Configuring Domain Names with Static IP Addresses

This tutorial demonstrates how to expose your web application to the internet on a static external IP address and configure DNS records of your domain name to point to your application.

This tutorial assumes you own a registered domain name (such as example.com). You can register a domain name through Google Domains or another domain registrar of your choice if you do not have one.

Objectives

This tutorial demonstrates the following steps:

  • Reserve a static external IP address for your application
  • Configure either Service or Ingress resources to use the static IP
  • Update DNS records of your domain name to point to your application

Before you begin

Take the following steps to enable the Kubernetes Engine API:
  1. Visit the Kubernetes Engine page in the Google Cloud Console.
  2. Create or select a project.
  3. Wait for the API and related services to be enabled. This can take several minutes.

  4. Make sure that billing is enabled for your Google Cloud project. Learn how to confirm billing is enabled for your project.

Install the following command-line tools used in this tutorial:

  • gcloud is used to create and delete Kubernetes Engine clusters. gcloud is included in the Google Cloud SDK.
  • kubectl is used to manage Kubernetes, the cluster orchestration system used by Kubernetes Engine. You can install kubectl using gcloud: 
    gcloud components install kubectl

Set defaults for the gcloud command-line tool

To save time typing your project ID and Compute Engine zone options in the gcloud command-line tool, you can set the defaults: 
gcloud config set project [PROJECT_ID]
gcloud config set compute/zone [COMPUTE_ENGINE_ZONE]

Create a GKE cluster

Create a container cluster named domain-test to deploy your web application:

gcloud container clusters create domain-test

Step 1: Deploy your web application

To deploy the sample web application, save the following manifest as helloweb-deployment.yaml:

helloweb-deployment.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: helloweb
  labels:
    app: hello
spec:
  selector:
    matchLabels:
      app: hello
      tier: web
  template:
    metadata:
      labels:
        app: hello
        tier: web
    spec:
      containers:
      - name: hello-app
        image: gcr.io/google-samples/hello-app:1.0
        ports:
        - containerPort: 8080

Then, run the following command to create the Deployment:

kubectl apply -f helloweb-deployment.yaml

Step 2: Expose your application

You can expose your application on GKE using either of the following methods:

To learn more about the pros and cons of each method, refer to the HTTP Load Balancing tutorial.

Step 2(a): Using a Service

To ensure that your application has a static public IP address, you must reserve a static IP address.

If you choose to expose your application using a Service, you must create a regional IP address. Global IP addresses only work with Ingress resource type, as explained in the next section.

To use a Service, create a static IP address named helloweb-ip in the region us-central1:

gcloud 

  gcloud compute addresses create helloweb-ip --region us-central1

To find the static IP address you created, run the following command:

  gcloud compute addresses describe helloweb-ip --region us-central1
Output: 
  address: 203.0.113.32
  ...

Config Connector

Note: This step requires Config Connector. Follow the installation instructions to install Config Connector on your cluster.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
  name: helloweb-ip
spec:
  location: us-central1
To deploy this manifest, download it to your machine as compute-address-regional.yaml, and run: 
kubectl apply -f compute-address-regional.yaml

Use the following manifest to create a manifest file named helloweb-service.yaml describing a Service. Replace YOUR.IP.ADDRESS.HERE with the static IP address:

helloweb-service.yaml 
apiVersion: v1
kind: Service
metadata:
  name: helloweb
  labels:
    app: hello
spec:
  selector:
    app: hello
    tier: web
  ports:
  - port: 80
    targetPort: 8080
  type: LoadBalancer
  loadBalancerIP: "YOUR.IP.ADDRESS.HERE"

Then, create the Service:

kubectl apply -f helloweb-service.yaml

To see the reserved IP address associated with the load balancer:

kubectl get service
Output: 
NAME               CLUSTER-IP      EXTERNAL-IP      PORT(S)          AGE
helloweb           10.31.254.176   203.0.113.32     80:30690/TCP     54s

Step 2(b): Using an Ingress

If you choose to expose your application using an Ingress, which creates an HTTP(S) Load Balancer, you must reserve a global static IP address. Regional IP addresses do not work with Ingress.

To learn more about how to use Ingress to expose your applications to the internet, refer to the HTTP Load Balancing with Ingress tutorial.

To create a global static IP address named helloweb-ip:

gcloud

  gcloud compute addresses create helloweb-ip --global

To find the static IP address you created:

  gcloud compute addresses describe helloweb-ip --global
Output: 
  address: 203.0.113.32
  ...

Config Connector

Note: This step requires Config Connector. Follow the installation instructions to install Config Connector on your cluster.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
  name: helloweb-ip
spec:
  location: global
To deploy this manifest, download it to your machine as compute-address-global.yaml, and run: 
kubectl apply -f compute-address-global.yaml

To expose a web application on a static IP using Ingress, you need to deploy two resources:

  1. A Service with type:NodePort
  2. An Ingress configured with the service name and static IP annotation

Use the following manifest to create a manifest file named helloweb-ingress.yaml describing these two resources:

helloweb-ingress.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: helloweb
  annotations:
    kubernetes.io/ingress.global-static-ip-name: helloweb-ip
  labels:
    app: hello
spec:
  backend:
    serviceName: helloweb-backend
    servicePort: 8080
---
apiVersion: v1
kind: Service
metadata:
  name: helloweb-backend
  labels:
    app: hello
spec:
  type: NodePort
  selector:
    app: hello
    tier: web
  ports:
  - port: 8080
    targetPort: 8080

The kubernetes.io/ingress.global-static-ip-name annotation specifies the name of the global IP address resource to be associated with the HTTP(S) Load Balancer.

Apply the helloweb-ingress.yaml manifest file to the cluster:

kubectl apply -f helloweb-ingress.yaml
Output: 
ingress "helloweb" created
service "helloweb-backend" created

To see the reserve IP address associated with the load balancer:

kubectl get ingress
Output: 
NAME       HOSTS     ADDRESS          PORTS     AGE
helloweb   *         203.0.113.32     80        4m

Step 3: Visit your reserved static IP address

To verify that the load balancer is configured correctly, you can either use a web browser to visit the IP address or use curl:

curl http://203.0.113.32
Output: 
Hello, world!
Hostname: helloweb-3766687455-8lvqv

Step 4: Configure your domain name records

To have browsers querying your domain name (such as example.com) or subdomain name (such as blog.example.com) point to the static IP address you reserved, you must update the DNS (Domain Name Server) records of your domain name.

You must create an A (Address) type DNS record for your domain or subdomain name and have its value configured with the reserved IP address

DNS records of your domain are managed by your nameserver. Your nameserver might be where you registered your domain (in other words, your "registrar") or could be a DNS service, such as Google Cloud DNS or other third-party providers.

  • If your nameserver is Google Cloud DNS: Follow Cloud DNS Quickstart guide to configure DNS A record for your domain name with the reserved IP address of your application.

  • If your nameserver is another provider: Refer to your DNS service's documentation on setting DNS A records to configure your domain name. If you choose to use Google Cloud DNS instead, refer to Migrating to Cloud DNS.

Step 5: Visit your domain name

To verify that your domain name's DNS A records resolve to the IP address you reserved, visit your domain name.

To make a DNS query for your domain name's A record, run the host command:

host example.com
Output: 
example.com has address 203.0.113.32

At this point, you can point your web browser to your domain name and visit your website!

Cleaning up

To avoid incurring charges to your Google Cloud Platform account for the resources used in this tutorial:

  1. Delete the load balancing resources:

    kubectl delete ingress,service -l app=hello

  2. Release the reserved static IP. After the load balancer is deleted, the unused but reserved IP address is no longer free of charge and is billed per unused IP address pricing. Run the following commands to release the static IP resource:

    • If you followed Step 2(a):

      gcloud compute addresses delete helloweb-ip --region us-central1

    • If you followed Step 2(b):

      gcloud compute addresses delete helloweb-ip --global

  3. Delete the sample application:

    kubectl delete -f helloweb-deployment.yaml

  4. Wait until the load balancer is deleted by watching the output of the following command (the output should not show a forwarding rule that contains "helloweb" in its name):

    gcloud compute forwarding-rules list

  5. Delete the container cluster:

    gcloud container clusters delete domain-test

What's next