Coming from AWS/cloudfront background I want to know the base domain of google's CDN which I can't find anywhere. In Cloudfront, domain such as xyzid.cloudfront.net available in the list of cloudfront distributions.
I need to store objects in google's bucket and server via google's CDN for better performance. I have read lot of tutorials which explains how to link cdn with bucket via load-balancer. But in the end it gives me only IP address, via which I am able to access the bucket's content successfully.
Since IP will be in a particular location, whereas in case of cloudfront it gives domain such as xyzid.cloudfront.net which resolves to nearest IP address based on the location of user. I am highly doubtful, how using IP as a base domain will give the advantage of 90+ edge locations of google.
I think I am missing something big here.
Coming from AWS/cloudfront background I want to know the base domain
of google's CDN which I can't find anywhere.
When you configure a Google CDN, you need to configure a Load Balancer and enable the CDN feature. The address of the CDN is the address of the load balancer. This is the case for caching compute instances and Cloud Storage.
Since IP will be in a particular location, ...
Incorrect assumption that an IP address is tied to a location in GCP. Google supports a global IP address where the IP address itself is global in scope and resolves to the closest (configured) edge location for routing. This technology is called Anycast. The same technology used for Global Domain Name servers.
[EDIT with additional information]
There are two types of public external IP addresses. Gobal and Regional. Use a Global IP address for Global HTTP(S) Load Balancers. Regional IP addresses are used for VM instances, Network Load Balancers and most other services.
Cloud Storage objects can be accessed through the URLs describes at [1].
[1]https://cloud.google.com/storage/docs/request-endpoints
Related
I have a site running on ECS in AWS with the DNS being handled by Route53.
There are two network interfaces which I can use the Public IP addresses of to access the site. The problem is Google has indexed this IP addresses as well as the domain name.
How do I "redirect" the IP addresses to the domain name?
There are 2 aspects in your question:
You want your access using IP to resolve to your domain name
Google indexing your site with the wrong URL
For your 1st challenge, there isn't a native way to force browsers from IP back to URLs. You have to handle this in your application or infrastructure. Since you're running in ECS, that could either be a rule in a Load Balancer (e.g. if using Application Load Balancer, a rule that checks if Host-Header doesn't match your domain then redirect to your domain URL), or you could write the logic into your container.
Regarding the #2 problem, that might be because your IP was added to some site in the internet (remember that IPs are re-used in AWS), and as a result Google has the IP in the cache and it's refreshing it. To handle this problem, you might need to review if it's possible using Google's Removals Tool.
I have a cloud run service, which sends requests to a number of domains:
domain1.com
domain2.com
domain3.com
domain3.com requires that all my requests are coming from the same static IP address
Is this possible to do so in cloud run?
I've found a guide on how to set up static outbound IP address. But I don't really understand whether it is possible to do that only for one specific domain.
If I understand correctly, it should be done (if possible) somewhere on the Cloud NAT level.
Also, I guess that I would need to first "explore" an IP address of the domain3.com in order to use that address in Cloud NAT.
From a Cloud Run service, you can't use a specific IP to reach only one domain and not the others.
On a Cloud Run service, you can plug a serverless VPC connector to route all the traffic in that connector (I assume that your domain.com are public domain, therefore the all parameter for the egress), and add a Cloud NAT to use your reserved IP(s). (here in the documentation)
Because you route ALL the traffic, you can't select for that domain (or IP) and not this one. It's ALL!
I have domain under which there are multiple subdomains pointing to different websites hosted on azure. I am starting to explore google cloud and want to host a subdomain on google cloud.
Below is how DNS record should look like
A - GO Daddy hosted main website IP address
CNAME - subdomain.example.com - subdomain.cloudapp.net
CNAME - subdomain2.exapmple.com - subdomain2.cloudapp.net
now I want to add a cname for another subdomain to be hosted on google cloud
CNAME - subdomain3.example.com ??.googleapi.com
I have public IP address from GCP, but how do I get subdomain for GCP to be used for CNAME record? As per answers to my another question GCP does not provide public CNAME for VM instances. So what should I provided in CNAME record. (I do not want to move the DNS to google, or to azure for that matter)
Based on your question and the reference to Google not providing names for VM instances, I am assuming that you are trying to create a DNS record for the external address of a VM instance.
If you have a static IP address, you should just configure your DNS provider to use an A record for that IP address, rather than a CNAME.
CNAME records just create aliases for the target names, where A records can point directly to the correct IP.
Note that if the IP on your instance is ephemeral rather than static, then you would need to keep updating the DNS record whenever you restart the instance (and get a new IP), so it would be highly recommended to use a static IP for the instance in this case.
I often use App Engine, for a CNAME, you have to map to ghs.googlehosted.com (https://cloud.google.com/appengine/docs/standard/python/mapping-custom-domains).
It seems possible to do the same on Compute Engine through the network service (https://cloud.google.com/dns/docs/quickstart#create_a_cname_record). If you don't really need the CNAME record, you should use the classical A record. It's a bit easier.
Don't hesite to look into documentations, everything is explained.
I'd like to set up a static website with files stored in a Google Storage bucket. I already own a custom domain and have, at a minimum, some barebone files to see if the site is setup successfully.
Ideally, I'd like to serve the content via SSL when accessing that custom domain and have the content cached from Google Storage utilizing Google Cloud CDN so that end users are served content from the CDN as opposed to being served from Cloud Storage directly.
I haven't been able to find the perfect setup for this yet or even solidify if Google enables/supports this scenario at this point (I've read that there may be a need to leverage a load balancer to support SSL, but nothing conclusive).
So far I have created a Google Storage bucket and uploaded the desired files. I then made the bucket publicly readable to ensure there aren't any permissions issues. From there I set up a load balancer to leverage my custom domain with the checkbox of Google Cloud CDN checked, the storage bucket just created, set as the backend, and the host file mapping set to the default settings.
UPDATE:
It turned out just a few more steps were required. First, I needed to turn "Requestor Pays" off for the Storage bucket being utilized. Secondly, I needed to add permissions of "Storage Object Viewer" for "allUsers" (the legacy permission won't work here). Lastly, I had to both set the "A" and "AAAA" records to the IPV4 and IPV6 addresses of my Load Balancer for the DNS config on my domain name (and clear all previous values so that they were only referring to the new ones). After all of this was completed, everything is working as it should be :)
Thanks to both Cloud Ace (for leading me in the right direction) and a Google Customer Engineer that I met last week (for referring me to this article for reference: https://medium.com/#marco_37432/create-a-custom-domain-cdn-with-google-beta-7ad9531dfbae)!
When you create HTTP(S) Load Balancer, there should be a Certificate section in Frontend configuration if you set the protocol to HTTPS, also preserve a static IP. Then you can configure the DNS to point the domain to this IP.
If I'm in the northeast US and trying to talk to a site on AWS, behind CloudFront, I'm generally getting routed to servers in us-east. For a particular hostname (say, myfico.com), is there any way to force e.g. curl to talk with servers in a different region, presumably by routing my traffic to a different CloudFront edge server?
Since amazon publishes the IP ranges of all their edge servers, I suspect it might be possible to do something like overriding some of my DNS records and forcing it to use an IP prefix from a different region. IT might also be possible to do a more general location spoofing by modifying the edns-client-subnet that's passed along in the DNS request, but I think this might not be possible.
AWS regions are not really related to the CloudFront CDN. Generally speaking AWS region is the region where the server is physically located while the CDN offers a termination point to the client so that it can get a reply from the server quickly. You can possibly hit a CDN node in West US but the request may still be routed to us-east if the website is configured that way.