GCP Internal DNS resolution failure from CloudBuil...

seyoungsong2021 · 01-16-2023 12:14 PM

From CloudBuild step, I tested curl.
It can fetch from public site like www.google.com, but DNS resolution fails for site on GCE instance using internal Zonal DNS url.
How to make CloudBuild can communicate with internal custom services running on GCE instance using internal DNS url?

Thanks

kolban

I'll make a guess .... my loose understanding is that when you submit a job to Cloud Build, the job executes on a machine that is in a public pool of machines that Google provisions for running Cloud Build jobs. These machines have no connectivity/access to your VPCs which implies (to me) that they won't be able to resolve DNS names for machines on the VPC (since they are private IP addresses in the first place). If you want your Cloud Build jobs to interact with your Compute Engines, they will need a path to the VPC against which the Compute Engines are attached. This seems to lead us to the concept of "Private Pools". I personally haven't studied those but on a cursory read, it looks/feels like the path forward.

https://cloud.google.com/build/docs/private-pools/private-pools-overview

seyoungsong2021

I have tried private worker pool in the same project, region and zone but internal DNS resolution was failed.

digantakoner

@seyoungsong2021 Were you able to resolve this issue? I have bumped into the same problem.

GCP Internal DNS resolution failure from CloudBuild step image