קל לארגן דפים בעזרת אוספים
אפשר לשמור ולסווג תוכן על סמך ההעדפות שלך.
בדף הזה מוסבר איך להשתמש ב-Cloud DNS כדי להגדיר תחום ברמת האזור של אשכולות Google Kubernetes Engine (GKE).
כדי להגדיר תחום DNS ברמת האזור של אשכול GKE באמצעות Cloud DNS, קודם צריך לבחור תחום DNS פרטי קיים או ליצור תחום DNS פרטי חדש שאליו מחברים אשכול GKE ספציפי. בשלב הבא מגדירים את תחום ה-DNS כך שיפנה לשם של אשכול GKE.
[[["התוכן קל להבנה","easyToUnderstand","thumb-up"],["התוכן עזר לי לפתור בעיה","solvedMyProblem","thumb-up"],["סיבה אחרת","otherUp","thumb-up"]],[["התוכן קשה להבנה","hardToUnderstand","thumb-down"],["שגיאות בקוד לדוגמה או במידע","incorrectInformationOrSampleCode","thumb-down"],["חסרים לי פרטים או דוגמאות","missingTheInformationSamplesINeed","thumb-down"],["בעיה בתרגום","translationIssue","thumb-down"],["סיבה אחרת","otherDown","thumb-down"]],["עדכון אחרון: 2025-06-27 (שעון UTC)."],[[["\u003cp\u003eThis guide details the process of configuring a zonal Google Kubernetes Engine (GKE) cluster-scoped zone using Cloud DNS.\u003c/p\u003e\n"],["\u003cp\u003eYou can create a new managed zonal private zone for a zonal GKE cluster through the \u003ccode\u003egcloud dns managed-zones create\u003c/code\u003e command or the \u003ccode\u003emanagedZones.create\u003c/code\u003e API method.\u003c/p\u003e\n"],["\u003cp\u003eTo authorize a zonal GKE cluster to query an existing Cloud DNS private zone, use the \u003ccode\u003egcloud dns managed-zones update\u003c/code\u003e command or the \u003ccode\u003emanagedZones.patch\u003c/code\u003e API method.\u003c/p\u003e\n"],["\u003cp\u003eTo configure the zonal GKE cluster to query a zonal response policy, you can use the \u003ccode\u003egcloud dns response-policies create\u003c/code\u003e command or the \u003ccode\u003eresponsePolicies.create\u003c/code\u003e API method.\u003c/p\u003e\n"]]],[],null,["# Configure a zonal GKE cluster-scoped zone\n\nThis page describes how to use Cloud DNS to configure a zonal\nGoogle Kubernetes Engine (GKE) cluster-scope zone.\n\nTo configure a zonal GKE cluster-scoped DNS zone using\nCloud DNS, first choose an existing private DNS zone or create a new\nprivate DNS zone to which to attach a specific GKE cluster. Next,\nconfigure the DNS zone to reference the GKE cluster's name.\n\nFor an overview of zonal Cloud DNS zones, see [Zonal\nCloud DNS zones](/dns/docs/zones/zones-overview#zonal_zones). To learn\nmore about scopes, see [Scopes and hierarchies](/dns/docs/scopes).\n\nCreate a zonal private zone for the zonal GKE cluster\n-----------------------------------------------------\n\nTo create a new managed zonal private zone using Cloud DNS for the zonal\nGKE cluster, follow this step. \n\n### gcloud\n\nRun the\n[`gcloud dns managed-zones create`\ncommand](/sdk/gcloud/reference/dns/managed-zones/create): \n\n```\ngcloud dns managed-zones create NAME \\\n --description=DESCRIPTION \\\n --visibility=private \\\n --gkeclusters=GKE_CLUSTER \\\n --location=LOCATION\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eNAME\u003c/var\u003e: a name for your zone\n- \u003cvar translate=\"no\"\u003eDESCRIPTION\u003c/var\u003e: a description for your zone\n- \u003cvar translate=\"no\"\u003eGKE_CLUSTER\u003c/var\u003e: the fully qualified resource path of a GKE cluster, such as `projects/my-project/locations/us-east1-b/clusters/my-cluster`\n- \u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e: the location of the GKE cluster, specifically the [Google Cloud\n zone](/compute/docs/regions-zones#available) where the cluster is located, such as `us-east1-b`\n\n### API\n\nSend a `POST` request by using the\n[`managedZones.create`](/dns/docs/reference/v1/managedZones/create) method: \n\n```\nPOST https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones\n{\n\n\"name\": \"NAME\",\n\"description\": \"DESCRIPTION\",\n\"dnsName\": \"DNS_NAME\",\n\"visibility\": \"private\"\n\"privateVisibilityConfig\": {\n \"kind\": \"dns#managedZonePrivateVisibilityConfig\",\n \"gkeClusters\": [{\n \"kind\": \"dns#managedZonePrivateVisibilityConfigGKEClusters\",\n \"gkeClusterName\": GKE_CLUSTER_NAME_1\n },\n {\n \"kind\": \"dns#managedZonePrivateVisibilityConfigGKEClusters\",\n \"gkeClusterName\": GKE_CLUSTER_NAME_2\n },\n ....\n ]\n }\n}\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the project where you have created the managed zone\n- \u003cvar translate=\"no\"\u003eNAME\u003c/var\u003e: a name for your zone\n- \u003cvar translate=\"no\"\u003eDESCRIPTION\u003c/var\u003e: a description for your zone\n- \u003cvar translate=\"no\"\u003eDNS_NAME\u003c/var\u003e: the DNS suffix for your zone, such as `example.private`\n- \u003cvar translate=\"no\"\u003eGKE_CLUSTER_NAME_1\u003c/var\u003e and \u003cvar translate=\"no\"\u003eGKE_CLUSTER_NAME_2\u003c/var\u003e: the fully qualified resource path of a GKE cluster, such as `projects/my-project/locations/us-east1-b/clusters/my-cluster`\n\nAuthorize the zonal GKE cluster to query a Cloud DNS private zone\n-----------------------------------------------------------------\n\nTo authorize the zonal GKE\ncluster to query an existing Cloud DNS private zone, follow this step. \n\n### gcloud\n\nRun the\n[`gcloud dns managed-zones update`\ncommand](/sdk/gcloud/reference/dns/managed-zones/update): \n\n```\ngcloud dns managed-zones update NAME \\\n --gkeclusters=GKE_CLUSTER \\\n --location=LOCATION\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eNAME\u003c/var\u003e: the name of your zone, such as `my-zone`\n- \u003cvar translate=\"no\"\u003eGKE_CLUSTER\u003c/var\u003e: the fully qualified resource path of a GKE cluster, such as `projects/my-project/locations/us-east1-b/clusters/my-cluster`\n- \u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e: the location of the GKE cluster, specifically the [Google Cloud\n zone](/compute/docs/regions-zones#available) where the cluster is located, such as `us-east1-b`. The managed zone is only visible in this Google Cloud zone.\n\n### API\n\nSend a `PATCH` request by using the\n[`managedZones.patch`](/dns/docs/reference/v1/managedZones/patch) method: \n\n```\nPATCH https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones/NAME\n{\n\"privateVisibilityConfig\": {\n \"gkeClusters\": [{\n \"kind\": \"dns#managedZonePrivateVisibilityConfigGKEClusters\",\n \"gkeClusterName\": GKE_CLUSTER_NAME_1\n },\n {\n \"kind\": \"dns#managedZonePrivateVisibilityConfigGKEClusters\",\n \"gkeClusterName\": GKE_CLUSTER_NAME_2\n },\n ....\n ]\n }\n}\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the project where you have created the managed zone\n- \u003cvar translate=\"no\"\u003eNAME\u003c/var\u003e: the name of your zone, such as `my-zone`\n- \u003cvar translate=\"no\"\u003eGKE_CLUSTER_NAME_1\u003c/var\u003e and \u003cvar translate=\"no\"\u003eGKE_CLUSTER_NAME_2\u003c/var\u003e: the fully qualified resource path of a GKE cluster, such as `projects/my-project/locations/us-east1-b/clusters/my-cluster`\n\nConfigure the zonal GKE cluster to query a zonal response policy\n----------------------------------------------------------------\n\nTo configure the zonal GKE\ncluster to query a zonal response policy, follow this step. \n\n### gcloud\n\nRun the\n[`gcloud dns response-policies create`\ncommand](/sdk/gcloud/reference/dns/response-policies/create): \n\n```\ngcloud dns response-policies create NAME \\\n --description=DESCRIPTION \\\n --gkeclusters=GKE_CLUSTER \\\n --location=LOCATION\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eNAME\u003c/var\u003e: a name for your response policy, such as `my-response-policy`\n- \u003cvar translate=\"no\"\u003eDESCRIPTION\u003c/var\u003e: a description for your response policy, such as `my-response-policy-for-gke-5`\n- \u003cvar translate=\"no\"\u003eGKE_CLUSTER\u003c/var\u003e: the fully qualified resource path of a GKE cluster, such as `projects/my-project/locations/us-east1-b/clusters/my-cluster`\n- \u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e: the location of the GKE cluster, specifically the [Google Cloud\n zone](/compute/docs/regions-zones#available) where the cluster is located, such as `us-east1-b`. The managed zone is only visible in this Google Cloud zone.\n\n### API\n\nSend a `POST` request by using the\n[`responsePolicies.create`](/dns/docs/reference/v1/responsePolicies/create) method: \n\n```\nPOST https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/responsePolicies\n{\n \"responsePolicyName\": \"NAME\",\n \"description\": \"DESCRIPTION\",\n \"gkeClusters\": [\n {\n \"kind\": \"dns#responsePolicyGKECluster\",\n \"gkeClusterName\": \"GKE_CLUSTER\"\n },\n ]\n}\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eNAME\u003c/var\u003e: a name for your response policy, such as `my-response-policy`\n- \u003cvar translate=\"no\"\u003eDESCRIPTION\u003c/var\u003e: a description for your response policy, such as `my-response-policy-for-gke-5`\n- \u003cvar translate=\"no\"\u003eGKE_CLUSTER\u003c/var\u003e: the fully qualified resource path of a GKE cluster, such as `projects/my-project/locations/us-east1-b/clusters/my-cluster`\n\nWhat's next\n-----------\n\n- To find solutions for common issues that you might encounter when using Cloud DNS, see [Troubleshooting](/dns/docs/troubleshooting).\n- To learn more about Cloud DNS response policies and rules, see [Manage response policies and rules](/dns/docs/zones/manage-response-policies).\n- To display an audit log of operations, see [View operations on managed zones](/dns/docs/zones/operations)."]]