--- tags: DevOps, Azure, Gandinet, DNS, Innovation Hub --- # DNS Management in Alkemio ## Problem Definition We would like to be able to automate the provisioning of new Innovation Hubs, to have granular access to the domain management, to have disaster recovery in the domain, to limit cookie authorization issues cross-domain. ## Proposed Solution The proposed solution is to have several top-level domains (TLDs) and to have the DNS as IaaC in terraform. I propose the following structure in our infrastructure-operations repository: - provisioning - terraform - azure - dns - dev - holding the dev-alkem.io domain configuration for our dev env - test - holding the test-alkem.io domain configuration for our test env - acc - holding the acc-alkem.io domain configuration for our acceptance env - sandbox - holding the sandbox-alkem.io domain configuration for our sandbox env - prod - holding the production environment configuration of the Alkemio platform **only** - core - the core configuration for the organization services In my opinion, it is key to have prod and core separated, as an error in DNS configuration of the core services has the potential to lock the whole organization out and generally speaking, to tie up prod and core will naturally limit our innovation cadence as having the inherent risk in core dns changes intertwined with platform changes can hardly be omitted at this moment. ## Progress - There is a [DNS branch](https://github.com/alkem-io/infrastructure-operations/tree/dns) in infra-operations with the current DNS configuraiton entries. - We have the domains in Gandi.net (dev / test / acc / sandbox / prod) ## To be done - Land on DNS design - Operationalize the IaaC DNS via terraform - Configure the separate domains in DNS / terraform + k8s configuration