How to use a wildcard subdomain with static subdomains with Google Cloud services?

nginx google-cloud-platform wildcard-subdomain google-cloud-dns

Let's assume we own the domain example.com. In Google Cloud, I would like to achieve the following setup.

There are two Cloud Run services available at api-a.example.com and api-b.example.com.

There is a third backend service running in App Engine available at api-c.example.com.

There are is a dockerized Nginx container with a frontend deployed to App Engine at frontend-a.example.com. This is the frontend for an internal application used by the employees of our company.

The last service is another dockerized Nginx. It should be available at a wildcard subdomain *.example.com. If none of the subdomains mentioned above match, the request should land here. We offer a SaaS and each customer has their own subdomain such as client-1.example.com. These subdomains are indefinite and ever-changing, hence we would like to use a wildcard.

The domain example.com without subdomain is not used.

Is this possible and if so, how?


Solution 1:

It is possible, and you can follow these steps to achieve that:

  1. Create a managed zone: (In this example, a private zone was created, but it is the same procedure for a public one)
gcloud dns managed-zones create private-domain \
    --description=private-domain-example \
    --dns-name=example.com \
    --visibility=private
  1. Create the individual records, including the wildcard pointing to your dockerized Nginx service: (Note the trailing dot in the wildcard record name)
gcloud dns record-sets transaction start \
   --zone=private-domain

gcloud dns record-sets transaction add 10.10.3.2 \
   --name=*.example.com. \
   --ttl=86400 \
   --type=A \
   --zone=private-domain

gcloud dns record-sets transaction add 10.10.1.2 \
   --name=api-a.example.com \
   --ttl=86400 \
   --type=A \
   --zone=private-domain

gcloud dns record-sets transaction add 10.10.1.3 \
   --name=api-b.example.com \
   --ttl=86400 \
   --type=A \
   --zone=private-domain

gcloud dns record-sets transaction add 10.10.2.2 \
   --name=api-c.example.com \
   --ttl=86400 \
   --type=A \
   --zone=private-domain

gcloud dns record-sets transaction add 10.10.2.3 \
   --name=frontend-a.example.com \
   --ttl=86400 \
   --type=A \
   --zone=private-domain

gcloud dns record-sets transaction execute \
   --zone=private-domain

With this setup, any request for the example.com domain that is not explicitly defined will go to the Nginx service which is the wildcard record. You can find the complete documentation about Cloud DNS, including how to manage records, in this document 1.

Note: The scenario was recreated using VM instances in GCP, and therefore the IP addresses at the RR_DATA field in the records, to create a DNS record for App Engine services; you need to follow this how-to guide 2.

Related

setting up reverse proxy to google.com while maintaining prior webservice hosted on apache
*You post a random picture of a house* Someone: You bought a house! [duplicate]
Availability and Unavailability [closed]
More formal way to say "all-nighter"
A single word for turning something Italian?
Describing pronunciations: "You say it like" or "as"? [duplicate]
Verb placement in dependent clause
Is there a term for your parent's ex-spouse who is not your biological parent?
Comma after a coordinating conjunction preceding a parenthetical at the start of the sentence
Is it correct to say "proud of having met you", or should it be "proud to have met"?
Can the noun eyewitness be used properly without a preceding article?
Does this sentence imply 2 meanings? Present Perfect