Configuring Private Domain Name Resolution for ECSs
Scenarios
If you have deployed ECSs and other cloud services in a VPC, you can configure private domain names for the ECSs so that they can communicate with each other or access the cloud services over a private network.
The following are operations for you to create a private zone and add an A record set to it.
Process
Step |
Description |
---|---|
Before configuring a private domain name for an ECS, you need to sign up for a HUAWEI ID, enable Huawei Cloud services, complete real-name authentication, and top up your account. |
|
Create a private zone to access the ECS using a private domain name. |
|
After a private zone is created, you need to add an A record set for the zone. |
|
To make the private zone and its record sets take effect in a VPC, ensure that the VPC subnets use the private DNS server addresses provided by the DNS service. |
|
Verify that the configuration takes effect. |
Preparations
Before configuring private domain name resolution for ECSs, sign up for a HUAWEI ID, enable Huawei Cloud services, complete real-name authentication, top up your account, deploy ECSs, and obtain the VPC name and private IP addresses of ECSs.
- Sign up for a HUAWEI ID.
For details, see Sign up for a HUAWEI ID and enable Huawei Cloud services.
- Complete real-name authentication.
For details, see Real-Name Authentication.
If you have enabled Huawei Cloud services and completed real-name authentication, skip this step.
- Top up your account.
For details, see Topping up an Account.
- Deploy an ECS and obtain its VPC name and private IP address.
Step 1: Create a Private Zone
Before using a private domain name (for example, example.com) to access an ECS, you need to create a private zone.
- Go to the Private Zones page.
- Click on the upper left and select the desired region and project.
- In the upper right corner of the page, click Create Private Zone.
- On the Create Private Zone page, configure parameters as prompted. For details, see Creating a Private Zone.
Table 1 Parameters for creating a private zone Parameter
Example Value
Description
Domain Name
example.com
Domain name you have planned for the ECS.
You can enter a top-level domain that complies with the domain naming rules.
For details about the domain name format, see Domain Name Format and DNS Hierarchy.
Recursive resolution proxy for subdomains
Selected
If you select this option, when you query subdomains that are not configured in the zone namespace, DNS will recursively resolve the subdomains on the Internet and use the result from authoritative DNS servers.
VPC
-
VPC to be associated with the private zone.
NOTE:This VPC must be the same as the VPC where your other cloud resources are deployed. If the VPC is different, the domain name cannot be resolved.
Tag
example_key1
example_value1
Tag that will be added to classify and identify the private zone.
Description
This is a zone example.
Supplementary information about the private zone.
- Click OK.
- Switch back to the Private Zones page.
You can view the created private zone in the private zone list.
You can click the domain name to view SOA and NS record sets automatically added to the zone.
- The SOA record set includes administrative information about your zone, as defined by the Domain Name System (DNS).
- The NS record set defines the authoritative DNS servers for the domain name.
Step 2: Add an A Record Set
Add an A record set for the created private zone.
- On the Private Zones page, locate the private zone you created and click the domain name.
The Record Sets tab is displayed.
- In the upper right corner of the page, click Add Record Set.
- Configure the parameters as follows:
- Name: Leave this parameter blank. This is a record set for the domain name, which is example.com.
- Type: Retain the default setting A – Map domains to IPv4 addresses.
- Value: Enter the private IP address of the ECS.
Configure other parameters by referring to Adding an A Record Set.
Table 2 Parameters for adding a record set Parameter
Example Value
Description
Name
www
Prefix of the domain name to be resolved.
For example, if the domain name is example.com, the prefix can be as follows:
- www: The domain name is www.example.com, which is usually used for a website.
- Left blank: The domain name is example.com, which is usually used for a website.
To use an at sign (@) as the domain name prefix, just leave this parameter blank.
- abc: The domain name is abc.example.com, a subdomain of example.com.
- mail: The domain name is mail.example.com, which is usually used for email servers.
- *: The domain name is *.example.com, which is a wildcard domain name, indicating all subdomains of example.com.
Type
A – Map domains to IPv4 addresses
Type of the record set.
A message may be displayed, indicating that the record set you are trying to add conflicts with an existing record set of the zone.
For details, see Why Is a Message Indicating Conflict with an Existing Record Set Displayed When I Add a Record Set?
TTL (s)
300
Cache duration of the record set on a local DNS server, in seconds.
The default value is 300. The value ranges from 1 to 2147483647.
If your service address changes frequently, set TTL to a smaller value.
Learn more about TTL.
Value
192.168.12.2
192.168.12.3
IPv4 addresses mapped to the domain name.
You can enter up to 50 values, each on a separate line.
Tag
example_key1
example_value1
Tag that will be added to classify and identify the record set.
Description
-
Supplementary information about the record set.
- Click OK.
- Switch back to the Record Sets tab.
The added record set is in the Normal state.
Step 3: Change the DNS Servers for the VPC Subnet
To make the private zone and its record sets take effect in a VPC, ensure that the VPC subnets use the private DNS server addresses provided by the DNS service. For DNS server addresses for each region, see What Are Huawei Cloud Private DNS Servers? If the DNS server addresses are not those provided by the Huawei Cloud DNS service, change them.
- View the private DNS server addresses for the VPC subnet.
- Go to the Private Zones page.
- Click on the upper left and select the desired region and project.
- In the private zone list, locate the private zone and click the domain name.
View the private DNS server addresses for the VPC subnet on the top of the record set list.
- Check whether the private DNS server addresses are the same as those provided by Huawei Cloud. If they are different, go to 2.
- Change the private DNS server addresses for the VPC subnet.
- Go to the private zone list.
- Click the VPC name in the Associated VPC column.
On the VPC console, change the DNS server addresses for the VPC subnet.
For details, see Modifying a Subnet.
Step 4: Check Whether the Record Set Takes Effect
For details, see How Do I Check Whether Record Sets Have Taken Effect?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot