Recently I had an exceedingly poor experience with my external DNS provider, Namecheap. After they had some mail issues, their 2FA emails weren’t coming through…. I could see they weren’t even hitting O365… but of course, their support refused to acknowledge this – and went down a path of (bizarrely) insistently asking for a scan of government issued ID – very scammer like. This was enough to make me re-evaluate my external services and where they lived – with a specific view to bringing them into Azure…
Why bring all the services into O365/Azure ?
- One provider… and MS are a provider that isn’t disappearing anytime soon. I can’t see us moving away from O365 in the foreseeable future – so if that service is anchored – why not move others towards it ?
- Azure management interface and scripting are generally pretty good
- MS support is generally terrible…. But they have never tried to get me to send a government issued photo ID. Community support around Azure/O365 varies greatly – but there are many great blog articles etc around.
- Cost – MS partners can get Azure credit with some partnership options – some months I use it all – other months I don’t – so it makes sense to use as much of the credit as possible
DNS
DNS seemed like the easiest candidate and it was also the service that was about to expire on Namecheap.
I logged a call with O365 support, asking about transferring a DNS zone into O365/Azure… The guy was actually reasonably nice and tried to be helpful – but seemed to have it in his head that DNS was a website or something…. Anyway, the upshot of the conversation was “no, you can’t transfer in… you can only use O365 DNS if you purchased the domain from MS”
After this I went off did some searching and found the incredibly aptly named Azure DNS.
5 minutes later, it was all setup and ready to go
- Go to the Azure portal
- Create resource
- Networking -> DNS Zone
- Create
- Select your subscription, resource group and zone name
- Add your records
- I only had approx. 15 records to add, so I added them manually – which allowed me to do a mini-cleanup at the same time.
- If you have a larger zone – you will likely want something like this – https://joestechspace.com/blog/migrating-dns-to-azure-dns
I tested the service before updating my registrar using
Nslookup <record name> ns1-02.azure-dns.com.
I then waited a few days – as I wanted to see how much the DNS zone would cost without usage (as Azure pricing pages are exceedingly difficult to decipher IMO) – and while this will obviously vary greatly for everyone – for my zone after 5 days (with no traffic mind you) – the cost for that service was a whopping $0.05.
Based on that, I updated my registrar to point to the Azure DNS servers, then ran an O365 check – just in case – and all was good.
Domain transfer
Given the above conversation, I thought it was unlikely, but quickly found these items via google
https://jrudlin.github.io/2018/10/27/domain-name-registration-transfer-to-azure-app-service-domains/
So it is possible – but is a bit of kludge… additionally, according to the first forum post at least – the ability to “transfer in” in on the MS radar
Given my domain registrations for my current domains does not run out until 2024 – I am going to wait until they are closer to expiry – then come back and see if MS have an officially supported method of transferring domain registration into O365/Azure.
WordPress
WordPress on Azure went GA in August 2022 – and you can find some details about it here – https://learn.microsoft.com/en-us/azure/app-service/quickstart-wordpress
Unfortunately, when going to https://portal.azure.com/#create/WordPress.WordPress – I am immediately presented with “MySQLFlexible server is not available for your selection of subscription and location”… changing location does nothing – so its something to do with my partner subscription…. Wouldn’t want partners to be able explore your product set and become more familiar with the wide range of Azure offerings…. (or write blog posts on how to use their products) – can’t have that! Geez MS licensing people make some whacky fucking decisions.
Static Websites
Last up was my company website, which is a static HTML website. After some google, I found there were a few methods, such as using an Azure storage account – but that seemed to have some limitations around certificate assignment and host headers (from reading other posts). The other main option appeared to be Azure static web apps – which was a more complete offering, but also more complex. It required linkage to a GitHub or Azure DevOps account and asked me a bunch of questions that I had NFI about. Remember, I’m an infra nerd… so once it goes past PowerShell (or VBScript.. or JSON if I have to) – its all quantum realm magic to me.
Anyway, after some reading and making a few mistakes, the rough process is:
- Create a GitHub account (I went GitHub – since I already had an account and some code in there)
- Create a project in GitHub
- Upload the static html/css site to the GitHub project
- For whatever reason, only about 90% of the files uploaded first try – but there were no errors. I only found out some files were missing when I tried to use the published website. I’m a newbie to Github – so maybe I did something wrong – but its worth looking out for
- Go to the Azure portal
- Create resource
- Search for “Static Web app”
- Create
- Select your subscription, resource group and name
- Select your hosting plan…. Free is obviously a good place to start – you can always upgrade it later
- Deployment details – I selected “GitHub”
- Authorise the connection between the static web app and GitHub
- The site will now be ready via the Azure URL – which is great for testing to make sure everything is correct
- My site was ready fairly quickly – but a number of the images didn’t display.
- I posted on a forum about this and eventually found that files within the Static web app are case sensitive… so my html referred to background.jpg… when the file was named Background.jpg…. I got rid of the capitalisation once I realised, and all was good.
- Once everything is correct
- Add your custom domain
- Azure static web app -> custom domains
- Add – custom domain on Azure DNS
- Select your DNS zone from the drop down
- In the domain name box, you must enter the FQDN… e.g. www.company.com, not just “www” (give that you select the zone in the other drop down – this is confusing)
- Now – as per this bug – https://github.com/Azure/static-web-apps/issues/202 – I found I got the error “Failed to add custom domain to SWA with error message”… but the CName entry was still actually added… this was a start… but since it did not show up in “custom domains” – the site still did not work without that host header.
- Due to this, I simply added it as a “custom domain” (even though the DNS was/is hosted in Azure DNS) – and it took a minute to validate, but worked fine
- Add your custom domain
In summary
- Azure DNS – easy
- Azure static web sites easy-ish… but wasn’t clear that it was case sensitive and the adding of a custom domain seems very buggy
- Not being able to transfer to MS as a domain registrar is a bizarre omission
- Microsoft licensing people still make decisions by rolling a D20 inside a Zorba ball when drunk – this is unlikely to change in my lifetime
- Run the fuck away from NameCheap