Centraly manage Cloud DNS/Private resolution/sub domain delegation

884 views
Skip to first unread message

mldmld1968

unread,
Oct 17, 2018, 4:53:36 PM10/17/18
to cloud-dns-discuss

Hi all,


I would like to create a dns zone : gcp.mycompany.com. mycompany.com is managed by our on premise DNS.


I'm familiar with Route 53. And for public resolution, one declare the DNS subdomain in an AWS account and we add records as needed on only one place. Records can be private or public.


But on google, on may create one subdomain / GCP project

So, it's possible to create N GCP projects with the subdomain gcp.mycompany.com, but on all, on have to setup the NS & TXT records on our on premise DNS.It's not really manageable.
 
  1. May I :

-          create an "infractructure" GCP project, let's say « Route 53 »

-          declare the gcp.mycompany.com domain in CloudDNS

-          Update the on premise DNS with NS & TXT records

==>  If an application is deployed in another GCP project, myAppPrj,  need to resolve a name on gcp.mycompany.com, I add it in the Cloud DNS of GCP project Route 53  : Do this resolution will be ok from instances in myAppPrj ?


  1. How to create private DNS records ? I mean DNS records that can be used to solved private IP adresses from instances in a GCP project
  2. How to delegate a zone to a GCP project ? I mean, in a GCP project myNewApp, create the zone mynewapp.gcp.mycompany.com

Thank you
Best regards
MLD

ima...@google.com

unread,
Oct 18, 2018, 2:17:03 PM10/18/18
to cloud-dns-discuss
Hi,

In regards to your first query, it actually depends on whether mycompany.com is in public DNS or not. If it's public (parent domain) then gcp.mycompany.com should be resolved from anywhere in the world including other projects. On the other hand, if the domain is in private DNS (for example, on-premise DNS like Active Directory), adding a zone to Cloud DNS and NS records for gcp.mycompany.com to the Active Directory DNS servers will work, but only from on-premise.

There is a feature called Private DNS, that is in invitation-only beta. With that, Google Cloud DNS provides you a managed internal DNS solution for your private networks on Google Cloud Platform (GCP). Private DNS enables you to manage custom domain names for your virtual machines, load balancers or other GCP resources in Private DNS Zones without exposing the underlying DNS data to the public Internet. Once it is GA, you would be able to leverage the benefits of using it in your environment.

Regarding the zone delegation to a GCP project, you would create the mynewapp.gcp.mycompany.com zone in the new project (myNewApp), then add NS records for that zone to gcp.mycompany.com in the other project. Please take a look at this help center article[1] for more information about subdomains and delegation.

I hope this helps.

[1]https://cloud.google.com/dns/overview#cloud_dns_concepts
Reply all
Reply to author
Forward
0 new messages