Getting Started with Amazon Route 53 DNS

Let me start out by saying that the Amazon’s Route 53 (R53) is new… brand new.  In fact, it’s still tagged with “beta” after the name.  As well, know before hand that this method isn’t for the faint of heart;  it’s very in depth and will take some time to get started.  I assume at some point that a software developer will create an “app” that will set this up automatically – if not get you well on your way.  For now, you’re stuck with my awesomeness…

Here’s how you get things rolling.  I am using a Linux – CentOS 5.5 machine to do my work but this is NOT mandatory in any way.  Others are using Windows machines and some have used Solaris to work with R53.  As you will see, this all revolves around your Perl install and the modules that go with it.

Let’s get Perl setup correctly.  This is the one part I am most definitely not an expert on, so if you have a better way of doing this, let me know.  The following Perl modules need to be in place for R53 to work properly:

• Digest::HMAC_SHA1
• FindBin
• MIME::Base64
• Getopt::Long
• File::Temp
• File::Basename
• Fcntl
• IO::Handle

At your prompt, start CPAN and install the modules needed to run R53 correctly:

1. [root@dmzus]# cpan
2. [root@dmzus]# force install <module>

NOTE:  <module> above is actually Digest::HMAC_SHA1, FindBin, etc., etc., listed above.  Those modules are cAsE sensitive.  Some of these modules take a bit to install, so you’ll have to be patient.

Once you run through that crap, we can move on to setting up a zone file:

1. Grab the lastest dnscurl.pl file from Amazon and make it executable:
   1. [root@dmzus]# wget http://awsmedia.s3.amazonaws.com/catalog/attachments/dnscurl.pl
   2. [root@dmzus]# chmod +x dnscurl.pl
2. Create an XML file to make a new request to add a host file to your account (using nano or vi):
   1. [root@dmzus]# nano mynewrequest.xml
   2. Click here to copy my example content and paste into your file.
3. Setup and activate your Amazon Secret Keys (click here).  You’ll need both your ID and Key…
4. Create a new file to place your ID and Key into.  IMPORTANT:  make sure the file is named .aws-secrets
   1. [root@dmzus]# nano .aws-secrets
   2. Click here to copy my example content and paste into your file.
5. Change permissions of the .aws-secrets file and move it into your user’s home folder.  On my Linux box, I set all this up as the “root” user (yeah, yeah, I know…bad form) so my .aws-secrets file had to be in the /root folder:
   1. [root@dmzus]# mv .aws-secrets /root/.aws-secrets
   2. [root@dmzus]# chmod 600 /root/.aws-secrets
6. Next, we need to send our request to Amazon to have a zone file created:
   1. [root@dmzus]# ./dnscurl.pl –keyname my-aws-account — -H “Content-Type: text/xml; charset=UTF-8″ -X POST –upload-file ./mynewrequest.xml https://route53.amazonaws.com/2010-10-01/hostedzone
   2. NOTE:  That last command we just ran included a .xml file name (mynewrequest.xml).  Make sure you rename this file to match the one you created in step 2.1.  Also, in the above command you will see “my-aws-account.”  That stays there.
   3. You should receive something back like this.  Two VERY important things to remember here:  your /hostedzone/ID and your /change/ID.  You’ll notice in my example these ID’s are Z21DW1QVGID6NG and C24LD0DUV5VOVE, respectively.
7. Now, let’s add some records to our newly created zone file:
   1. [root@dmzus]# nano myzonefile.xml
   2. Click here to see an example zone file.  It includes a wildcard, A, CNAME, MX, and TXT records.  Change it to fit your needs…
8. Once you have created your new .xml file containing your records, we need to send it to Amazon:
   1. [root@dmzus]# ./dnscurl.pl –keyname my-aws-account — -H “Content-Type: text/xml; charset=UTF-8″ -X POST –upload-file ./myexampledns.xml https://route53.amazonaws.com/2010-10-01/hostedzone/Z21DW1QVGID6NG/rrset
   2. NOTE:  In the above command, notice two things:  name sure you change the filename in the command with the one you created in step 7.1.  Also, make sure you change the ID in the command above with your ZONE ID (the ID that starts with a “Z”) from step 6.1.
9. We need to verify that everything is now in lock-step with Amazon and your domain:
   1. [root@dmzus]# ./dnscurl.pl –keyname my-aws-account — -H “Content-Type: text/xml; charset=UTF-8″ https://route53.amazonaws.com/2010-10-01/change/C24LD0DUV5VOVE
   2. NOTE:  with the above command, make sure you are using your CHANGE ID (the ID that starts with a “C”) from step 6.1, NOT your Zone ID.
   3. After running the command above, you should see a response from Amazon.  What you are looking for is the results between the “status” tags.  It will say “PENDING” or “INSYNC.”  Once it says “INSYNC,” move on to step 10.
10. The last thing we need to do here is grab the appropriate name servers from Amazon so you can update your domain at the registrar:
    1. [root@dmzus]# ./dnscurl.pl –keyname my-aws-account — -H “Content-Type: text/xml; charset=UTF-8″ https://route53.amazonaws.com/2010-10-01/hostedzone/Z21DW1QVGID6NG
    2. You should receive back results from Amazon that list 4 name servers that looks something like ns-01.awsdns-00.com. You should have one from .com, .net, .org, and .co.uk.
    3. Take those name servers, update your registrar, wait for propagation, and you’ll be up and running using Amazon’s DNS service.

I realize this article is very long but I hope it helps walk you through the initial steps of getting setup on Route 53.  Over the next few days, I’ll write more articles on how to change and delete your zones from Amazon.  Please let me know if you find any errors here!