Provision Service Point v4 in Azure - BlueCat DNS Edge

DNS Edge Deployment Guide (Service Point v4)
Locale
English
Product name
BlueCat DNS Edge

This section gives detailed instructions for provisioning Service Point v4 in Azure.

Before you begin:

  • If your Service Point v4 VM requires static network configuration, you must first create and configure a network interface on Azure before proceeding to provision the Service Point v4 VM. Once booted, the IP address of the Service Point v4 VM currently cannot be changed. The VM must have a correctly configured NIC attached before its first boot. For more information on configuring a network interface, refer to Setting up the network configuration on Azure.
  • You must have the configuration file from when you created the Service Point v4 instance in the Edge CI. For more information, refer to Provision Service Point v4 on cloud environments.
Setting up the network configuration on Azure:
  1. Log in to the Azure portal.
  2. Click Create a resource.
  3. Search for Virtual Network, and select Virtual Network.
  4. Click Create.
  5. In the Basics tab, complete the following required settings:
    • Subscription: Select your subscription.
    • Resource Group: Create a new resource group or select an existing resource group.
    • Virtual machine name: Enter a name for the network.
    • Region: Choose your Azure region. BlueCat recommends that you choose an Azure region where the BlueCat recommended default instance size of Standard_F4s_v2 is available.
  6. In the IP Addresses tab, complete the following required settings:
    • IPv4 address space: Enter an IPv4 address space in CIDR notation.
    • (Optional) IPv6 address space: Enter an IPv6 address space in CIDR notation.
      Note:
    • Add subnet: Enter the name of the subnet and the subnet range for the IPv4 and IPv6 address space created (if applicable).
  7. When you are done, click Review + create to start the validation process. When validation is complete, click Create to create the network.

Make note of the Virtual Network name and Subnet name, as these will be used for provisioning the Service Point v4 VM.

Provisioning Service Point v4 on Azure:
  1. Log in to the Azure portal.
  2. Click Create a resource.
  3. Search for BlueCat, and select BlueCat DNS Edge Service Point v4: Advanced Setup. Optionally, you can open the Marketplace blade from your Dashboard to search.
  4. Click Create. The Create a virtual machine page opens with BlueCat DNS Edge Service Point v4 as the image.
  5. In the Basics tab, complete the following required settings:
    • Subscription: Select your subscription.
    • Resource Group: Create a new resource group or select an existing resource group.
    • Virtual machine name: Enter a name for the VM.
    • Region: Choose your Azure region. BlueCat recommends that you choose an Azure region where the BlueCat recommended default instance size of Standard_F4s_v2 is available.
    • Availability zone: Select the availability zone. For more information, refer to http://go.microsoft.com/fwlink/?LinkId=2189629.
    • Size: Select the size of the VM. BlueCat recommends configuring an instance size of Standard_F4s_v2.
    • Authentication type: Select Password.
      Attention: These fields are required only to bypass the Azure validation process when creating a VM. The SSH public keys will be configured when entering content from the service point configuration file in the User Data field later in the provisioning process.
  6. In the Disks tab, complete the following required settings:
    • OS disk type: Select your preferred disk type. BlueCat recommends configuring Standard SSD.
    • Enable the Delete with VM option to ensure that the resource created is deleted with the VM.
  7. In the Networking tab, complete the following required settings:
    • Select the Virtual Network previously created.
    • Enable the Delete NIC when VM is deleted option.
  8. In the Management tab, you can configure optional monitoring and management options for your VM. For most environments, BlueCat recommends that you keep the default system settings values when possible. Only change these settings where your environment requires it.
  9. In the Advanced tab, navigate to the User Data section and complete the following required settings:
    • Enable the Enable user data option.
    • Within the User data field, enter the contents of the decoded base64 file provided by the Edge Cloud when creating the service point.
      Attention: You must decode the contents of the configuration file using any base64 decoding tool before entering the contents in the User Data field.
  10. In the Tags tab, you can configure optional tags to which your VM will be associated.
  11. When you are done, click Review + create to start the validation process.

Opening ports on the Service Point v4 VM:

Once you have provisioned your Service Point v4 VM, you must open certain ports to ensure that it can connect to the Edge Cloud and function correctly. The following ports and protocols must be opened on the Service Point v4 VM in Azure:
  • Port 22 (TCP)—used for SSH connections.
  • Port 53 (TCP and UDP)—used for DNS service.
  • Port 2021 (TCP)—used for DNS resolver service diagnostics.
  • Port 8083 (TCP)—used for Service Point v4 telemetry APIs.

For more information on opening ports on VMs in Azure, refer to https://docs.microsoft.com/en-us/azure/virtual-machines/windows/nsg-quickstart-portal.

After you have opened the ports on the service point, you can start the VM.

Once you have provisioned the Service Point v4 VM, you can deploy DNS resolver service. For more information, refer to DNS resolver services.

Attention: You can use the Service Point v4 telemetry APIs to verify that the Service Point v4 VM has successfully registered. The registrationStatus field within the Service Point v4 telemetry API response returns a value of REGISTERED when the Service Point v4 VM has successfully registered with the DNS Edge Cloud. If the value is not REGISTERED, this may indicate that there is an issue with the service point provisioning and the service point may not operate as intended.

For more information on the Service Point v4 telemetry APIs, refer to Service Point v4 Telemetry APIs.