Cloud DNS
Cloud DNS is a serving from Google that contains everything needed to register, manage, and serve domains. It's characterized by its reliability, resiliency, and low-latency.
This section describes how to create a private OMT installation, and the OMT management portal, as well as how to reconfigure a suite with the Cloud DNS.
DNS records are organized in zones within the Cloud DNS. A zone is analogous to a traditional DNS zone file: it represents a collection of records that can be managed together, belonging to a single parent domain name. All resource record sets within a zone must have the zone's domain name as a suffix.
In this section you will select a private zone (which must have been previously created by a Google Cloud administrator), and create the corresponding record set.
Selecting an existing private DNS zone and creating a record set using the Google Cloud CLI:
-
Run the following command to select private hosted zones:
gcloud dns managed-zones list
Example output:
NAME: gcp-arcsight-dev-dns-zone DNS_NAME: gcp.arcsight-dev.com. DESCRIPTION: private DNS Zone deployed for Arcsight Products VISIBILITY: private
-
Choose the DNS_NAME of one of the private DNS zones. From the output above, we'll use
gcp.arcsight-dev.com.Record the chosen private hosted zone name and ID in the Google Cloud worksheet under Hosted zone name and Hosted zone Id respectively.
-
Choose a subdomain in the selected private hosted zone. For our example, we will use
gcp_demo. Combining the subdomain and hosted zone name with a final period will give us the complete DNS name where our new cluster will be accessible:gcp_demo.gcp.arcsight-dev.com.
-
The private subnet must contain a reserved internal IP address to be used by both the load balancer and the private DNS record to redirect the traffic to the load balancer. Run the following command to reserve the Internal IP address:
gcloud compute addresses create <NAME> --addresses=<IP_ADDRESS> --region=<REGION> --subnet=<SUBNET_NAME> --purpose=SHARED_LOADBALANCER_VIP
Where:
<NAME>is the name of the private IP address<IP_ADDRESS>the IP address being reserved<REGION>the region selected for the project, see Google Cloud Deployment Global Configurations<SUBNET_NAME>the name of the subnet that contains the IP addressExample output:
gcloud compute addresses create gcp-arcsight-test-lb-ip --addresses=10.1.0.100 --region=us-central1 --subnet=private-subnet --purpose=SHARED_LOADBALANCER_VIP
-
Create an
Arecord set on your private DNS Zone and associate it with an external IP by executing this command:gcloud dns record-sets create <DNS_NAME> --zone=<ZONE> --type=<TYPE> --ttl=<TTL> rrdatas=<RRDATAS>
Where:
<DNS_NAME>is the DNS name determined in step 3<ZONE>is the name of the zone whose record sets you want to manage (see the NAME in the output in step 1)<TYPE>is the DNS record type of the record-set (A,AAAA,MX, etc.). In this case, the type must be "A".<TTL>is the time to live for the record-set<RRDATAS>is the DNS data of the record-set (as inAddress,CNAME,MXinformation)For example:
gcloud dns record-sets create gcp_demo.gcp.arcsight-dev.com. --zone="gcp-arcsight-dev-dns-zone" --type="A" --ttl="300" --rrdatas="10.1.0.100"
-
Verify that the creation process finished successfully by running the following command:
gcloud dns record-sets list --zone <ZONE>
Where:
<ZONE>is the name of the zone whose record sets you want to manage (see the NAME in the output in step 1)Example output:
NAME TYPE TTL DATA NAME: gcp.arcsight-dev.com. TYPE: NS TTL: 21600 DATA: ns-gcp-private.googledomains.com. NAME: internal.arcsight-suite.com. TYPE: SOA TTL: 21600 DATA: ns-gcp-private.googledomains.com. cloud-dns-hostmaster.google.com. 1 21600 3600 259200 300 NAME: gcp_demo.gcp.arcsight-dev.com. TYPE: A TTL: 300 DATA: 10.1.0.100