{GCP Cloud DNS}ゾーンの作成、変更、削除

GCP

 


https://cloud.google.com/dns/docs/zones?hl=ja
https://dev.classmethod.jp/articles/20241030-clouddns-privatezone/

 

2つのVPCと2つのVMを作成
限定公開ゾーン作成
許可したVPCからのみ名前解決できるか確認

 

-- 1. 前作業

gcloud init
gcloud auth list

gcloud --version

gcloud projects create project01-9999999 \
--name="project01"

gcloud config list
gcloud config set project project01-9999999
gcloud config set compute/region asia-northeast1 --quiet
gcloud config set compute/zone asia-northeast1-a --quiet

gcloud beta billing accounts list
gcloud beta billing projects link project01-9999999 --billing-account=111111-111111-111111

gcloud services enable compute.googleapis.com --project project01-9999999

gcloud components update

 

-- 2. vpcの作成

gcloud compute networks create vpc01 \
--subnet-mode custom


gcloud compute firewall-rules create fw01 \
--network vpc01 \
--allow tcp:22


gcloud compute networks subnets create subnet01 \
--network vpc01 \
--range 10.0.1.0/24 \
--region asia-northeast1


gcloud compute networks create vpc02 \
--subnet-mode custom

gcloud compute firewall-rules create fw02 \
--network vpc02 \
--allow tcp:22

gcloud compute networks subnets create subnet02 \
--network vpc02 \
--range 10.0.2.0/24 \
--region asia-northeast1


gcloud compute networks list
gcloud compute firewall-rules list
gcloud compute networks subnets list


-- 3. vmの作成

gcloud compute instances create vm01 \
--zone=asia-northeast1-a \
--machine-type=e2-micro \
--image-family debian-11 \
--image-project debian-cloud \
--network vpc01 \
--subnet subnet01 \
--provisioning-model=SPOT \
--instance-termination-action=DELETE

gcloud compute instances create vm02 \
--zone=asia-northeast1-a \
--machine-type=e2-micro \
--image-family debian-11 \
--image-project debian-cloud \
--network vpc02 \
--subnet subnet02 \
--provisioning-model=SPOT \
--instance-termination-action=DELETE


gcloud compute instances list

 

 

-- 4. 限定公開ゾーンを作成


gcloud services enable dns.googleapis.com


gcloud dns managed-zones create mz01 \
--description=mz01 \
--dns-name=test99999999.internal \
--networks=vpc01 \
--labels=key1=val1 \
--visibility=private


gcloud dns managed-zones list

gcloud dns managed-zones describe mz01

 

-- 5. 動作確認

gcloud compute ssh vm01
gcloud compute ssh vm02


sudo apt-get install -y dnsutils
dig test99999999.internal


-- 6. クリーンアップ

gcloud compute instances delete vm01 --quiet
gcloud compute instances delete vm02 --quiet


touch empty-file

gcloud dns record-sets import \
-z mz01 \
--delete-all-existing empty-file 

rm empty-file

gcloud dns managed-zones delete mz01

 

gcloud projects list

gcloud projects delete project01-9999999 \
--quiet


gcloud beta billing projects unlink project01-9999999