Private Cloud DNS in Google Cloud Platform (GCP) enables the management of DNS zones and records for private network resources. It facilitates the organization and accessibility of internal assets within a secure network environment, without exposing them to the public internet. This functionality ensures streamlined communication among virtual machine instances, Kubernetes clusters, and other resources using domain names within the confines of the private network.
Google Cloud Platform:
- folder ID
- billing ID
- Service Account Key
Local machine:
- gcloud CLI
- git CLI
- terraform CLI
git clone https://github.com/froggologies/gcp-terraform-exp-cloud-dns.git && cd gcp-terraform-exp-cloud-dnsexport GOOGLE_APPLICATION_CREDENTIALS=<PATH_TO_SERVICE_ACCOUNT_KEY>
export TF_VAR_billing_account=<BILLING_ACCOUNT_ID>
export TF_VAR_folder_id=<FOLDER_ID>Main resources that are created for this project are:
- instance-1: GCE instance for nginx server
- instance-2: GCE instance for testing the private dns
- private-zone (private.example.com): Private Cloud DNS
Change the backend in
terraform/backend.tfto your backend configuration or delete it if you want to use local backend.
Initialize Terraform:
terraform -chdir=terraform initApply Terraform:
terraform -chdir=terraform apply -auto-approveSSH to the instance-2:
gcloud compute ssh <INSTANCE_2_NAME> --project <PROJECT_ID> --zone us-central1-a --tunnel-through-iap
Curl nginx server through private DNS:
curl private.example.com
You should see:
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
.
.
.
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
That means the private DNS is working properly.
Destroy terraform resources:
terraform -chdir=terraform destroy -auto-approve