This is the second part of GCP’s series. In the previous article we covered some basic terminology in GCP.
As you know, each virtual machine created has an internal IP assigned. From the same network, you can reach out to this vm using it’s internal IP or it’s internal DNS.
In that example, I have two virtual machines:
- instance-core: 10.23.0.2
- instance-svc: 10.23.0.19
who are located in the same VPC named apps-vpc.
The internal DNS of vm instance-svc could be found using this curl:
curl "http://metadata.google.internal/computeMetadata/v1/instance/hostname" -H "Metadata-Flavor: Google"
Example 1: from the vm instance-core, ping the vm instance-svc using it’s internal IP.
Example 2: from the vm instance-core, ping the vm instance-svc using it’s internal DNS.
Example 3: if VPC peering is enabled, you could ping the vm using internal IP from a vm (instance-host2) on a different network (shared-vpc2)
Example 4: you cannot ping the vm using internal DNS from a vm (instance-host2) on a different network (shared-vpc2)
So, what if you always want to use a fully qualified domain name (FQDN) to reach out to your virtual machine from a different network instead of an IP address ?
Cloud DNS is your solution! Google Cloud DNS is a scalable, reliable and managed authoritative Domain Name System (DNS) service running on the same infrastructure as Google. It has low latency, high availability and is a cost-effective way to make your applications and services available to your users. Cloud DNS translates requests for domain names like www.google.com into IP addresses like 74.125.29.101.
Create a dns privated zone
From the producer network, project host-project1 which contain the first VPC (apps-vpc), create a private zone dns named demodns.getcontacts.fr
- Zone type: Private
- Zone name: demo-dns-private-zone
- DNS name: demodns.getcontacts.fr
- Options: Default (Private)
- Networks: apps-vpc
Create dns record set
Inside of this dns private zone, you will create two records set to map a DNS name to an internal IP of your virtual machine
- DNS Name: instance-core.demodns.getcontacts.fr
- Resource Record Type: A
- TTL: 5
- TTL Unit: minutes
- IPv4: 10.23.0.2
- DNS Name: instance-svc.demodns.getcontacts.fr
- Resource Record Type: A
- TTL: 5
- TTL Unit: minutes
- IPv4: 10.23.0.19
Create a peering DNS
From the consumer network, project host-project2 that contains the second VPC (shared-vpc2), you create a peering dns to demodns.getcontacts.fr on apps-vpc
- Zone type: Private
- Zone name: demo-dns-private-zone
- DNS name: demodns.getcontacts.fr
- Options: DNS Peering
- Networks: shared-vpc2
- Peer project: host-project1
- Peer network: apps-vpc
Finally, you would have a side by side configuration between the producer network host-project1 and the consumer network host-project2
Now, everything is done. You can make some tests. Firstly, from the consumer network host-project2, the DNS resolution to resolve the vm located on the producer network must be worked using the DNS name.
dig instance-core.demodns.getcontacts.fr
dig instance-svc.demodns.getcontacts.fr
That works like a charm! ☀️ ☀️
If you have a peering enabled between two VPC, you can also ping these vms using their’s dns name.
ping -c 3 instance-core.demodns.getcontacts.fr
ping -c 3 instance-svc.demodns.getcontacts.fr
