- Again, it’s easiest to just manage hosts/users/identities in .ssh/config rather than the usual eval ssh-agent ssh-add in dotfiles and other config. The ssh config basically hardcodes the “ssh -i x y@z” into a single location, while giving it an alias. Eg right now it’s “ssh sbsc-aws” – extremely easy.
- Supercontest routing.
- Created a hosted zone for southbaysupercontest.com in route53. This automatically creates the NS and SOA records to AWS nameservers.
- SOA = start of authority.
- Allocated an elastic IPv4 address to my AWS account then associated it with the sbsc ec2 instance.
- These are free as long as they’re associated with a running instance (to discourage inefficiency). Each account is only allowed 5 ipv4 per region.
- Created A records for southbaysupercontest.com (and the www. subdomain) to point to the elastic IP.
- Route53 usually propagates DNS changes to authoritative servers within 60 seconds.
- Transferred the domain from GoDaddy to Route53. This process unlocks the domain and sends the admin (me) the auth code. Then you pay $12 over at Route53 for the transfer and it extends the original expiry a year. And you tell the registrar (this is the entry point) which nameservers to forward to (which you just created in your hosted zone).
- Everything is up now, just waiting for the registrar transfer. Once that’s done, it should automatically flow through the already-configured Route53 DNS nameservers to the elastic IP on my EC2 instance, already running the (pre-week-6) app and db containers.
- Manually approved the transfer on GoDaddy to speed the transfer process from ~7d to ~30min.
- Note too that AWS does not explicitly act as registrar, they use third-party services. But it’s all accessed/managed within Route53.
- Confirmed the full domain transfer with dig southbaysupercontest.com -> ec2 elastic ip.
- Overall, the godaddy -> route53 domain/registrar transfer took about 30min. Some waiting for godaddy, some waiting for aws. The DNS service transfer is easy, has no external gates, and should be done before domain.
- Transfer lock enabled on route53 after transfer (sets status codes like clientTransferProhibited, transferPeriod, etc).
- DNSSEC disabled.
- Started everything in order after the final routing changes: nginx-proxy, letsencrypt, sbsc app, db.
- Deleted the DO dns records, droplet, and project.
- Remember how this blog is configured for comparison:
- Created a hosted zone for southbaysupercontest.com in route53. This automatically creates the NS and SOA records to AWS nameservers.
| Domain | Registrar | DNS | Compute |
| bmahlstedt.com | GoDaddy | DigitalOcean | DigitalOcean |
| (old) southbaysupercontest.com | GoDaddy | DigitalOcean | DigitalOcean |
| (new) southbaysupercontest.com | Route53 | Route53 | EC2 |
- Ran a few windows updates.
- Committed week 6 lines.
- Second monitor.
- Still being laggy with media. Updated the drivers. Confirmed both monitors are set to 60Hz. Looks better now.
- Company work.
- Tyler Cowen wrote a crypto chapter.
- Caught up with Ben, great chat.
- Trivia at Amity Hall in Greenwich. Played with a girl who new gothamchess (Levi Rozman) growing up!