod


Static -Name az1000401b-pip -Location $rg.Location

4. In the Azure portal, navigate to the az1000401b-RG resource group blade.

5. From the az1000401b-RG resource group blade, navigate to the blade displaying newly created public
DNS zone.

6. From the DNS zone blade, click + Record set to navigate to the Add record set blade

7. Create a DNS record with the following settings:

Name: mylabvmpip

Type: A

Alias record set: No

TTL: 1

TTL unit: Hours

IP ADDRESS: the public IP address of your lab computer you identified earlier in this task

8. From the Overview blade, click + Record set, and create another record with the following settings:

Name: myazurepip

Type: A

Alias record set: Yes

Alias type: Azure resource

Choose a subscription: the name of the Azure subscription you are using in this lab

Azure resource: az1000401b-pip

TTL: 1

TTL unit: Hours

Task 3: Validate Azure DNS-based name resolution for the public domain

1. On the DNS zone blade, note the list of the name servers that host the zone you created. You will use the
first of them named in the next step.

https://microsoftlearning.github.io/AZ-103-MicrosoftAzureAdministrator/Instructions/Labs/04 - Configure Azure DNS (az-100-04b).html 2/6


1/25/2021 AZ-103-MicrosoftAzureAdministrator

2. From the lab virtual machine, start Command Prompt and run the following to validate the name resolution
of the two newly created DNS records (where <custom_DNS_domain> represents the custom DNS
domain you created in the first task of this exercise and <name_server> represents the name of the DNS
name server you identified in the previous step):

Code  Copy

nslookup mylabvmpip.<custom_DNS_domain> <name_server>

nslookup myazurepip.<custom_DNS_domain> <name_server>

3. Verify that the IP addresses returned match those you identified earlier in this task.

❕ Result: After you completed this exercise, you have created a public DNS zone, created a DNS record in the public DNS zone,
and validated Azure DNS-based name resolution for the public domain.

Exercise 2: Configure Azure DNS for private domains

The main tasks for this exercise are as follows:

1. Provision a multi-virtual network environment

2. Create a private DNS zone

3. Deploy Azure VMs into virtual networks

4. Validate Azure DNS-based name reservation and resolution for the private domain

Task 1: Provision a multi-virtual network environment

1. From the Azure Portal, start a PowerShell session in the Cloud Shell.

2. In the Cloud Shell pane, run the following in order to create a resource group:

Code  Copy

$rg1 = Get-AzResourceGroup -Name 'az1000401b-RG'

$rg2 = New-AzResourceGroup -Name 'az1000402b-RG' -Location $rg1.Location

3. In the Cloud Shell pane, run the following in order to create two Azure virtual networks:

Code  Copy

$subnet1 = New-AzVirtualNetworkSubnetConfig -Name subnet1 -AddressPrefix '10.104.0.0/24'

$vnet1 = New-AzVirtualNetwork -ResourceGroupName $rg2.ResourceGroupName -Location


$rg2.Location -Name az1000402b-vnet1 -AddressPrefix 10.104.0.0/16 -Subnet $subnet1

$subnet2 = New-AzVirtualNetworkSubnetConfig -Name subnet1 -AddressPrefix '10.204.0.0/24'

$vnet2 = New-AzVirtualNetwork -ResourceGroupName $rg2.ResourceGroupName -Location


$rg2.Location -Name az1000402b-vnet2 -AddressPrefix 10.204.0.0/16 -Subnet $subnet2

Task 2: Create a private DNS zone

1. In the Cloud Shell pane, run the following in order to create a private DNS zone with the first virtual
network supporting registration and the second virtual network supporting resolution:

Code  Copy

https://microsoftlearning.github.io/AZ-103-MicrosoftAzureAdministrator/Instructions/Labs/04 - Configure Azure DNS (az-100-04b).html 3/6


1/25/2021 AZ-103-MicrosoftAzureAdministrator

$vnet1 = Get-AzVirtualNetwork -Name az1000402b-vnet1

$vnet2 = Get-AzVirtualNetwork -name az1000402b-vnet2

$zone = New-AzPrivateDnsZone -Name adatum.corp -ResourceGroupName $rg2.ResourceGroupName

$vnet1link = New-AzPrivateDnsVirtualNetworkLink -ZoneName $zone.Name -ResourceGroupName


$rg2.ResourceGroupName -Name "vnet1Link" -VirtualNetworkId $vnet1.id -EnableRegistration

$vnet2link = New-AzPrivateDnsVirtualNetworkLink -ZoneName $zone.Name -ResourceGroupName


$rg2.ResourceGroupName -Name "vnet2Link" -VirtualNetworkId $vnet2.id

2. In the Cloud Shell pane, run the following in order to verify that the private DNS zone was successfully
created:

Code  Copy

Get-AzPrivateDnsZone -ResourceGroupName $rg2.ResourceGroupName

Task 3: Deploy Azure VMs into virtual networks

1. In the Cloud Shell pane, upload the az-100-04b_01_azuredeploy.json, az-100-04b_02_azuredeploy.json,


and az-100-04_azuredeploy.parameters.json files from the Labfiles\Module_04\Configure_Azure_DNS
folder.

2. In the Cloud Shell pane, run the following in order to deploy an Azure VM into the first virtual network:

Code  Copy

cd $home

New-AzResourceGroupDeployment -ResourceGroupName $rg2.ResourceGroupName -TemplateFile "./az-


100-04b_01_azuredeploy.json" -TemplateParameterFile "./az-100-04_azuredeploy.parameters.json"
-AsJob

3. In the Cloud Shell pane, run the following in order to deploy an Azure VM into the second virtual network:

Code  Copy

New-AzResourceGroupDeployment -ResourceGroupName $rg2.ResourceGroupName -TemplateFile "./az-


100-04b_02_azuredeploy.json" -TemplateParameterFile "./az-100-04_azuredeploy.parameters.json"
-AsJob

❕ Note: Wait for both deployments to complete before you proceed to the next task. You can identify the state of the jobs by
running the Get-Job cmdlet in the Cloud Shell pane.

Task 4: Validate Azure DNS-based name reservation and resolution for the private domain

1. In the Azure portal, navigate to the blade of the az1000402b-vm2 Azure VM.

2. From the Overview pane of the az1000402b-vm2 blade, generate an RDP file and use it to connect to
az1000402b-vm2.

3. When prompted, authenticate by specifying the following credentials:

User name: Student

Password: Pa55w.rd1234

https://microsoftlearning.github.io/AZ-103-MicrosoftAzureAdministrator/Instructions/Labs/04 - Configure Azure DNS (az-100-04b).html 4/6


1/25/2021 AZ-103-MicrosoftAzureAdministrator

4. Within the Remote Desktop session to az1000402b-vm2, start a Command Prompt window and run the
following:

Code  Copy

nslookup az1000402b-vm1.adatum.corp

5. Verify that the name is successfully resolved.

6. Switch back to the lab virtual machine and, in the Cloud Shell pane of the Azure portal window, run the
following in order to create an additional DNS record in the private DNS zone:

Code  Copy

New-AzPrivateDnsRecordSet -ResourceGroupName $rg2.ResourceGroupName -Name www -RecordType A -


ZoneName adatum.corp -Ttl 3600 -PrivateDnsRecords (New-AzPrivateDnsRecordConfig -IPv4Address
"10.104.0.4")

7. Switch again to the Remote Desktop session to az1000402b-vm2 and run the following from the
Command Prompt window:

Code  Copy

nslookup www.adatum.corp

8. Verify that the name is successfully resolved.

❕ Result: After completing this exercise, you have provisioned a multi-virtual network environment, created a private DNS zone,
deployed Azure VMs into virtual networks, and validated Azure DNS-based name reservation and resolution for the private
domain

Exercise 3: Remove lab resources

Task 1: Open Cloud Shell

1. At the top of the portal, click the Cloud Shell icon to open the Cloud Shell pane.

2. At the Cloud Shell interface, select Bash.

3. At the Cloud Shell command prompt, type in the following command and press Enter to list all resource
groups you created in this lab:

Shell  Copy

az group list --query "[?starts_with(name,'az1000')].name" --output tsv

4. Verify that the output contains only the resource groups you created in this lab. These groups will be
deleted in the next task.

Task 2: Delete resource groups

1. At the Cloud Shell command prompt, type in the following command and press Enter to delete the
resource groups you created in this lab

Shell  Copy

https://microsoftlearning.github.io/AZ-103-MicrosoftAzureAdministrator/Instructions/Labs/04 - Configure Azure DNS (az-100-04b).html 5/6


1/25/2021 AZ-103-MicrosoftAzureAdministrator

az group list --query "[?starts_with(name,'az1000')].name" --output tsv | xargs -L1 bash -c


'az group delete --name $0 --no-wait --yes'

2. Close the Cloud Shell prompt at the bottom of the portal.

❕ Result: In this exercise, you removed the resources used in this lab.

https://microsoftlearning.github.io/AZ-103-MicrosoftAzureAdministrator/Instructions/Labs/04 - Configure Azure DNS (az-100-04b).html 6/6

You might also like