在 Azure Stack Hub 中使用 DNSUse DNS in Azure Stack Hub

Azure Stack Hub 支援下列 Azure DNS 功能:Azure Stack Hub supports the following Azure DNS features:

  • DNS 主機名稱解析。DNS hostname resolution.
  • 使用 API 建立和管理 DNS 區域和記錄。Create and manage DNS zones and records using the API.

支援 DNS 主機名稱解析Support for DNS hostname resolution

您可以指定公用 IP 資源的 DNS 網域名稱標籤。You can specify a DNS domain name label for public IP resources. Azure Stack Hub 使用 domainnamelabel.location.cloudapp.azurestack.external 作為標籤名稱,並將它對應至 Azure Stack Hub 受控 DNS 伺服器中的公用 IP 位址。Azure Stack Hub uses domainnamelabel.location.cloudapp.azurestack.external for the label name and maps it to the public IP address in Azure Stack Hub-managed DNS servers.

例如,如果您建立公用 IP 資源並以 contoso 作為本機 Azure Stack Hub 位置的網域名稱標籤,則完整網域名稱 (FQDN) contoso.local.cloudapp.azurestack.external 會解析為資源的公用 IP 位址。For example, if you create a public IP resource with contoso as a domain name label in the local Azure Stack Hub location, the fully qualified domain name (FQDN) contoso.local.cloudapp.azurestack.external resolves to the public IP address of the resource. 您可以使用此 FQDN 來建立自訂網域 CNAME 記錄,其指向 Azure Stack Hub 中的公用 IP 位址。You can use this FQDN to create a custom domain CNAME record that points to the public IP address in Azure Stack Hub.

若要深入了解名稱解析,請參閱 DNS 解析一文。To learn more about name resolution, see the DNS resolution article.

重要

您所建立的每個網域名稱標籤在其 Azure Stack Hub 位置中都必須是唯一的。Each domain name label you create must be unique within its Azure Stack Hub location.

以下螢幕擷取畫面顯示 [建立公用 IP 位址]**** 對話方塊,以便使用入口網站建立公用 IP 位址:The following screenshot shows the Create public IP address dialog for creating a public IP address using the portal:

建立公用 IP 位址

範例案例Example scenario

您可讓負載平衡器處理來自 Web 應用程式的要求。You have a load balancer processing requests from a web app. 負載平衡器的背後是在一或多個虛擬機器上執行的網站。Behind the load balancer is a web site running on one or more virtual machines. 您可以使用 DNS 名稱 (而不是 IP 位址) 來存取負載平衡的網站。You can access the load-balanced web site using a DNS name, instead of an IP address.

使用 API 建立和管理 DNS 區域和記錄Create and manage DNS zones and records using the APIs

您可以建立和管理 DNS 區域和 Azure Stack Hub 中的記錄。You can create and manage DNS zones and records in Azure Stack Hub.

Azure Stack Hub 提供類似 Azure 的 DNS 服務,使用與 Azure DNS API 一致的 API。Azure Stack Hub provides a DNS service similar to Azure, using APIs that are consistent with the Azure DNS APIs. 將您的網域裝載於 Azure Stack Hub DNS,您就可以使用相同的認證、API 和工具來管理 DNS 記錄。By hosting your domains in Azure Stack Hub DNS, you can manage your DNS records using the same credentials, APIs, and tools. 您也可以使用與其他 Azure 服務相同的計費方式和支援。You can also use the same billing and support as your other Azure services.

Azure Stack Hub DNS 的基礎結構比 Azure 更為精簡。The Azure Stack Hub DNS infrastructure is more compact than Azure. Azure Stack Hub 部署的大小和位置將會影響 DNS 範圍、級別和效能。The size and location of an Azure Stack Hub deployment affects DNS scope, scale, and performance. 這也表示每個部署的效能、可用性、全域發佈和高可用性不盡相同。This also means that performance, availability, global distribution, and high availability can vary from deployment to deployment.

與 Azure DNS 比較Comparison with Azure DNS

Azure Stack Hub 中的 DNS 與 Azure 中的 DNS 類似,但有一些重要的例外:DNS in Azure Stack Hub is similar to DNS in Azure, but there are a few important exceptions:

  • 不支援 AAAA 記錄:Azure Stack Hub 不支援 AAAA 記錄,因為 Azure Stack Hub 並不支援 IPv6 位址。Does not support AAAA records: Azure Stack Hub doesn't support AAAA records because Azure Stack Hub does not support IPv6 addresses. 這是 Azure 和 Azure Stack Hub DNS 之間的主要差異。This is a key difference between DNS in Azure and Azure Stack Hub.

  • 不是多租用戶:Azure Stack Hub 中的 DNS 服務不是多租用戶。Is not multi-tenant: The DNS Service in Azure Stack Hub is not multi-tenant. 租用戶無法建立相同的 DNS 區域。Tenants cannot create the same DNS zone. 僅有首個訂用帳戶嘗試建立區域會成功,後續要求皆會失敗。Only the first subscription that attempts to create the zone succeeds, and later requests fail. 這是 Azure 和 Azure Stack Hub DNS 之間的另一個主要差異。This is another key difference between Azure and Azure Stack Hub DNS.

  • 標記、中繼資料和 Etag:Azure Stack Hub 處理標記、中繼資料、Etag 和限制的方式有些許差異。Tags, metadata, and Etags: There are minor differences in the way Azure Stack Hub handles tags, metadata, Etags, and limits.

若要深入了解 Azure DNS,請參閱 DNS 區域和記錄To learn more about Azure DNS, see DNS zones and records.

TagsTags

Azure Stack Hub DNS 支援在 DNS 區域資源上,使用 Azure Resource Manager 標記。Azure Stack Hub DNS supports using Azure Resource Manager tags on DNS zone resources. 但不支援 DNS 記錄集上的標記。It does not support tags on DNS record sets. 支援在 DNS 記錄集上使用中繼資料作為替代,下一節中會詳述。As an alternative, metadata is supported on DNS record sets, as explained in the next section.

中繼資料Metadata

Azure Stack Hub DNS 支援使用中繼資料來替代記錄集標記,用以標註記錄集。As an alternative to record set tags, Azure Stack Hub DNS supports annotating record sets using metadata. 類似於標記,中繼資料可讓您建立名稱-值組與每個記錄集之間的關聯。Similar to tags, metadata enables you to associate name-value pairs with each record set. 例如,中繼資料適合用來記錄每個記錄集的目的。For example, metadata is useful to record the purpose of each record set. 與標記不同的是,您無法使用中繼資料來提供 Azure 帳單篩選過的檢視,也無法在 Azure Resource Manager 原則中指定中繼資料。Unlike tags, you can't use metadata to provide a filtered view of your Azure bill, and metadata cannot be specified in an Azure Resource Manager policy.

EtagEtags

假設有兩個人或兩個處理序同時嘗試修改 DNS 記錄。Suppose two people or two processes try to modify a DNS record at the same time. 何者獲勝?Which one wins? 獲勝者知道他已覆寫另一人所做的變更嗎?And does the winner know that they've overwritten changes created by someone else?

Azure Stack Hub DNS 使用 Etag 以安全地處理相同資源的並行變更。Azure Stack Hub DNS uses Etags to safely handle concurrent changes to the same resource. Etag 和 Azure Resource Manager 標籤是不同的。Etags are different from Azure Resource Manager Tags. 每個 DNS 資源 (區域或記錄集) 都有一個相關聯的 Etag。Each DNS resource (zone or record set) has an Etag associated with it. 每當擷取資源時,也會擷取其 Etag。When a resource is retrieved, its Etag is also retrieved. 更新資源時,您可以選擇傳回 Etag,讓 Azure Stack Hub DNS 可以確認伺服器上的 Etag 相符。When you update a resource, you can choose to pass back the Etag so Azure Stack Hub DNS can verify the Etag on the server matches. 因為每次更新資源都會重新產生 Etag,Etag 不符就表示發生並行變更。Since each update to a resource results in the Etag being regenerated, an Etag mismatch indicates a concurrent change has occurred. 建立新的資源時也可以使用 Etag,以確定該資源尚不存在。Etags can also be used when you create a new resource to ensure the resource does not already exist.

根據預設,Azure Stack Hub DNS PowerShell Cmdlet 會使用 Etag 來禁止對區域和記錄集進行並行變更。By default, Azure Stack Hub DNS PowerShell cmdlets use Etags to block concurrent changes to zones and record sets. 您可以使用選擇性的 -Overwrite 參數來停用 Etag 檢查。You can use the optional -Overwrite switch to suppress Etag checks. 如果沒有 Etag 檢查,系統會覆寫任何已發生的並行變更。With no Etag checks, any concurrent changes that have occurred are overwritten.

在 Azure Stack Hub DNS REST API 層級上,將會使用 HTTP 標頭指定 Etag。At the level of the Azure Stack Hub DNS REST API, Etags are specified using HTTP headers. 下表描述了其行為:Their behavior is described in the following table:

頁首Header 行為Behavior
NoneNone PUT 一定成功 (沒有 Etag 檢查)。PUT always succeeds (no Etag checks).
If-matchIf-match 唯有當資源存在且 Etag 符合時,PUT 才會成功。PUT only succeeds if resource exists and Etag matches.
If-match *If-match * 唯有當資源存在時,PUT 才會成功。PUT only succeeds if resource exists.
If-none-match *If-none-match * 唯有當資源不存在時,PUT 才會成功。PUT only succeeds if resource doesn't exist.

限制Limits

使用 Azure Stack Hub DNS 時,會適用下列的預設限制︰The following default limits apply when using Azure Stack Hub DNS:

資源Resource 預設限制Default limit
每一訂用帳戶的區域Zones per subscription 100100
每一區域的記錄集Record sets per zone 50005000
每一記錄集的記錄Records per record set 2020

後續步驟Next steps