Configuring DNS to resolve run.app domains for mak...

jmkernes1234 · 10-16-2023 09:33 PM

I'm attempting to connect cloud run services by routing requests through my VPC, and I'm following the documentation here. Towards the bottom, the article gives three options for routing Cloud Run routes through the VPC network. The third option states

Enable Private Google Access on the subnet associated with the source service and configure DNS to resolve run.app URLs to the private.googleapis.com (199.36.153.8/30) or restricted.googleapis.com (199.36.153.4/30) ranges. Requests to these ranges are routed through the VPC network

But I've been unable to find any documentation on how to do this. I was hoping to get some help here please.

jmkernes1234

I was able to get this working by creating two managed zones for private.googleapis.com and for run.app, then creating an A record for the private.googleapis.com subdomain to point to the IPs listed in this post, then two CNAMEs for pointing both *.googleapis.com and *run.app to private.googleapis.com, each using their respective managed zone.

I think it would be nice to have some documentation on this though, so that others won't struggle as much (and of hopefully better quality than what I have).

nolanle94

can you help to list all the steps to configure? because I got some problem to config dns for the cloud run service after I change it to internal.

VannGuce

So glad that you are able to find the solution in your concern and I do agree with the sentiment also the configuration that you have shared. I just want to add this one up for the community to see on how to configure A record in a DNS using Cloud DNS[1] as example.

[1]https://cloud.google.com/dns/docs/set-up-dns-records-domain-name

Configuring DNS to resolve run.app domains for making run.app cloud run services use VPC