Chapter 13. Cloud DNS

• An overview and history of the Domain Name System (DNS)

• How the Cloud DNS API works

• How Cloud DNS pricing is calculated

• An example of assigning DNS names to VMs at startup

TCP/IP is a set of network protocols (Protocol Suite) that enable communication between computers. Network protocols are rules or standards that govern network communications. 

It was developed in the 1970s and adopted as the protocol standard for ARPANET (the predecessor to the Internet) in 1983.

TCP/IP specifies how data is exchanged over the internet by providing end-to-end communications that identify how it should be broken into packets, addressed, transmitted, routed and received at the destination. ... Each gateway computer on the network checks this IP address to determine where to forward the message.

DNS is a hierarchical distributed storage system that tracks the mapping of internet names (like www.google.com) to numerical addresses.

DNS is the internet’s phone book.

The system stores a set of “resource records,” which are the mappings from names to numbers, and splits these records across a hierarchy of “zones.” 

Delegate responsibility for owning and updating subsets of records.

Pointing to specific numeric addresses (such as A or AAAA records).

Address Mapping record (A Record)—also known as a DNS host record, stores a hostname and its corresponding IPv4 address.

Storing arbitrary data (such as TXT records).

A TXT record (short for text record) is a type of resource record in the Domain name system (DNS) used to provide the ability to associate arbitrary text with a host or other name, such as human readable information about a server, network, data center, or other accounting information

Storing aliases for other information (such as CNAME records).

A Canonical Name record (abbreviated as CNAME record) is a type of resource record in the Domain Name System (DNS) that maps one domain name (an alias) to another (the canonical name).

An A record might say that www.google.com maps to 207.237.69.117.

A CNAME record might say that storage.googleapis.com maps to storage.l.googleapis.com.

Because DNS is a distributed system and expected to be only eventually consistent (data might be stale from time to time), anyone can set up a server to act as a cache of DNS records.

Anyone can turn on their own DNS server (using a piece of software called BIND) and tell a registrar of domain names that the records for that domain name are stored on that particular server.

A Records. A Records are the most basic type of DNS record and are used to point a domain or subdomain to an IP address. Assigning a value to an A record is as simple as providing your DNS management panel with an IP address to where the domain or subdomain should point and a TTL.(Time To Live, or TTL for short, is the sort of expiration date that is put on a DNS record.).

A Records:

These are also called Address Records or sometimes Host Records. A record only resolves to IP addresses. These records point your domain to the IP address of your website or hosting. 

CNAME records can be used to alias one name to another. ... An A record for example.com pointing to the server IP address. ... A CNAME record must always point to another domain name, never directly to an IP address.

Creating a CNAME record

A CNAME record is a type of DNS record. It directs traffic that requests a URL from your domain to the resources you want to serve, in this case objects in your Cloud Storage buckets. For www.example.com, the CNAME record might contain the following information:

A Canonical Name record (abbreviated as CNAME record) is a type of resource record in the Domain Name System (DNS) that maps one domain name (an alias) to another (the canonical name).

13.1. What is Cloud DNS?

Google Cloud DNS is a managed service that acts as a DNS server and can answer DNS queries like other servers, such as BIND.

Manage your own DNS entries without running your own BIND server. 

Expose an API that makes it possible to manage DNS entries automatically.

An API for managing DNS entries, you can configure virtual machines to automatically register a new DNS entry at boot time giving you friendly names such as server1.mydomain.com.

BIND doesn’t support a modern API to make changes to DNS records.

Google Cloud DNS offers the same resources as BIND: zones (called “managed zones”) and records (called “resource record sets”). 

Each zone contains a collection of record sets, and each record set contains a collection of records.

Where a zone is defined by nothing more than a name (e.g., mydomain.com), a record set stores a name (e.g., www.mydomain.com), a “type” (such as A or CNAME), and a “time to live” (abbreviated as ttl).

Structure allows you to store several IP addresses for www.mydomain.com by setting multiple records in a record set of type A.

A zone is like the section delegated to a company that was described earlier (for example, Google, Inc.), a record set is equivalent to a single person working at the company (for example, Larry Page).

13.1.1. Example DNS entries

A name server (NS) record, which is responsible for delegating ownership to other servers;

Logical” (A or AAAA) records, which point to IP addresses of a server;

Canonical name” (CNAME) record, which acts as an alias of sorts for the domain entry.

Table 13.1. DNS entries by record set

Zone	Subdomain	Record set	Record
mydomain.com	ns1	A	10.0.0.1
	www	A	10.0.0.1
			10.0.0.2
		docs	CNAME

Manage these as “zone files,” which are text files stating in a special format the exact DNS records. 

$TTL    86400 ; 24 hours could have been written as 24h or 1d

$ORIGIN mydomain.com.

@  1D  IN  SOA ns1.mydomain.com. hostmaster.mydomain.com. (

                  2002022401 ; serial

                  3H ; refresh

                  15 ; retry

                  1w ; expire

                  3h ; nxdomain ttl

                 )

       IN  NS     ns1.mydomain.com. ; in the domain

ns1    IN  A      10.0.0.1

www    IN  A      10.0.0.1

www    IN  A      10.0.0.2

Docs   IN  CNAME  ghs.google.com.

Exposing an API to update these remotely and then reloading the DNS server is a nontrivial amount of work.

Cloud DNS does exactly this: exposing zones and record sets as resources that you can create and manage.

13.2. Interacting with Cloud DNS

Cloud DNS is an API that is ultimately equivalent to updating a BIND zone file and restarting the BIND server.

Enable the Cloud DNS API.

13.2.1. Using the Cloud Console

13.2.1. Using the Cloud Console

Exploration of Cloud DNS by creating a zone.

Network services in the Networking section.

Create Zone opens a form where you enter three different values:

What’s the difference between a DNS name and a “zone name”?.

The zone name is a unique ID inside Google Cloud that is similar to a Compute Engine instance ID.

DNS name is specific to the domain name system and refers to the subgroup of records for which this zone acts as a delegate.

The DNS name will be mydomain.com, which indicates that this zone will be responsible for every subdomain of mydomain.com.

These records are the default (and necessary) NS records that state that no further delegations of zones exists and anything inside mydomain.com should be handled by Google Cloud DNS name servers.

Add Record Set button at the top of the page.

Enter the DNS name of the record set.

A list of records (for example, an A record of 192.168.0.1).

Manage the records for the zone.

 

Create, the records are added to the list.

Make a regular DNS query for demo.mydomain.com.

Interested only in “our version” of this DNS record.

Ask Google Cloud DNS directly rather than the global network.

 Linux terminal utility called dig, aimed at a specific DNS server.

$ dig demo.mydomain.com @ns-cloud-b1.googledomains.com

# ... More information here ...

;; QUESTION SECTION:

;demo.mydomain.com.        IN    A

;; ANSWER SECTION:

demo.mydomain.com.    300    IN    A    192.168.0.1

demo.mydomain.com.    300    IN    A    192.168.0.2

Our two entries (192.168.0.1 and 192.168.0.2) are both there in the “ANSWER” section.

Own the domain name and update the DNS servers for the domain to be those shown in the NS section .

13.2.2. Using the Node.js client

Install the Cloud DNS client library by running npm install @google-cloud/dns@0.6.1. 

Update records on DNS entries is by using the concept of a “mutation” (called a change in Cloud DNS).

Apply modifications in a transactional way. 

Applying two related or dependent changes (for example, a new CNAME mapping along with the A record with an IP address).

Using the gcloud command line

Interact with our DNS records using the gcloud command-line tool,

which has a gcloud dns subcommand. 

Google Cloud unique name that we chose (mydomain-dot-com) and not the DNS name for the zone (mydomain.com).

$ gcloud dns record-sets list --zone mydomain-dot-com

NAME                TYPE   TTL    DATA

mydomain.com.       NS     21600  ns-cloud-b1.googledomains.com.,ns-cloud-

     b2.googledomains.com.,ns-cloud-b3.googledomains.com.,ns-cloud-

     b4.googledomains.com.

mydomain.com.       SOA    21600  ns-cloud-b1.googledomains.com. cloud-dns-

     hostmaster.google.com. 1 21600 3600 259200 300

demo.mydomain.com.  A      300    192.168.0.1,192.168.0.2

docs.mydomain.com.  CNAME  86400  ghs.google.com.

www.mydomain.com.   A      86400  10.0.0.1

Have an existing BIND server that you want to move to Cloud DNS, using the gcloud dns subcommand’s import functionality.

Importing BIND zone files

BIND-style zone file with your existing DNS records.

$TTL    86400 ; 24 hours could have been written as 24h or 1d

$ORIGIN mydomain.com.

@  1D  IN  SOA ns1.mydomain.com. hostmaster.mydomain.com. (

                  2002022401 ; serial

                  3H ; refresh

                  15 ; retry

                  1w ; expire

                  3h ; nxdomain ttl

                 )

       IN  NS     ns1.mydomain.com. ; in the domain

ns1    IN  A      10.0.0.91

www    IN  A      10.0.0.91

www    IN  A      10.0.0.92

docs   IN  CNAME  new.ghs.google.com.

We can use the import command with a special flag to replace all of our DNS records in the managed zone with the ones in our zone file.

$ gcloud dns record-sets list --zone mydomain-dot-com

NAME                TYPE   TTL    DATA

mydomain.com.       NS     21600  ns-cloud-b1.googledomains.com.,ns-cloud-

     b2.googledomains.com.,ns-cloud-b3.googledomains.com.,ns-cloud-

     b4.googledomains.com.

mydomain.com.       SOA    21600  ns-cloud-b1.googledomains.com. cloud-dns-

     hostmaster.google.com. 1 21600 3600 259200 300

demo.mydomain.com.  A      300    192.168.0.1,192.168.0.2

docs.mydomain.com.  CNAME  86400  ghs.google.com.

www.mydomain.com.   A      86400  10.0.0.1

Replace the records with the ones in our file.

$ gcloud dns record-sets import master.mydomain.com --zone mydomain-dot-com

> --delete-all-existing --replace-origin-ns --zone-file-format

Imported record-sets from [master.mydomain.com] into managed-zone [mydomain-

     dot-com].

Created [https://www.googleapis.com/dns/v1/projects/your-project-id-

     here/managedZones/mydomain-dot-com/changes/8].

ID  START_TIME                STATUS

8   2017-02-15T14:08:18.032Z  pending

gcloud command to “describe” the change.

$ gcloud dns record-sets changes describe 8 --zone mydomain-dot-com | grep

     status

status: done

Look at our updated records with the record-sets list directive.

$  gcloud dns record-sets list --zone mydomain-dot-com

NAME                TYPE   TTL    DATA

mydomain.com.       NS     86400  ns1.mydomain.com.

mydomain.com.       SOA    86400  ns-cloud-b1.googledomains.com.

     hostmaster.mydomain.com. 2002022401 10800 15 604800 10800

docs.mydomain.com.  CNAME  86400  new.ghs.google.com.

ns1.mydomain.com.   A      86400  10.0.0.91

www.mydomain.com.   A      86400  10.0.0.91,10.0.0.92s

13.3. Understanding pricing

Cloud DNS charges only for the resources and capacity that you use. In this case, the two factors to look at are the number of managed zones and the number of DNS queries handled.

20 cents per managed zone per month and 40 cents per million queries per month.

13.3.1. Personal DNS hosting

no more than 10 different domains being managed

Table 13.2. Personal DNS pricing summary

Resource	Count	Unit cost	Cost
1 managed zone	10	$0.20	$2.00
1 million DNS queries	10	$0.40	$4.00
Total			$6.00 per month

13.3.2. Startup business DNS hosting

typical startup, it’s common to have 20 different domains floating around to cover issues like separating user-provided content from the main service domain, vanity domain redirects, and so on

13.4. Case study: giving machines DNS names at boot

when a new virtual machine comes to life, it’s given some public-facing name so that you can access it from wherever you are 

Sometimes this is a public-facing IP address (e.g., 104.14.10.29), and other times it’s a special DNS name 

Summary

• DNS is a hierarchical storage system for tracking pointers of human-readable names to computer-understandable addresses.

• Cloud DNS is a hosted, highly available set of DNS servers with an API against which we can program.

• Cloud DNS charges prices based on the number of zones (domain names) and the number of DNS lookup requests.