Configure domain names with static IP addresses

This tutorial demonstrates how to use Google Kubernetes Engine (GKE) to expose your web application to the internet on a static external IP address and configure a domain name to point to your application.

This tutorial assumes you own a registered domain name, such as example.com.

Objectives

This tutorial demonstrates the following steps:

  • Reserve a static external IP address for your application
  • Configure either Service or Ingress resources to use the static IP address
  • Update DNS records of your domain name to point to your application

Costs

In this document, you use the following billable components of Google Cloud:

To generate a cost estimate based on your projected usage, use the pricing calculator. New Google Cloud users might be eligible for a free trial.

When you finish the tasks that are described in this document, you can avoid continued billing by deleting the resources that you created. For more information, see Clean up.

Before you begin

Take the following steps to enable the Kubernetes Engine API:
  1. Visit the Kubernetes Engine page in the Google Cloud console.
  2. Create or select a project.
  3. Wait for the API and related services to be enabled. This can take several minutes.

  4. Make sure that billing is enabled for your Google Cloud project.

Install the following command-line tools used in this tutorial:

  • gcloud is used to create and delete Kubernetes Engine clusters. gcloud is included in the gcloud CLI.
  • kubectl is used to manage Kubernetes, the cluster orchestration system used by Kubernetes Engine. You can install kubectl using gcloud: 
    gcloud components install kubectl

Clone the sample code from GitHub:

git clone https://github.com/GoogleCloudPlatform/kubernetes-engine-samples
cd kubernetes-engine-samples/quickstarts/hello-app/manifests

Set defaults for the gcloud command-line tool

To save time typing your project ID and Compute Engine zone options in the gcloud command-line tool, you can set the defaults: 
gcloud config set project project-id
gcloud config set compute/zone compute-zone

Create a cluster

Create a cluster:

gcloud container clusters create-auto domain-test

Deploy your web application

The following manifest describes a Deployment that runs a sample web application container image:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: helloweb
  labels:
    app: hello
spec:
  selector:
    matchLabels:
      app: hello
      tier: web
  template:
    metadata:
      labels:
        app: hello
        tier: web
    spec:
      containers:
      - name: hello-app
        image: us-docker.pkg.dev/google-samples/containers/gke/hello-app:1.0
        ports:
        - containerPort: 8080
        resources:
          requests:
            cpu: 200m

Create the Deployment:

kubectl apply -f helloweb-deployment.yaml

Expose your application

You can expose your application on GKE using either of the following methods:

To learn more about the advantages and disadvantages of each method, see Setting up an external Application Load Balancer with Ingress.

Use a Service

To ensure that your application has a static external IP address, you must reserve a static IP address.

If you choose to expose your application using a Service, you must create a regional IP address. Global IP addresses only work with Ingress resource type, as explained in the next section.

To use a Service, create a static IP address named helloweb-ip in the region us-central1:

gcloud 

gcloud compute addresses create helloweb-ip --region us-central1

Find the static IP address that you created:

gcloud compute addresses describe helloweb-ip --region us-central1

The output is similar to the following:

...
address: 203.0.113.32
...

Config Connector

Note: This step requires Config Connector. Follow the installation instructions to install Config Connector on your cluster.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
  name: helloweb-ip
spec:
  location: us-central1

Save the manifest as compute-address-regional.yaml.

Apply the manifest to your cluster:

  kubectl apply -f compute-address-regional.yaml

Find the static IP address that you created:

  kubectl get computeaddress helloweb-ip -o jsonpath='{.spec.address}'

The following manifest describes a Service of type LoadBalancer, which creates an external passthrough Network Load Balancer to expose Pods with an external IP address.

Replace YOUR.IP.ADDRESS.HERE with the static IP address:

apiVersion: v1
kind: Service
metadata:
  name: helloweb
  labels:
    app: hello
spec:
  selector:
    app: hello
    tier: web
  ports:
  - port: 80
    targetPort: 8080
  type: LoadBalancer
  loadBalancerIP: "YOUR.IP.ADDRESS.HERE"

Create the Service:

kubectl apply -f helloweb-service-static-ip.yaml

View the reserved IP address associated with the load balancer:

kubectl get service

The output is similar to the following:

NAME               CLUSTER-IP      EXTERNAL-IP      PORT(S)          AGE
helloweb           10.31.254.176   203.0.113.32     80:30690/TCP     54s

Use an Ingress

If you choose to expose your application using an Ingress, you must reserve a global static IP address. Use the annotation kubernetes.io/ingress.global-static-ip-name to specify a global IP address.

To expose your application to clients and services in a region, use a regional static internal IP address while deploying an internal ingress resource for GKE along with the required annotations.

To learn how to use Ingress to expose your applications to the internet, see Setting up an external Application Load Balancer with Ingress.

To create a global static IP address named helloweb-ip:

gcloud

gcloud compute addresses create helloweb-ip --global

Find the static IP address that you created:

gcloud compute addresses describe helloweb-ip --global

The output is similar to the following:

...
address: 203.0.113.32
...

Config Connector

Note: This step requires Config Connector. Follow the installation instructions to install Config Connector on your cluster.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
  name: helloweb-ip
spec:
  location: global

Save the manifest as compute-address-global.yaml.

Apply the manifest to your cluster:

  kubectl apply -f compute-address-global.yaml

The following manifest describes an Ingress that exposes a web application on a static IP with two resources:

  • A Service with type:NodePort
  • An Ingress configured with the service name and static IP annotation
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: helloweb
  annotations:
    kubernetes.io/ingress.global-static-ip-name: helloweb-ip
  labels:
    app: hello
spec:
  defaultBackend:
    service:
      name: helloweb-backend
      port:
        number: 8080
---
apiVersion: v1
kind: Service
metadata:
  name: helloweb-backend
  labels:
    app: hello
spec:
  type: NodePort
  selector:
    app: hello
    tier: web
  ports:
  - port: 8080
    targetPort: 8080

The kubernetes.io/ingress.global-static-ip-name annotation specifies the name of the global IP address resource to be associated with the load balancer.

Apply the manifest to your cluster:

kubectl apply -f helloweb-ingress-static-ip.yaml

View the IP address associated with the load balancer:

kubectl get ingress

The output is similar to the following

NAME       HOSTS     ADDRESS          PORTS     AGE
helloweb   *         203.0.113.32     80        4m

View your reserved static IP address

To verify that the load balancer is configured correctly, you can either use a web browser to visit the IP address or use curl:

curl http://203.0.113.32/

The output is similar to the following:

Hello, world!
Hostname: helloweb-3766687455-8lvqv

Configure your domain name records

To have browsers querying your domain name, such as example.com, or subdomain name, such as blog.example.com, point to the static IP address you reserved, you must update the DNS (Domain Name Server) records of your domain name.

You must create an A (Address) type DNS record for your domain or subdomain name and have its value configured with the reserved IP address

DNS records of your domain are managed by your name server. Your name server might be the "registrar" where you registered your domain, a DNS service such as Cloud DNS, or another third-party provider.

  • If your nameserver is Cloud DNS: Follow Cloud DNS Quickstart guide to configure DNS A record for your domain name with the reserved IP address of your application.

  • If your nameserver is another provider: Refer to your DNS providers documentation on setting DNS A records to configure your domain name. If you choose to use Cloud DNS instead, refer to Migrating to Cloud DNS.

Visit your domain name

To verify that your domain name's DNS A records resolve to the IP address you reserved, visit your domain name.

To make a DNS query for your domain name's A record, run the host command:

host example.com

The output is similar to the following:

example.com has address 203.0.113.32

You can now point your web browser to your domain name and visit your website.

Clean up

To avoid incurring charges to your Google Cloud account for the resources used in this tutorial, either delete the project that contains the resources, or keep the project and delete the individual resources.

  1. Delete the Service and Ingress:

    kubectl delete ingress,service -l app=hello

  2. Release the reserved static IP. After the load balancer is deleted, the unused but reserved IP address is billed per unused IP address pricing.

    • If you used a Service:

      gcloud compute addresses delete helloweb-ip --region us-central1

    • If you used an Ingress:

      gcloud compute addresses delete helloweb-ip --global

  3. Delete the sample application:

    kubectl delete -f helloweb-deployment.yaml

  4. Delete the cluster:

    gcloud container clusters delete domain-test

What's next