This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

CloudBuild Private Pool unable to reach Cloud DNS

Posted on 06-30-2023 12:10 AM
digantakoner
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Hello Everyone,

We have a situation wherein the CloudBuild private pool is not able to reach the Private Cloud DNS Zone.

Description of the environment-

A cloudbuild private worker pool is configured to run builds as per triggers configured in cloudbuild. The worker pool has a ip range of 10.193.164.0/22. The subnet is connected to a VPC network using Private Service Connection. A VM is hosted on the same VPC network which exposes couple of APIs. There is a private DNS zone setup in Cloud DNS which provides the DNS resolution for the network.

Issue-

CloudBuild private pool is able to access the API exposed by the VM using the ip address of the VM. However, when the hostname is used, the DNS resolution fails and cloudbuild worker pool is unable to access the VM.

Ask-

Is there a way to configure Cloud Build private pool so that it can leverage Cloud DNS to resolve the VM name?

Thank You,

Diganta Koner

Solved Solved
2 9 3,270
Jump to Solution
Reply
2 ACCEPTED SOLUTIONS

Posted on --/--/---- --:-- AM
michael_li
Bronze 3
Bronze 3
In response to digantakoner
Reply posted on --/--/---- --:-- AM

@digantakoner Thank you for the information. I have tested it with the following terraform code example, and it works. The private cloudBiuld worker can use my private DNS zone and is able to connect to the VMs in my VPC network.

## Uncomment this block after adding a valid DNS suffix

# resource "google_service_networking_peered_dns_domain" "default" {
#   name       = "example-com"
#   network    = google_compute_network.peering_network.name
#   dns_suffix = "example.com."
#   service    = "servicenetworking.googleapis.com"
# }

 

View solution in original post

Jump to Solution
Reply

Posted on --/--/---- --:-- AM
michael_li
Bronze 3
Bronze 3
In response to digantakoner
Reply posted on --/--/---- --:-- AM

 

Here are the cloud build trigger steps I tested for the connection.

steps:
  - name: gcr.io/cloud-builders/git
    args:
      - '-c'
      - |
        apt-get update
        apt-get install dnsutils -y
        echo "dig test.example.com ..."
        dig test.example.com
        curl test.example.com
    id: check the private DNS zone and the private connection
    entrypoint: bash
options:
  workerPool: >-
    projects/myporject/locations/us-east4/workerPools/myproject-mynetwork-cloud-build-worker-pool

 

 

 

View solution in original post

Jump to Solution
Reply
9 REPLIES 9
Top Labels in this Space
Top Solution Authors
View all