CNAME not working with GKE

GShinji62 · 09-10-2024 01:57 AM

Hi,

I have created 2 Private Service Connect for example test.region-psc.mydomain.com and test2.region-psc.mydomain.com

My main domain is <URL removed by staff> and I have create a CNAME record which point to one of them for example

main.psc.mydomain.com CNAME test.region-psc.mydomain.com

When I try on a GCE instance (debian12) If I do dig and nslookup of main.psc.mydomain.com I do get

main.psc.mydomain.com . 300 IN CNAME test.region-psc.mydomain.com then when I dig test.region-psc.mydomain.com I do get my internal IP as this is a PSC

Now when I try on a GKE cluster which is in the same Network as my GCE instance dig is working and nslookup is not working and my application can not resolve main.psc.mydomain.com

If I try to nslookup directly test.region-psc.mydomain.com is works.

So I don't understand why the cname resolution on main.psc.mydomain.com is failing for lookup.

GKE cluster is a standard cluster, using kubedns

kensan

Hi @GShinji62 ,

Welcome to Google Cloud Community!

This is the most frequent issue with CNAME chasing in GCP. It involves transitions between private and public domains.

Based on the documentation, the current feature set does not support CNAME chasing from a private zone to any other zone. As a workaround, you might consider adding an A record to the Cloud DNS Private Zone or replacing the CNAME with an A record.

You may review this documentation for further references.

For more detailed insights, kindly reach out to Google Cloud Support.

I hope the above information is helpful.