2年前,谷歌引入了私有DNS,这对内部域通信非常重要。
我使用以下文档指南设置了一个专用dns以了解dnshttps://cloud.google.com/sdk/gcloud/reference/dns/managed-zones/createhttps://www.jhanley.com/google-cloud-private-dns-zones/
以下是创建示例区域的步骤
创建了一个私人区域";"私人区域";
gcloud dns managed-zones create --dns-name="example.com" --description="Private Zone" --visibility=private --networks=default "private-zone"
然后在谷歌云中创建了一个vm,并为域名运行nslookup。但它没有解决
testdns:~$ nslookup example.com
Server: 169.254.169.254
Address: 169.254.169.254#53
Non-authoritative answer:
*** Can't find example.com: No answer
我在Vm实例创建的上使用Debian操作系统
Linux testdns 4.19.0-12-cloud-amd64 #1 SMP Debian 4.19.152-1 (2020-10-18) x86_64 GNU/Linux
这是中除NS和SOA记录之外的两个A记录
test.example.com. A 300 192.0.0.9
www.example.com. A 300 192.0.0.91
example.com. A 3600 192.0.1.1
以下示例经过测试
nslookup when";example.com";未添加记录
mymach@testdns:~$ nslookup example.com ns-gcp-private.googledomains.com
Server: ns-gcp-private.googledomains.com
Address: 169.254.169.254#53
Non-authoritative answer:
*** Can't find example.com: No answer
#使用名称服务器挖掘example.com,添加了"A"记录
testdns:~$ dig example.com @ns-gcp-private.googledomains.com
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> example.com @ns-gcp-private.googledomains.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41534
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 3600 IN A 192.0.1.1
;; Query time: 12 msec
;; SERVER: 169.254.169.254#53(169.254.169.254)
;; WHEN: Tue Dec 08 23:03:58 UTC 2020
;; MSG SIZE rcvd: 56
添加example.com后再次查找
testdns:~$ nslookup example.com ns-gcp-private.googledomains.com
Server: ns-gcp-private.googledomains.com
Address: 169.254.169.254#53
Non-authoritative answer:
Name: example.com
Address: 192.0.1.1
挖掘
testdns:~$ dig example.com
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24673
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 3600 IN A 192.0.1.1
;; Query time: 11 msec
;; SERVER: 169.254.169.254#53(169.254.169.254)
;; WHEN: Tue Dec 08 23:06:30 UTC 2020
;; MSG SIZE rcvd: 56
使用本地主机挖掘
dig example.com @127.0.0.1
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> example.com @127.0.0.1
;; global options: +cmd
;; connection timed out; no servers could be reached
我是不是少了一步?
使用创建区域后
gcloud dns managed-zones create --dns-name="example.com" --description="Private Zone" --visibility=private --networks=default "private-zone"
您必须为其创建DNS注册表,例如:
gcloud dns record-sets transaction start --zone="private-zone"
gcloud dns record-sets transaction add 10.2.3.4 --name="example.com" --ttl="3600" --type="A" --zone="private-zone"
gcloud dns record-sets transaction execute --zone="private-zone"
给GCP 1分钟的时间来赶上,然后用默认的"0"重试/etc/resolv.conf";文件