Example 2: Creating a Private Zone
Scenarios
If you want users to access your ECSs using private domain names so that the ECSs are not exposed to the Internet, you can create private zones in the DNS service and add A record sets for the zone.
This topic describes how to create a private zone by calling the API in Creating a Private Zone and create a record set by calling the API in Creating a Record Set. For details about how to call APIs, see Calling APIs.
The token obtained from IAM is valid for only 24 hours. If you want to use one token for authentication, you can cache it to avoid frequently calling the IAM API.
Prerequisites
You have planned the region where you want to use private domain names and determined the endpoint for calling an API based on the region.
Involved APIs
You need to obtain a token and add X-Auth-Token to the request header of API calls.
- IAM API for obtaining a token
- DNS API for creating a private zone
- DNS API for creating a record set
Procedure
- Obtain the token by referring to Authentication.
- Add Content-Type and X-Auth-Token in the request header.
- Specify the following parameters in the request body:
{ "name": "example.com.", // Zone name (mandatory, string) "description": "This is an example zone.", // Description of the zone (optional, string) "zone_type": "private", // Zone type (mandatory, string) "email": "xx@example.com" // Email address of the domain name administrator (optional, string) "router": { "router_id": "19664294-0bf6-4271-ad3a-94b8c79c6558", // VPC ID (mandatory, string) "router_region": "xx" // Region of the VPC (optional, string) } }
- Send a request POST https://DNS endpoint/v2/zones.
- Check the response.
- The request result may be successful or failed in the response.
- If the request fails, an error code and error information are returned. For details, see Error Codes.
- For details about parameters in the response, see Creating a Private Zone.
- For details about general return codes in the response, see Status Code.
The following is an example response of a successful request:
STATUS CODE 202
{ "id": "ff8080825b8fc86c015b94bc6f8712c3", "name": "example.com.", "description": "This is an example zone.", "email": "xx@example.com", "ttl": 300, "serial": 1, "masters": [], "status": "PENDING_CREATE", "links": { "self": "https://Endpoint/v2/zones/ff8080825b8fc86c015b94bc6f8712c3" }, "pool_id": "ff8080825ab738f4015ab7513298010e", "project_id": "e55c6f3dc4e34c9f86353b664ae0e70c", "zone_type": "private", "created_at": "2017-04-22T08:17:08.997", "updated_at": null, "record_num": 0, "router": { "status": "PENDING_CREATE", "router_id": "19664294-0bf6-4271-ad3a-94b8c79c6558", "router_region": "xx" } }
- Add Content-Type and X-Auth-Token in the request header.
- Specify the following parameters in the request body:
{ "name": example.com.", // Record set name (mandatory, string) "description": "This is an example record set.", // Description of the record set (optional, string) "type": "A", // Record set type (mandatory, string) "ttl": 3600, // Caching duration of the record set (optional, integer) "records": [ "192.168.10.1", "192.168.10.2" ] // Values of the record set (mandatory, list<string>) }
- Send a request POST https://DNS endpoint/v2/zones/{zone_id}/recordsets, where zone_id is the ID of the zone to which the record set is to be added.
- Check the response.
STATUS CODE 202
{ "id": "2c9eb155587228570158722b6ac30007", "name": "example.com.", "description": "This is an example record set.", "type": "A", "ttl": 300, "records": [ "192.168.10.1", "192.168.10.2" ], "status": "PENDING_CREATE", "links": { "self": "https://Endpoint/v2/zones/2c9eb155587194ec01587224c9f90149/recordsets/2c9eb155587228570158722b6ac30007" }, "zone_id": "ff8080825b8fc86c015b94bc6f8712c3", "zone_name": "example.com.", "create_at": "2017-04-22T08:17:08.997", "update_at": null, "default": false, "project_id": "e55c6f3dc4e34c9f86353b664ae0e70c" }
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.