kubernetesgoogle-kubernetes-enginekubernetes-ingressexternal-dnsgoogledns

gke and auto created domain for enabling http routing


I need to use a domain for GKE cluster to access ingress into the cluster and applications, similar like azure AKS http add-on which gives a generic-created domain(not a custom domain) https://learn.microsoft.com/en-us/azure/aks/http-application-routing Is there any solution on Google cloud as well?

Our GKE creating/deleting process is a part of IaC tooling and we are automating cluster and our app deployment for dev/test/staging. And the generic domain creation and binding managed dns zone to the cluster resources gives us great flexibility. Otherwise we have to create custom domain and managed dns zone which will be static and bring unnecessary complexity to the provisioning tooling.


Solution

  • There is not generic domain options in gke so I have to purchase a domain and update NS according to created managed dns zone NS and they will be automated sync when I update ingress in gke by external-dns

    I can say I solve this problem with this steps,

    1- Create a managed zone which has domain name belongs own and be sure it has permission to access domain from dns zones which you create. Mean is giving access the google project which your dns zone exist

    Note: when you create the cluster be sure giving scopes for readwrite perm for managed dns zone

    gcloud container clusters create “external-dns” \
        —num-nodes 1 \
        —scopes “https://www.googleapis.com/auth/ndev.clouddns.readwrite
    

    Create a DNS zone which will contain the managed DNS records.

    $ gcloud dns managed-zones create “xxx.test-dev” \
        —dns-name “xxx.test.dev.” \
        —description “Automatically managed zone by kubernetes.io/external-dns test.dev domain name”
    

    2- Please deploy the resources to gke which name is external-dns

    https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/gke.md#deploy-externaldns
    

    And check the logs with

    kubectl logs $(kubectl get pods --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}' | grep dns)
    

    Or

    kubectl logs $(kubectl get pods --no-headers -o custom-columns=":metadata.name" | grep dns)
    

    And if you see something like everything is going smoothly

    time="2021-01-20T11:37:46Z" level=info msg="Add records: xxx.test.dev. A [34.89.xx.xx] 300"
    time="2021-01-20T11:37:46Z" level=info msg="Add records: xxx.test.dev. TXT [\"heritage=external-dns,external-dns/owner=my-identifier,external-dns/resource=ingress/default/ingress-test\"] 300"
    time="2021-01-20T11:38:47Z" level=info msg="All records are already up to date"
    

    Note created TXT record alongside A record. TXT record signifies that the corresponding A record is managed by ExternalDNS. This makes ExternalDNS safe for running in environments where there are other records managed via other means. Let’s check that we can resolve this DNS name. We’ll ask the nameservers assigned to your zone first.

    $ dig +short @ns-cloud-e1.googledomains.com. xxx.test.dev.
    104.155.xx.xx
    

    And you can check the ip of the domain is correct or has a problem

    host https://xxx.test.dev/        
    Host https://xxx.test.dev/ not found: 3(NXDOMAIN)
    

    It can be complained bed domain for a while but then you will get the correct response

    host xxx.test.dev
    xxx.test.dev has address 35.197.xx.xx