What is Google Cloud DNS?
Google Cloud DNS is a high-performance, resilient, global DNS service that provides a cost-effective way to make your applications and services available to your users. This programmable, authoritative DNS service can be used to easily publish and manage DNS records using the same infrastructure relied upon by Google.
Overview
The Domain Name System (DNS) is a hierarchical distributed database that lets
you store IP addresses and other data and look it up by name. Google Cloud DNS
lets you publish your zones and records in the DNS without the burden of
managing your own DNS servers and software. You use the
gcloud
tool or the
REST API directly to work with Cloud DNS. The following sections
provide an overview of the components of the DNS system and how you work with
them.
Cloud DNS API concepts
The Cloud DNS API is built around projects, managed zones, record sets, and changes to record sets.
- Project
- The project is a concept common to many Google Cloud services. In Cloud DNS, a project is a container for resources, a domain for access control, and the place where billing is configured and aggregated. Every Cloud DNS resource lives within a project and every Cloud DNS operation must specify the project to work with. You can control which team members have permission to work with your Cloud DNS resources at the project level using the Google Developers Console . A user must be an owner or editor to be able to make changes to the zones or records. A user with viewer permission can only list and read data. Your Developers Console project must have billing enabled to use Cloud DNS. Your Cloud DNS usage and charges will be aggregated by project and pricing tiers will be applied at the project level each month.
- Managed zones
-
The managed zone is the container for DNS records for the same DNS name prefix and has a set of name servers that accept and responds to queries. A project can have multiple managed zones, but they must each have a unique name.
In Cloud DNS, the managed zone is the resource that models a DNS zone . A managed zone is a container for DNS records that live in a common partition of the DNS namespace, for example
<something> .example.com
or<otherthing> . <something> .example.com
. All records in a managed zone are hosted on the same Google operated name servers, which are selected by the system at creation time. These name servers will respond to DNS queries against your managed zone according to how you configure the zone. A project can contain multiple, uniquely named managed zones and charges accrue for each zone for every day that they exist. - Resource record sets collection
-
The resource record sets collection holds the current state of the DNS records that make up a managed zone. You can read this collection but you do not modify it directly. Rather, you edit the resource record sets in a managed zone by creating a
Change
request in the changes collection (see below). The resource record sets collection reflects all your changes immediately; however, there is a delay between when changes are made in the API and the time that they take effect at your authoritative DNS servers. - Changes
-
When you want to make a change to the resource record sets collection, you submit a
Change
request containing additions or deletions. Additions and deletions can be done in bulk, in a single atomic transaction, and take effect at the same time in each authoritative DNS server.
For example, to change a host from one IP address to another IP address, you
should submit a
Change
request that contains both the deletion of the old
A
record and the addition of the new
A
record. Because both changes are
handled in a single operation, your authoritative DNS servers will only serve
the before-change state or the after-change state. The alternative approach,
performing the deletion and addition as two separate changes, creates a
temporary in-between state where neither
A
record exists for the target IP.
The diagram below illustrates the relationships:
example.com. SOA [email protected]. example.com. NS zns-1.google.com. example.com. MX 10 mail.example.com. www A 2.3.4.5 3.4.5.6
3 user2@ 2014-03-31T18:59:23.587Z PENDING DEL www A 1.2.3.4 ADD www A 2.3.4.5 3.4.5.6 2 user1@ 2014-03-31T16:34:18.58Z DONE 1 devops@ 2014-03-28T12:46:09.23Z DONE
example.org. SOA [email protected]. example.org. NS zns-1.google.com. www A 7.8.9.0
2 user2@ 2014-04-02T18:53:55.132Z PENDING DEL www A 5.6.7.8 ADD www A 7.8.9.0 1 devops@ 2014-03-230T07:22:35.192Z DONE
You can have multiple managed zones in a project.