{"id":49273,"date":"2025-05-05T09:40:51","date_gmt":"2025-05-05T09:40:51","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=49273"},"modified":"2025-05-12T06:27:08","modified_gmt":"2025-05-12T06:27:08","slug":"comprehensive-guide-to-dnscontrol","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/comprehensive-guide-to-dnscontrol\/","title":{"rendered":"Comprehensive Guide to DNSControl"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><a href=\"https:\/\/kat.bio\/blog\/tools-dnscontrol\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/tse3.mm.bing.net\/th?id=OIP.zX7Oo0Vs0zxFqBlAPx7mCAHaEP&amp;pid=Api\" alt=\"'Tools of the Trade: Declarative DNS with DNSControl'\"\/><\/a><\/figure>\n\n\n\n<h1 class=\"wp-block-heading\">Comprehensive Guide to DNSControl<\/h1>\n\n\n\n<h2 class=\"wp-block-heading\">Table of Contents<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li><a href=\"https:\/\/chatgpt.com\/c\/681886f3-22d4-8010-b9b2-b9cc7eb0cf34#introduction-to-dnscontrol\" target=\"_blank\" rel=\"noopener\">Introduction to DNSControl<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/chatgpt.com\/c\/681886f3-22d4-8010-b9b2-b9cc7eb0cf34#key-features-of-dnscontrol\" target=\"_blank\" rel=\"noopener\">Key Features of DNSControl<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/chatgpt.com\/c\/681886f3-22d4-8010-b9b2-b9cc7eb0cf34#how-dnscontrol-works\" target=\"_blank\" rel=\"noopener\">How DNSControl Works<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/chatgpt.com\/c\/681886f3-22d4-8010-b9b2-b9cc7eb0cf34#dnscontrol-workflow\" target=\"_blank\" rel=\"noopener\">DNSControl Workflow<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/chatgpt.com\/c\/681886f3-22d4-8010-b9b2-b9cc7eb0cf34#understanding-dnscontrol-terminology\" target=\"_blank\" rel=\"noopener\">Understanding DNSControl Terminology<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/chatgpt.com\/c\/681886f3-22d4-8010-b9b2-b9cc7eb0cf34#step-by-step-tutorial-setting-up-dnscontrol\" target=\"_blank\" rel=\"noopener\">Step-by-Step Tutorial: Setting Up DNSControl<\/a><\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction to DNSControl<\/h2>\n\n\n\n<p>DNSControl is an open-source tool developed by Stack Exchange to manage DNS zones across multiple providers using a declarative, code-driven approach. It allows system administrators and DevOps teams to define DNS records in a high-level configuration file, which can then be pushed to various DNS providers. This approach brings version control, automation, and consistency to DNS management. (<a href=\"https:\/\/www.bytebase.com\/blog\/top-infrastructure-as-code-iac-tools?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Bytebase<\/a>, <a href=\"https:\/\/github.com\/StackExchange\/dnscontrol?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">2. Key Features of DNSControl<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Multi-Provider Support<\/strong>: DNSControl supports over 35 DNS providers, including AWS Route 53, Cloudflare, Google DNS, and BIND. (<a href=\"https:\/\/dnscontrol.org\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DNSControl<\/a>)<\/li>\n\n\n\n<li><strong>Declarative Configuration<\/strong>: DNS records are defined using a JavaScript-like Domain Specific Language (DSL), making configurations readable and maintainable.(<a href=\"https:\/\/kat.bio\/blog\/tools-dnscontrol?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">SphericalKat<\/a>)<\/li>\n\n\n\n<li><strong>Version Control Integration<\/strong>: Configurations are stored in files compatible with Git, enabling history tracking, collaboration, and rollback capabilities.<\/li>\n\n\n\n<li><strong>Automation and CI\/CD<\/strong>: Supports automated deployments and testing, allowing DNS changes to be part of a continuous integration pipeline.(<a href=\"https:\/\/dnscontrol.org\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DNSControl<\/a>)<\/li>\n\n\n\n<li><strong>Extensibility<\/strong>: The provider model is extensible, allowing the addition of new DNS providers and registrars as needed.(<a href=\"https:\/\/kat.bio\/blog\/tools-dnscontrol?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">SphericalKat<\/a>)<\/li>\n\n\n\n<li><strong>Cloudflare Integration<\/strong>: Direct control over Cloudflare settings, including enabling\/disabling the &#8220;orange cloud&#8221; proxy feature.(<a href=\"https:\/\/dnscontrol.org\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DNSControl<\/a>)<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">3. How DNSControl Works<\/h2>\n\n\n\n<p>DNSControl operates through a two-step process:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Configuration<\/strong>: Users define their DNS records in a <code>dnsconfig.js<\/code> file using the DSL. This file specifies domains, record types, TTLs, and associated providers.(<a href=\"https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-deploy-and-manage-your-dns-using-dnscontrol-on-debian-10?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DigitalOcean<\/a>)<\/li>\n\n\n\n<li><strong>Execution<\/strong>: The <code>dnscontrol<\/code> command-line tool processes the configuration file and applies the changes to the specified DNS providers. The tool supports commands like <code>preview<\/code> to simulate changes and <code>push<\/code> to apply them. (<a href=\"https:\/\/blog.serverfault.com\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Server Fault Blog<\/a>)<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">4. DNSControl Workflow<\/h2>\n\n\n\n<p>A typical workflow with DNSControl involves:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Define<\/strong>: Create or update the <code>dnsconfig.js<\/code> file to reflect desired DNS records.<\/li>\n\n\n\n<li><strong>Preview<\/strong>: Run <code>dnscontrol preview<\/code> to see a simulation of the changes without applying them.<\/li>\n\n\n\n<li><strong>Review<\/strong>: Examine the output for any errors or unintended changes.<\/li>\n\n\n\n<li><strong>Push<\/strong>: Execute <code>dnscontrol push<\/code> to apply the changes to the live DNS providers.(<a href=\"https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-deploy-and-manage-your-dns-using-dnscontrol-on-debian-10?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DigitalOcean<\/a>)<\/li>\n\n\n\n<li><strong>Monitor<\/strong>: Verify the changes using DNS lookup tools like <code>dig<\/code> or through the provider&#8217;s dashboard.<\/li>\n<\/ul>\n\n\n\n<p>This workflow ensures that DNS changes are deliberate, tested, and traceable.(<a href=\"https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-deploy-and-manage-your-dns-using-dnscontrol-on-debian-10?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DigitalOcean<\/a>)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Understanding DNSControl Terminology<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Registrar<\/strong>: An entity responsible for managing domain registrations. In DNSControl, registrars are defined using <code>NewRegistrar()<\/code>.(<a href=\"https:\/\/zeller.sh\/article\/cloud\/dnspipeline.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Zeller.sh<\/a>)<\/li>\n\n\n\n<li><strong>DNS Provider<\/strong>: A service that hosts DNS records for domains. Defined using <code>NewDnsProvider()<\/code>.(<a href=\"https:\/\/zeller.sh\/article\/cloud\/dnspipeline.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Zeller.sh<\/a>)<\/li>\n\n\n\n<li><strong>Domain<\/strong>: A specific DNS zone, such as <code>example.com<\/code>, managed within DNSControl.(<a href=\"https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-deploy-and-manage-your-dns-using-dnscontrol-on-debian-10?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DigitalOcean<\/a>)<\/li>\n\n\n\n<li><strong>Record Types<\/strong>: DNS entries like A, AAAA, MX, CNAME, TXT, etc., defined using functions like <code>A()<\/code>, <code>AAAA()<\/code>, <code>MX()<\/code>, etc.<\/li>\n\n\n\n<li><strong>TTL (Time to Live)<\/strong>: The duration for which a DNS record is cached, specified using <code>TTL()<\/code>.<\/li>\n\n\n\n<li><strong>Macros and Variables<\/strong>: Reusable values or functions that simplify configurations and ensure consistency.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">6. Step-by-Step Tutorial: Setting Up DNSControl<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisites<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A domain registered with a supported registrar.(<a href=\"https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-deploy-and-manage-your-dns-using-dnscontrol-on-debian-10?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DigitalOcean<\/a>)<\/li>\n\n\n\n<li>A DNS provider account (e.g., Cloudflare, AWS Route 53).(<a href=\"https:\/\/github.com\/StackExchange\/dnscontrol?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>)<\/li>\n\n\n\n<li>A server or local machine with Go installed.(<a href=\"https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-deploy-and-manage-your-dns-using-dnscontrol-on-debian-10?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DigitalOcean<\/a>)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Installation<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Install Go<\/strong>: Ensure Go version 1.18 or higher is installed on your system.(<a href=\"https:\/\/github.com\/StackExchange\/dnscontrol\/blob\/main\/documentation\/getting-started.md?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>)<\/li>\n\n\n\n<li><strong>Install DNSControl<\/strong>: Run the following command to install DNSControl: <code>go install github.com\/StackExchange\/dnscontrol\/v3@latest<\/code><\/li>\n<\/ol>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>Verify Installation<\/strong>: Check the installed version:(<a href=\"https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-deploy-and-manage-your-dns-using-dnscontrol-on-debian-10?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">DigitalOcean<\/a>) <code>dnscontrol version<\/code><\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Configuration<\/h3>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-1\" data-shcb-language-name=\"PHP\" data-shcb-language-slug=\"php\"><span><code class=\"hljs language-php\"><span class=\"hljs-comment\"># Configuration<\/span>\n\n<span class=\"hljs-comment\">## Create Configuration Directory:<\/span>\nmkdir ~\/dnscontrol\ncd ~\/dnscontrol\n\n<span class=\"hljs-comment\">## Define Providers: In dnsconfig.js, define the registrar and DNS provider:<\/span>\n<span class=\"hljs-keyword\">var<\/span> REG_NAMECOM = NewRegistrar(<span class=\"hljs-string\">'name.com'<\/span>);\n<span class=\"hljs-keyword\">var<\/span> DNS_CLOUDFLARE = NewDnsProvider(<span class=\"hljs-string\">'cloudflare'<\/span>);\n\n<span class=\"hljs-comment\">## Define Domain and Records:<\/span>\nD(<span class=\"hljs-string\">'example.com'<\/span>, REG_NAMECOM, DnsProvider(DNS_CLOUDFLARE),\n  A(<span class=\"hljs-string\">'@'<\/span>, <span class=\"hljs-string\">'192.0.2.1'<\/span>),\n  CNAME(<span class=\"hljs-string\">'www'<\/span>, <span class=\"hljs-string\">'@'<\/span>),\n  MX(<span class=\"hljs-string\">'@'<\/span>, <span class=\"hljs-number\">10<\/span>, <span class=\"hljs-string\">'mail.example.com.'<\/span>)\n);\n\n<span class=\"hljs-comment\">## Configure Credentials: Create a creds.json file with your provider credentials:<\/span>\n{\n  <span class=\"hljs-string\">\"cloudflare\"<\/span>: {\n    <span class=\"hljs-string\">\"TYPE\"<\/span>: <span class=\"hljs-string\">\"CLOUDFLAREAPI\"<\/span>,\n    <span class=\"hljs-string\">\"accountid\"<\/span>: <span class=\"hljs-string\">\"&lt;account-id&gt;\"<\/span>,\n    <span class=\"hljs-string\">\"apitoken\"<\/span>: <span class=\"hljs-string\">\"&lt;api-token&gt;\"<\/span>\n  }\n}\n\n<span class=\"hljs-comment\"># Deployment<\/span>\n\n<span class=\"hljs-comment\">## Preview Changes: Simulate the changes without applying them:<\/span>\ndnscontrol preview\n\n<span class=\"hljs-comment\">## Apply Changes: Push the changes to the DNS provider:<\/span>\ndnscontrol push\n\n<span class=\"hljs-comment\">## Verify Changes: Check the DNS records using dig or through the provider's dashboard.<\/span>\n<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-1\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">PHP<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">php<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Deployment<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Preview Changes<\/strong>: Simulate the changes without applying them:(<a href=\"https:\/\/etoews.github.io\/blog\/2019\/11\/07\/gitops-is-reconciling-a-desired-state-in-git-with-a-runtime-environment\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">etoews<\/a>) <code>dnscontrol preview<\/code><\/li>\n<\/ol>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>Apply Changes<\/strong>: Push the changes to the DNS provider:(<a href=\"https:\/\/blog.serverfault.com\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Server Fault Blog<\/a>) <code>dnscontrol push<\/code><\/li>\n<\/ol>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>Verify Changes<\/strong>: Check the DNS records using <code>dig<\/code> or through the provider&#8217;s dashboard.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Additional Resources<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Official Documentation<\/strong>: For detailed information and advanced configurations, refer to the <a href=\"https:\/\/docs.dnscontrol.org\/\" target=\"_blank\" rel=\"noopener\">DNSControl Documentation<\/a>.<\/li>\n\n\n\n<li><strong>GitHub Repository<\/strong>: Access the source code and contribute to the project on <a href=\"https:\/\/github.com\/StackExchange\/dnscontrol\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>.(<a href=\"https:\/\/github.com\/StackExchange\/dnscontrol?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>)<\/li>\n\n\n\n<li><strong>Community Discussions<\/strong>: Engage with the community and seek support through <a href=\"https:\/\/stackoverflow.com\/questions\/tagged\/dnscontrol\" target=\"_blank\" rel=\"noopener\">Stack Overflow<\/a>.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>By adopting DNSControl, organizations can streamline their DNS management processes, reduce errors, and enhance collaboration through version-controlled configurations. Its extensibility and automation capabilities make it a valuable tool for modern infrastructure management.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">DNSControl <code>dnsconfig.js<\/code> Tutorial<\/h2>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83e\udde9 What is <code>dnsconfig.js<\/code>?<\/h2>\n\n\n\n<p><code>dnsconfig.js<\/code> is the configuration file used by <strong>DNSControl<\/strong>, an infrastructure-as-code tool for managing DNS records in code, across multiple DNS providers like Google Cloud DNS, AWS Route 53, Cloudflare, and more.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83d\udcd1 Core Block Types<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Block \/ Function<\/th><th>Purpose<\/th><\/tr><\/thead><tbody><tr><td><code>NewRegistrar()<\/code><\/td><td>Defines your domain registrar (e.g., Namecheap, GoDaddy)<\/td><\/tr><tr><td><code>NewDnsProvider()<\/code><\/td><td>Defines your DNS provider (e.g., Cloudflare, GCP, AWS)<\/td><\/tr><tr><td><code>D()<\/code><\/td><td>Declares a DNS zone (domain) and its records<\/td><\/tr><tr><td><code>TTL()<\/code><\/td><td>Sets TTL (Time To Live) in seconds<\/td><\/tr><tr><td>Record functions<\/td><td>Add DNS records like A, CNAME, MX, TXT, NS, SRV, CAA, PTR<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83d\udcd1 Example DNS Records in Code<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Record Type<\/th><th>Example JS Code<\/th><\/tr><\/thead><tbody><tr><td><code>A<\/code><\/td><td><code>A(\"www\", \"192.0.2.1\")<\/code><\/td><\/tr><tr><td><code>CNAME<\/code><\/td><td><code>CNAME(\"blog\", \"gh-pages.github.com.\")<\/code><\/td><\/tr><tr><td><code>MX<\/code><\/td><td><code>MX(\"@\", 10, \"mail1.example.com.\")<\/code><\/td><\/tr><tr><td><code>TXT<\/code><\/td><td><code>TXT(\"@\", \"v=spf1 include:_spf.google.com ~all\")<\/code><\/td><\/tr><tr><td><code>NS<\/code><\/td><td><code>NS(\"staging\", [\"ns1.example.com.\", \"ns2.example.com.\"])<\/code><\/td><\/tr><tr><td><code>CAA<\/code><\/td><td><code>CAA(\"@\", \"issue\", \"letsencrypt.org\")<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u2705 Setup DNS Providers and Registrar<\/h2>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-2\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">var<\/span> REG_NONE = NewRegistrar(<span class=\"hljs-string\">\"none\"<\/span>, <span class=\"hljs-string\">\"NONE\"<\/span>); <span class=\"hljs-comment\">\/\/ No registrar automation<\/span>\n<span class=\"hljs-keyword\">var<\/span> GCLOUD = NewDnsProvider(<span class=\"hljs-string\">\"gcp\"<\/span>, <span class=\"hljs-string\">\"GCP\"<\/span>); <span class=\"hljs-comment\">\/\/ Google Cloud DNS<\/span>\n<span class=\"hljs-keyword\">var<\/span> CLOUDFLARE = NewDnsProvider(<span class=\"hljs-string\">\"cf\"<\/span>, <span class=\"hljs-string\">\"CLOUDFLAREAPI\"<\/span>); <span class=\"hljs-comment\">\/\/ Cloudflare<\/span>\n<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-2\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83e\udde0 Full <code>dnsconfig.js<\/code> with Multi-Zone Example<\/h2>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-3\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-comment\">\/\/ Define DNS providers<\/span>\n<span class=\"hljs-keyword\">var<\/span> REG_NONE = NewRegistrar(<span class=\"hljs-string\">\"none\"<\/span>, <span class=\"hljs-string\">\"NONE\"<\/span>);\n<span class=\"hljs-keyword\">var<\/span> GCLOUD = NewDnsProvider(<span class=\"hljs-string\">\"gcp\"<\/span>, <span class=\"hljs-string\">\"GCP\"<\/span>);\n<span class=\"hljs-keyword\">var<\/span> CLOUDFLARE = NewDnsProvider(<span class=\"hljs-string\">\"cf\"<\/span>, <span class=\"hljs-string\">\"CLOUDFLAREAPI\"<\/span>);\n\n<span class=\"hljs-comment\">\/\/ -------------------------------------<\/span>\n<span class=\"hljs-comment\">\/\/ DevOpsSchool.com - Root domain on Google Cloud DNS<\/span>\n<span class=\"hljs-comment\">\/\/ -------------------------------------<\/span>\nD(<span class=\"hljs-string\">\"DevOpsSchool.com\"<\/span>, REG_NONE, DnsProvider(GCLOUD),\n  A(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-string\">\"192.0.2.1\"<\/span>),                         <span class=\"hljs-comment\">\/\/ Root domain<\/span>\n  A(<span class=\"hljs-string\">\"api\"<\/span>, <span class=\"hljs-string\">\"192.0.2.2\"<\/span>),                       <span class=\"hljs-comment\">\/\/ api.DevOpsSchool.com<\/span>\n  CNAME(<span class=\"hljs-string\">\"www\"<\/span>, <span class=\"hljs-string\">\"DevOpsSchool.com.\"<\/span>),          <span class=\"hljs-comment\">\/\/ www -&gt; root<\/span>\n  TXT(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-string\">\"v=spf1 include:_spf.google.com ~all\"<\/span>), <span class=\"hljs-comment\">\/\/ SPF<\/span>\n  MX(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-number\">10<\/span>, <span class=\"hljs-string\">\"aspmx.l.google.com.\"<\/span>),         <span class=\"hljs-comment\">\/\/ Mail<\/span>\n  MX(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-number\">20<\/span>, <span class=\"hljs-string\">\"alt1.aspmx.l.google.com.\"<\/span>),\n  CAA(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-string\">\"issue\"<\/span>, <span class=\"hljs-string\">\"letsencrypt.org\"<\/span>),       <span class=\"hljs-comment\">\/\/ SSL CAA<\/span>\n  NS(<span class=\"hljs-string\">\"staging\"<\/span>, &#91;<span class=\"hljs-string\">\"ns1.stagingdns.com.\"<\/span>, <span class=\"hljs-string\">\"ns2.stagingdns.com.\"<\/span>]) <span class=\"hljs-comment\">\/\/ Delegate staging<\/span>\n);\n\n<span class=\"hljs-comment\">\/\/ -------------------------------------<\/span>\n<span class=\"hljs-comment\">\/\/ evp.DevOpsSchool.com - Separate subdomain zone on Cloudflare<\/span>\n<span class=\"hljs-comment\">\/\/ -------------------------------------<\/span>\nD(<span class=\"hljs-string\">\"evp.DevOpsSchool.com\"<\/span>, REG_NONE, DnsProvider(CLOUDFLARE),\n  A(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-string\">\"198.51.100.1\"<\/span>),\n  CNAME(<span class=\"hljs-string\">\"app\"<\/span>, <span class=\"hljs-string\">\"evp.DevOpsSchool.com.\"<\/span>),\n  TXT(<span class=\"hljs-string\">\"_acme-challenge\"<\/span>, <span class=\"hljs-string\">\"xyz123-challenge-value\"<\/span>),\n  NS(<span class=\"hljs-string\">\"uat\"<\/span>, &#91;<span class=\"hljs-string\">\"ns1.uat-zone.net.\"<\/span>, <span class=\"hljs-string\">\"ns2.uat-zone.net.\"<\/span>]), <span class=\"hljs-comment\">\/\/ Delegate uat<\/span>\n  NS(<span class=\"hljs-string\">\"stg.aws\"<\/span>, &#91;\n    <span class=\"hljs-string\">\"ns-123.awsdns-45.com.\"<\/span>,\n    <span class=\"hljs-string\">\"ns-456.awsdns-78.net.\"<\/span>,\n    <span class=\"hljs-string\">\"ns-789.awsdns-12.co.uk.\"<\/span>,\n    <span class=\"hljs-string\">\"ns-321.awsdns-34.org.\"<\/span>\n  ])\n);\n\n<span class=\"hljs-comment\">\/\/ -------------------------------------<\/span>\n<span class=\"hljs-comment\">\/\/ uat.evp.DevOpsSchool.com - Separate zone on Google Cloud DNS<\/span>\n<span class=\"hljs-comment\">\/\/ -------------------------------------<\/span>\nD(<span class=\"hljs-string\">\"uat.evp.DevOpsSchool.com\"<\/span>, REG_NONE, DnsProvider(GCLOUD),\n  A(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-string\">\"198.51.100.100\"<\/span>),\n  A(<span class=\"hljs-string\">\"api\"<\/span>, <span class=\"hljs-string\">\"198.51.100.101\"<\/span>),\n  TXT(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-string\">\"uat-verification=token-uat-abc\"<\/span>)\n);\n\n<span class=\"hljs-comment\">\/\/ -------------------------------------<\/span>\n<span class=\"hljs-comment\">\/\/ RajeshKumar.xyz - Production zone<\/span>\n<span class=\"hljs-comment\">\/\/ -------------------------------------<\/span>\nD(<span class=\"hljs-string\">\"RajeshKumar.xyz\"<\/span>, REG_NONE, DnsProvider(GCLOUD),\n  A(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-string\">\"203.0.113.5\"<\/span>),\n  MX(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-number\">10<\/span>, <span class=\"hljs-string\">\"mail.RajeshKumar.xyz.\"<\/span>),\n  TXT(<span class=\"hljs-string\">\"@\"<\/span>, <span class=\"hljs-string\">\"google-site-verification=abc123\"<\/span>),\n  CNAME(<span class=\"hljs-string\">\"support\"<\/span>, <span class=\"hljs-string\">\"zendesk.example.com.\"<\/span>)\n);\n<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-3\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83e\uddea Practical Use<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Command<\/th><th>Purpose<\/th><\/tr><\/thead><tbody><tr><td><code>dnscontrol preview<\/code><\/td><td>Shows what changes will be made<\/td><\/tr><tr><td><code>dnscontrol push<\/code><\/td><td>Applies DNS changes<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83d\udd0d Key Concepts Demonstrated<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Concept<\/th><th>Present in Example?<\/th><th>Notes<\/th><\/tr><\/thead><tbody><tr><td>Multiple providers<\/td><td>\u2705 Yes<\/td><td>Google Cloud DNS, Cloudflare<\/td><\/tr><tr><td>Multiple zones\/domains<\/td><td>\u2705 Yes<\/td><td>DevOpsSchool.com, RajeshKumar.xyz<\/td><\/tr><tr><td>Subdomain delegation via NS<\/td><td>\u2705 Yes<\/td><td><code>staging<\/code>, <code>uat<\/code>, <code>stg.aws<\/code> subdomain zones<\/td><\/tr><tr><td>A\/CNAME\/MX\/TXT\/CAA records<\/td><td>\u2705 Yes<\/td><td>All record types demonstrated<\/td><\/tr><tr><td>Real-world structure<\/td><td>\u2705 Yes<\/td><td>Mimics staging\/uat\/production setup<\/td><\/tr><\/tbody><\/table><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Comprehensive Guide to DNSControl Table of Contents 1. Introduction to DNSControl DNSControl is an open-source tool developed by Stack Exchange to manage DNS zones across multiple providers using a declarative,&#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[2],"tags":[],"class_list":["post-49273","post","type-post","status-publish","format-standard","hentry","category-uncategorised"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/49273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=49273"}],"version-history":[{"count":3,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/49273\/revisions"}],"predecessor-version":[{"id":49308,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/49273\/revisions\/49308"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=49273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=49273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=49273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}