I am trying to add TLS Encryption to a Kubernetes Service/Ingress Controller on Google Kubernetes Engine (GKE), and in order to do so, I need a domain name. I don't want to go through Google Domains and have done this before on Azure by configuring an FQDN for the ingress controller external IP address - using this link:
Is there a way to do this on GKE? Or do I need to create a Domain Name?
I have tried everything up until step 4 here:
As it explained in the step 4:
You must update the DNS (Domain Name Server) records of your domain name.
You must create an A (Address) type DNS record for your domain or subdomain name and have its value configured with the reserved IP address
DNS records of your domain are managed by your nameserver. Your nameserver might be where you registered your domain (in other words, your "registrar") or could be a DNS service, such as Google Cloud DNS or other third-party providers.
If your nameserver is another provider: Refer to your DNS service's documentation on setting DNS A records to configure your domain name.
Related
I am trying to set up SSM on Windows.
I have an ASG in a private subnet (absolutely 0 internet access). I can not use NAT, only VPC endpoints.
In the instance launch configuration, I have a PowerShell script that uses Set-DnsClientServerAddress so that the instance can find and join an AWS Managed MS AD service. I would also like to set up the instance so it can be fully managed with SSM.
The problem comes with the DNS Client Server Address.
When I set it to match the address of the AD service SSM will not work.
When I leave the DNS Client Server Address default, SSM works but I can not join the AD.
I tried forcing the SSM Agent to use the endpoints by creating a amazon-ssm-agent.json file and setting all three endpoints in there. This allowed the instance to show on the Managed Instance list, but its status never changed from pending and requests from within the instance still timed out.
Does anyone know the magic sauce to get these things all working at the same time?
EDIT 1:
I also tried adding a forward as described in this thread, however I'm either missing somethign or it is not working for my case:
https://forums.aws.amazon.com/thread.jspa?messageID=919331󠜣
It turns out that adding the forwarder as described in the link above worked. The part I was missing was joedaws comment, "I would also remove the existing 169.254.169.253 entry so that only the 10.201.0.2 ip address is in the list".
Of course, my IPs are different, but once I removed the preexisting forward so that my x.x.x.2 IP was the only one in the list (I did this for both of the AD DNS servers) the instance was discoverable by SSM.
So, I would make a minor change to the list that saugy wrote:
On a domain joined windows instance, log in with AD domain Admin user
Open DNS manager
Connect to one of the DNS IP addresses for the AWS AD
Select forwarders
Add the VPC's DNS IP (x.x.x.2 from you VPC's CIDR range)
Remove the existing IP (so you VPCs IP is the only one)
Click Apply
Repeat from step 3 with the other DNS IP address for the AWS AD (not 1
Also, as mentioned in the other post. This only has to be done once and the settings persist in the AD DNS.
i am new to using EC2, I have an EC2 instance that can reboot daily for maintenance and after the reboot, i get new public IP(i can't use elastic IPS there are all allocated).
so my problem is the instance contains an application that I need to be accessible via a domain (exemple.com), but I can figure out how to set custom DNS on NameCheap and in AWS this DNS automatically resolve the new public IP of that instance after reboot.
If you feel your architecture warrants additional Elastic IP addresses, you can request a limit increase. To request an increase, complete the Amazon VPC limit request form (choose VPC Elastic IP Address Limit). Describe your use case so that AWS can understand your needs.
You can put your instance behind ElasticLoadBalancer. Each Classic Load Balancer receives a default Domain Name System (DNS) name. This DNS name includes the name of the AWS region in which the load balancer is created. For example, if you create a load balancer named my-loadbalancer in the US West (Oregon) region, your load balancer receives a DNS name such as my-loadbalancer-1234567890.us-west-2.elb.amazonaws.com. You can then use your DNS service to create a CNAME record to route queries to your load balancer. Then, your EC2 instance does not need to have stable public IP address.
You can delegate example.com resolution to AWS DNS service, Route53, and then you can run a script on server boot to update Route53 records with the latest IP address.
I want to upload my local wordpress to the domain I bought and make it live. But I don't know how to add domain and add dns in oracle cloud.
Unfortunately, there's no simple answer to your question. The general documentation on using Oracle Cloud DNS Service can be found here. Below is a quick summary of tasks that need to be completed:
Note the public IP address assigned to your compute instance that's hosting the web server. Assign one if necessary. The compute instance must be on a public subnet to be assigned one.
In your tenant's root compartment, create a Zone for your domain, e.g. example.com.
Create an "A" zone record, e.g. www.example.com => 123.123.123.123
Publish the record.
On your Registrar's DNS management console, update the name server records to point to Oracle Cloud's name servers assigned to the zone.
I am working on a project, where I have a domain xyz.com, I have been requested that a subdomain example abc.xyz.com should point to website which has ipaddress
example http://199.152.57.120/client/ and when a visitor browse abc.xyz.com it should open the website hosted on http://199.152.57.120/client/ but by hidding this ip address the visitor should always see abc.xyz.com.
I also need to host another website to xyz.com
domain which is registered with x company and webhosting is taken for z company both different.
It is something similar to Reseller business where Reseller company assign a website to their client on their custom domain.
You can make A record in your DNS Server that IP address 199.152.57.120 pointing to abc.xyz.com
and then make same configuration in your web hosting that nginx/httpd virtual host point to directory /Some/Directory/client
you can read this for nginx https://www.linode.com/docs/websites/nginx/how-to-configure-nginx
It can be easily done in domain provider DNS zone. Just add A record where you will provide subdomain ex: abc.xyz.com and connect to adress ex: 1.2.3.4 How to do that in your domain provider, just check help pages for DNS records.
Alternatively you can install proxy software like NGINX and make subdomain redirect.
Example setting:
I'm running into this problem trying to link my Godaddy domain with an AWS Elastic Beanstalk instance. I found a lot of documentation on how to link an EC2 instance with a domain on Godaddy but not for Elastic Beanstalk instance. So I ended up with this URL: www.MY_SITE.elasticbeanstalk.com
Here is what I did for an EC2 instance:
I updated the Nameservers on my Godaddy domain with the ones from my Route 53 Hosted Zone.
I created a new Elastic IP on the EC2 console.
I went back to Godaddy and updated the DNS A # field from their DNS Manager, with the EC2 Elastic IP one.
You normally have to wait 1h to 48h and it should work.
How can I do the same for a AWS Elastic Beanstalk instance, not an EC2 one? I can't see the instance I created from my EC2 console in order to link it to an Elastic IP.
Hope this is clear enough.. Any help?
No need to create a CNAME or do any forwarding - this is bad from the point of SEO and not recommended by Amazon. Even you should not point a record to IP directly - it will cause a lot of troubles in the future because IP can be changed any moment.
The most elegant way is to migrate DNS service from GoDaddy to Route 53. You still will be with GoDaddy, but handling requests for your site will be on Amazon's side.
Here is what you need to do:
Create a new Hosted Zone for your site in Route 53 console:
Open newly added domain name, find NS record and copy servers:
In GoDaddy's Domain Manager export records via "Export Zone File (Windows)".
Import those records to Route 53 ("Import Zone File" button).
In GoDaddy's Domain Manager set custom DNS nameservers, obtained on the 2nd step:
Migrating might take some time (even days).
Now you can link you domain with your Elastic Beanstalk site. To do so select/create proper A record type in Route 53 and set Alias for it:
Here's what I did when I was facing the problem of linking a GoDaddy domain with AWS ElasticBeanstalk.
DNS Manager:
A record #: 64.202.189.170 (that is GoDaddy's forwarding IP btw)
Cname www: AWS EB domain (e.g. awseb-xyz.us-east-1.elb.amazonaws.com)
Forwarding:
Forward Domain to www.example.com (forward only, without masking)
Forward Subdomain to AWS EB domain (e.g. awseb-xyz.us-east-1.elb.amazonaws.com) (with masking)
In order to access the site without www (e.g. http://example.com), I had to set up the forwarding of the domain to the www cname. This www cname then gets forwarded to the AWS EB domain (with masking in order to keep www.example.com in the address bar).
You should add a CNAME record to your Godaddy domain name that maps from www.yourGoDaddyDomain.com -> MY_SITE.elasticbeanstalk.com.
That will direct requests to your domain name to the load balancer that is running in your elastic beanstalk environment. You don't want to route your domain name to a specific server (i.e. an elastic IP), you want it to go to the load balancer and that will route requests to your server(s). Since AWS Load balancers don't use IPs (they use domain names), you don't want to set up an A record for this - a CNAME record maps domain names to domain names.
Look at the "Adding or Editing CNAMEs" section of the GoDaddy documentation on how to do this.
Your route53 configuration has to point to the load balancer, not the ec2 instance