Sort production front end URL

ministryofjustice / find-moj-data

Find MOJ data service • This repository is defined and managed in Terraform

MIT License

5 stars 0 forks source link

Sort production front end URL #546

Closed seanprivett closed 1 month ago

seanprivett commented 1 month ago

find-moj-data.service.justice.gov.uk

I think this is it above, but check against domain rules held by ops eng here

MatMoore commented 1 month ago

Have sent an email to operations engineering to discuss next steps. find-moj-data.service.justice.gov.uk looks right based on my reading of the rules

tom-webber commented 1 month ago

Mat's CP PRs:

MatMoore commented 1 month ago

Notes on progress so far

The prod url delegates to the prod hosted zone: find-moj-data.service.justice.gov.uk. 783 IN SOA ns-1872.awsdns-42.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

The dev/test/preprod, also delegate to the prod hosted zone, so maybe we don't need the extra ones? Cloud platform guidance recommends managing everything from one zone, so maybe that's how I have set it up by following the guide.

I'm not sure yet if the hosted zone has been populated. Expecting kubernetes to set this up via ExternalDNS

None of the domains yet resolve an IP (may just be waiting for caches to expire atm since I only just deployed it)

MatMoore commented 1 month ago

Prod dns is now resolving, but not the non-prod environments

There is also some more issues to workout before this is functional

Next steps:

[ ] Change EntraID redirect link
[ ] Try configuring the ingress so that records are put in the prod hosted zone
[ ] Remove the other hosted zones as they are not being used as far as I can tell

MatMoore commented 1 month ago

I've also added a service pod to the dev environment, accessible via k9s, so that I can run aws commands to inspect the state of things.

aws route53 get-hosted-zone --id [...]

aws route53 list-resource-record-sets --hosted-zone-id [...]

The ID is printed in the concourse logs for applying terraform

I can see that there are 4 record sets in this zone, A, NS, SOA, TXT, and the A is using AliasTargets. It seems like something is being set up for the dev environment, but the prod hosted zone is authoritative for find-moj-data.justice.gov.uk and it is not delegating dev. to this one(????)

The service pod still needs to be rolled out to the other environments as well, but not necessarily in this ticket. Want to get prod working first.

MatMoore commented 1 month ago

Prod is working now. I'll create a separate task for the non production envs.