I-Google CloudLo mbhalo uhloselwe abaklami bezakhiwo kanye nabantu abasebenza emaqenjini okusebenza namathimba okuphatha. Idokhumenti ichaza iphethini yesibonelo ongayisebenzisela ukusetshenziswa kwakho ku-Google Cloud Kule phethini, i-Cloud DNS iqondisa ithrafikhi kuzimo ze-Compute Engine emaqenjini esibonelo aphethwe anikezela ngokuqukethwe. Uma ucisha, ubuyekeza indawo ye-Cloud DNS futhi wehluleke kusayithi elimile ku-Cloud Storage Ukuze uqedele lesi sifundo, udinga igama lesizinda elibhalisiwe olilawulayo futhi ofuna ukulisebenzisa nalo mbhalo Ekusetshenzisweni kokukhiqiza, iwebhusayithi yakho cishe ihlanganisa amafayela amaningi amaningi kanye nekhodi yohlelo lokusebenza eyengeziwe emishinini yakho ephathwayo yeqembu lesibonelo (VMs) kunaleyo eboniswe kulo mbhalo. Isitoreji Samafu sibe sesisingatha inguqulo emile elinganiselwe enikeza ukusebenza okuncane. Esimeni esifudumele sokuhluleka, abasebenzisi babona le webhusayithi ekhawulelwe kuze kube yilapho amaqembu esibonelo esiphethwe alulama futhi anganikeza ithrafikhi ukuze uthole ulwazi olugcwele lwewebhusayithi. Kulesi sifundo, usebenzisa izinsiza ukuze udale indawo njengoba kukhonjisiwe esithombeni esilandelayo: Uma udinga ukuhluleka, ubuyekeza ukucushwa kwe-Cloud DNS ukuze uqondise ithrafikhi ku-Cloud Storage, njengoba kukhonjisiwe esithombeni esilandelayo: Le phethini efudumele ye-faillover ibhalansisa izindleko zokuqalisa elinye iqembu lesibonelo esiphethwe endaweni ehlukile oyisebenzisa kuphela lapho isifunda esiyinhloko sihluleka. Izindleko zesayithi elimile zisebenzisa Isitoreji Sefu ziphansi kunokusebenzisa elinye iqembu lesibonelo eliphethwe, kodwa kukhona ukubambezeleka okufushane njengoba ubuyekeza i-Cloud DNS phakathi kwezinketho zokusingatha. Umuzwa wewebhusayithi olinganiselwe ku-Cloud Storage ungcono kunewebhusayithi engatholakali ngokuphelele kanye nolwazi olubi lwekhasimende Ukuze uthole enye indlela esebenzisa i-HTTP(S) yangaphandle Yokulayisha Ukulinganisa esikhundleni se-Cloud DNS ukuze ulawule ukuhluleka, bona okuthi Sebenzisa iseva yewebhu ebuyiselekayo nge-Compute Engine kanye Nesitoreji Samafu. Le phethini iwusizo uma ungenayo, noma ungafuni ukusebenzisa, i-Cloud DNS Ukuze usebenzise izinhlelo zokusebenza ezithembekile ku-Google Cloud, sincoma ukuthi udizayine ingqalasizinda yohlelo lwakho lokusebenza ukuze ubhekane nokucisha. Kuye ngesicelo sakho kanye nezidingo zebhizinisi, ungase udinge i-faillover ebandayo, i-faillover efudumele, noma iphethini ye-failover eshisayo. Ukuze uthole ulwazi olwengeziwe mayelana nendlela yokunquma indlela engcono kakhulu yezicelo zakho, bheka umhlahlandlela wokuhlela ukutakula kwenhlekelele Lo mbhalo usebenzisa iseva yewebhu ye-Apache eyisisekelo, kodwa indlela efanayo yokuthunyelwa kwengqalasizinda iyasebenza kwezinye izindawo zohlelo lokusebenza okudingeka ukuzenza. ## Izinjongo - Dala amaqembu esibonelo aphethwe yisifunda ngesithombe sangokwezifiso se-VM - Dala ibhakede le-Cloud Storage - Dala futhi ulungiselele indawo ye-Cloud DNS - Hlola i-failover yeseva yewebhu efudumele ngamarekhodi abuyekeziwe we-Cloud DNS - Hlola ukululama nokwehluleka ngamarekhodi abuyekeziwe we-Cloud DNS ## Izindleko Lesi sifundo sisebenzisa izingxenye ezilandelayo ezikhokhisekayo ze-Google Cloud: Ukuze wenze isilinganiso sezindleko ngokusekelwe ekusebenziseni kwakho okucatshangelwayo, sebenzisa umshini wokubala amanani ## Ngaphambi kokuthi uqale Ezinye zezinyathelo kule dokhumenti zingase zingasebenzi kahle uma inhlangano yakho isebenzisa imigoqo endaweni yakho ye-Google Cloud. Kuleso simo, ungase ungakwazi ukuqedela imisebenzi efana nokudala amakheli e-IP asesidlangalaleni noma okhiye be-akhawunti yesevisi. Uma wenza isicelo esibuyisela iphutha mayelana nezingqinamba, bona ukuthi ungazithuthukisa kanjani izinhlelo zokusebenza endaweni ebambekile ye-Google Cloud. - Ngena ngemvume ku-akhawunti yakho ye-Google Cloud. Uma umusha ku-Google Cloud, dala i-akhawunti ukuze uhlole ukuthi imikhiqizo yethu isebenza kanjani ezimeni zomhlaba wangempela. Amakhasimende amasha aphinde athole u-$300 kumakhredithi amahhala ukuze asebenze, ahlole, futhi akhiphe imithwalo yomsebenzi - Ku-Google Cloud console, ekhasini lesikhethi sephrojekthi, khetha noma dala iphrojekthi ye-Google Cloud - Qiniseka ukuthi inkokhelo inikwe amandla kuphrojekthi yakho Yefu. Funda ukuthi ungabheka kanjani ukuthi inkokhelo ivuliwe kuphrojekthi - Nika amandla i-Compute Engine API - Faka futhi uqalise i-Google Cloud CLI - Ku-Google Cloud console, ekhasini lesikhethi sephrojekthi, khetha noma dala iphrojekthi ye-Google Cloud - Qiniseka ukuthi inkokhelo inikwe amandla kuphrojekthi yakho Yefu. Funda ukuthi ungabheka kanjani ukuthi inkokhelo ivuliwe kuphrojekthi - Nika amandla i-Compute Engine API - Faka futhi uqalise i-Google Cloud CLI Ungaqalisa i-Google Cloud CLI kukhonsoli yamafu we-Google ngaphandle kokufaka i-Google Cloud CLI. Ukuze usebenzise i-gcloud CLI kukhonsoli ye-Google Cloud, sebenzisa i-Cloud Shell ## Lungisa imvelo Kulesi sigaba, uchaza okunye okuguquguqukayo kwamagama wakho wezinsiza nezindawo. Lezi zinguquko zisetshenziswa imiyalo ye-Google Cloud CLI njengoba ukhipha izinsiza Kuso sonke lesi sifundo, ngaphandle uma kushiwo ngenye indlela, ufaka yonke imiyalo ku-Cloud Shell noma endaweni yangakini yokuthuthuka Faka esikhundleni nge-ID yakho yephrojekthi. Uma uthanda, hlinzeka ngesakho isijobelelo segama lezisetshenziswa ukuze usize ukusesha nokukhomba, njengalokhu PROJECT_ID uhlelo lokusebenza Cacisa izifunda ezimbili, njenge futhi us-west1 , kanye nendawo engaphakathi kweyodwa yalezo zifunda, njenge us-west2 . Le zoni ichaza lapho kwakhiwa khona isisekelo sokuqala se-VM esisetshenziselwa ukudala isithombe seqembu lesibonelo eliphethwe us-west1-a Ekugcineni, setha isizinda esisetshenziselwa iwebhusayithi yakho emile, njenge example.com PROJECT_ID= PROJECT_IDNAME_SUFFIX= appREGION1= us-west1REGION2= us-west2ZONE= us-west1-aDOMAIN= example.com ## Dala i-VPC kanye ne-subnet Ukuze unikeze ukufinyelela kwenethiwekhi kuma-VM, udala i-Virtual Private Cloud (VPC) nama-subnet. Njengoba udinga izibonelo zamaqembu ezifundeni ezimbili, udala i-subnet eyodwa esifundeni ngasinye. Ukuze uthole ulwazi olwengeziwe ngezinzuzo zemodi ye-subnet yangokwezifiso yokuphatha ububanzi bamakheli e-IP asetshenziswa endaweni yangakini, bheka Sebenzisa amanethiwekhi e-VPC emodi yangokwezifiso. Dala i-VPC ngemodi ye-subnet yangokwezifiso: amanethiwekhi ekhompyutha e-gcloud akha inethiwekhi-$NAME_SUFFIX --subnet-mode=custom Manje dala ama-subnet amabili ku-VPC entsha, eyodwa yesifunda ngasinye. Chaza ububanzi bekheli lakho, njengokuthi futhi 10.1.0.0/20 , elilingana ebangeni lenethiwekhi yakho: 10.2.0.0/20 i-gcloud compute networks subnets yakha \ subnet-$NAME_SUFFIX-$REGION1 \ --network=network-$NAME_SUFFIX \ --range= 10.1.0.0/20\ --region=$REGION1 gcloud compute networks subnets idala \ subnet-$NAME_SUFFIX-$REGION2 \ --network=network-$NAME_SUFFIX \ --range= 10.2.0.0/20\ --region=$ ISIFUNDA2 ## Dala imithetho ye-firewall Ukuze uvumele ithrafikhi yenethiwekhi ukuthi igeleze ngendlela efanele ku-VPC, sebenzisa imithetho ye-firewall Dala imithetho ye-firewall ukuvumela ithrafikhi yewebhu nokuhlolwa kwezempilo kwesilinganisi somthwalo kanye namaqembu esibonelo aphethwe: I-gcloud compute firewall-rules idala ukuvumela-http-$NAME_SUFFIX \ --network=network-$NAME_SUFFIX \ --direction=INGRESS \ --priority=1000 \ --action=ALLOW \ --rules=tcp:80 \ -- source-ranges=0.0.0.0/0 \ --target-tags=http-server gcloud compute firewall-rules create allow-health-check-$NAME_SUFFIX \ --network=network-$NAME_SUFFIX \ --action=vumela \ - -direction=ingress \ --source-ranges=130.211.0.0/22,35.191.0.0/16 \ --target-tags=vumela-isheke-lempilo \ --rules=tcp:80 Umthetho we-HTTP uvumela ithrafikhi kunoma iyiphi i-VM lapho i- I-http-servertag isetshenziswa, futhi kunoma yimuphi umthombo usebenzisa i 0.0.0.0/0ububanzi. Ngomthetho wokuhlola impilo, ububanzi obuzenzakalelayo be-Google Cloud busethelwe ukuvumela inkundla ukuthi ihlole kahle impilo yezisetshenziswa Ukuvumela ithrafikhi ye-SSH ekucushweni kokuqala kwesithombe esiyisisekelo se-VM, sebenzisa umthetho we-firewall endaweni yakho usebenzisa --umthombo-ububanzi bepharamitha. Kungase kudingeke ukuthi usebenze nethimba lakho lenethiwekhi ukuze unqume ukuthi yibuphi ububanzi bomthombo obusetshenziswa inhlangano yakho Faka esikhundleni ngezikophu zakho zekheli le-IP: IP_ADDRESS_SCOPE gcloud compute firewall-rules create allow-ssh-$NAME_SUFFIX \ --network=network-$NAME_SUFFIX \ --direction=INGRESS \ --priority=1000 \ --action=ALLOW \ --rules=tcp:22 \ -- imithombo-amabanga= IP_ADDRESS_SCOPE Ngemva kokudala imithetho ye-firewall, qinisekisa ukuthi imithetho emithathu yengeziwe: gcloud compute firewall-rules-rules \ --project=$PROJECT_ID \ --filter="NETWORK=network-$NAME_SUFFIX"Isibonelo esilandelayo esiphumayo sibonisa ukuthi imithetho emithathu idalwe ngendlela efanele: YIBA OKUMQOKA OKUQONDISWA KWENETWORK VUMELA vumela-impilo-check-app yenethiwekhi-app INGRESS 1000 tcp:80 allow-http-app network network-app INGRESS 1000 tcp:80 allow-ssh-app network-app INGRESS 1000 tcp:22 ## Dala futhi ulungiselele isithombe esiyisisekelo se-VM Ukuze udale ama-VM afanayo owasebenzisayo ngaphandle kokucushwa okwengeziwe, usebenzisa isithombe se-VM sangokwezifiso. Lesi sithombe sithwebula i-OS ne-Apache ukucushwa, futhi sisetshenziselwa ukudala i-VM ngayinye eqenjini lesibonelo eliphethwe ezinyathelweni ezilandelayo. Ku-VM, udala okuyisisekelo index.html ifayela kudiski eqhubekayo kanye khweza ku /var/www/example.com. Ifayela lokucushwa le-Apache ku /etc/apache2/sites-available/example.com.conf inikeza okuqukethwe kwewebhu kusuka kufakwe indawo yediski eqhubekayo Umdwebo olandelayo ubonisa ikhasi le-HTML eliyisisekelo elinikezwa i-Apache eligcinwe kudiski eqhubekayo: Wakha le ndawo ngezinyathelo ezilandelayo Dala i-VM eyisisekelo ngediski eqhubekayo enamathiselwe: i-gcloud compute izehlakalo zenza i-vm-base-$NAME_SUFFIX \ --zone=$ZONE \ --machine-type=n1-standard-1 \ --subnet=subnet-$NAME_SUFFIX-$REGION1 \ --tags=http-server \ --image=debian-10-buster-v20210420 \ --image-project=debian-cloud \ --boot-disk-size=10GB \ --boot-disk-type=pd-balanced \ --boot-disk- device-name=vm-base-$NAME_SUFFIX \ --create-disk=type=pd-ssd,name=disk-base-$NAME_SUFFIX,size=10GB,device-name=disk-base-$NAME_SUFFIX Usebenzisa amapharamitha achazwe ekuqaleni kwale dokhumenti ukuze uqambe i-VM futhi uxhume ku-subnet efanele. Amagama anikezwa futhi kusuka kumingcele yediski yokuqalisa kanye nediski yedatha Ukuze ufake futhi ulungiselele iwebhusayithi elula, qala ngokuxhuma ku-VM eyisisekelo usebenzisa i-SSH: I-gcloud compute ssh vm-base-$NAME_SUFFIX --zone=$ZONE Kuseshini yakho ye-SSH ku-VM, dala umbhalo ukuze ulungiselele i-VM kusihleli osithandayo. Isibonelo esilandelayo sisebenzisa i-Nano njengomhleli: I-nano configure-vm. Namathisela iskripthi sokumisa esilandelayo efayeleni: bin/bash NAME_SUFFIX= app# Dala umkhombandlela wamafayela esizindalwazi ayisisekelo sudo mkdir -p /var/www/example.com sudo chmod a+w /var/www/example.com sudo chown -R www-data: /var/www/example.com # Thola igama lediski, bese ulifometha bese ulifaka DISK_NAME="google-disk-base-$NAME_SUFFIX"DISK_PATHthola /dev/disk/by-id -name DISK_NAME}"| xargs -Ireadlink -fsudo mkfs.ext4 -m 0 - E lazy_itable_init=0,lazy_journal_init=0,lahla $DISK_PATH sudo mount -o lahla,okuzenzakalelayo $DISK_PATH /var/www/example.com # Faka i-Apache sudo apt-get update&& sudo apt-get -y install apache2 # Bhala ifayela le-HTML eliyisisekelo kudiski eqhubekayo sudo tee -a /var/ www/example.com/index.html >/dev/null EOF'HA / DR isibonelo Siyakwamukela kuwebhusayithi ye-Compute Engine ene-failover efudumele ku-Cloud Storagep>
*:80> ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/example.com ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined I-EOF # Nika amandla ifayela lokucushwa le-Apache bese ulayisha kabusha isevisi ye-sudo a2dissite 000-okuzenzakalelayo sudo a2ensite example.com.conf sudo systemctl layisha kabusha i-apache2 Buyekeza i okuguquguqukayo ukuze kufane nenani elibekwe ekuqaleni kwale dokhumenti, njenge NAME_SUFFIX uhlelo lokusebenza Bhala ifayela bese uphuma kumhleli wakho. Isibonelo, ku-Nano usebenzisa Ctrl-Oto bhala ifayela, bese uphuma nge I-Ctrl-X Yenza iskripthi sokumisa sisebenze, bese usiqhuba: chmod +x lungiselela-vm../configure-vm. Phuma kusikhathi se-SSH uye ku-VM: Phuma Thola ikheli le-IP le-VM futhi ulisebenzise curl ukuze ubone ikhasi lewebhu eliyisisekelo: curl $(izimo zekhompyutha ze-gcloud zichaza i-vm-base-$NAME_SUFFIX \ --zone $ZONE \ --format="value(networkInterfaces.accessConfigs.[0].natIP Iwebhusayithi eyisisekelo ibuyiselwa, njengoba kukhonjisiwe kumphumela olandelayo oyisibonelo:HA / DR isibonelo Siyakwamukela kuwebhusayithi ye-Compute Engine ene-failover efudumele ku-Cloud Storagep>
# Dala isisekelo sezithombe ze-VM i-gcloud compute izithombe dala isithombe-$NAME_SUFFIX \ --source-disk=vm-base-$NAME_SUFFIX \ --source-disk-zone=$ZONE gcloud compute images create image-disk-$NAME_SUFFIX \ - -source-disk=disk-base-$NAME_SUFFIX \ --source-disk-zone=$ZONE # Dala izifanekiso ze-gcloud compute-isibonelo-izifanekiso dala isifanekiso-$NAME_SUFFIX-$REGION1 \ --machine-type=n1-standard- 1 \ --subnet=amaphrojekthi/$PROJECT_ID/izifunda/$REGION1/subnetworks/subnet-$NAME_SUFFIX-$REGION1 \ --region=$REGION1 \ --tags=http-server \ --metadatastartup-script /bin/bashn 'echo\ UUIDblkid\ -s\ UUID\ -o\ value\ /dev/sdb /var/www/example.com\ ext4\lahla,okuzenzakalelayo,akuphumeleli\ 0\2 ee\ -a\ /etc/fstabn'mount \ -a \ --image=image-$NAME_SUFFIX \ --create-disk=image=image-disk-$NAME_SUFFIX,auto-delete=yebo gcloud compute example-templates yakha isifanekiso-$NAME_SUFFIX-$REGION2 \ --umshini -type=n1-standard-1 \ --subnet=projects/$PROJECT_ID/izifunda/$REGION2/subnetworks/subnet-$NAME_SUFFIX-$REGION2 \ --region=$REGION2 \ --tags=http-server \ --metadatastartup-script /bin/bashn'echo\UUIDblkid\ -s\UUID\ -o\ value\ /dev/sdb /var/www/example.com\ ext4\lahla,okuzenzakalelayo ,akuphumeleli\ 0\ 2 ee\ -a\ /etc/fstabn'mount\ -a \ --image=image-$NAME_SUFFIX \ --create-disk=image=image-disk-$NAME_SUFFIX,auto-delete=yebo # Dala isheke lezempilo ngezikhathi ze-VM i-gcloud compute health-check yakha i-http-basic-check-$NAME_SUFFIX \ --port 80 # Dala amaqembu esibonelo aphethwe i-gcloud compute example-groups managed create example-group-$NAME_SUFFIX-$REGION1 \ --template=template-$NAME_SUFFIX-$REGION1 \ --size=2 \ --region=$REGION1 \ --health-check=http-basic-check-$NAME_SUFFIX gcloud compute example-groups aphethwe ukudala-iqembu -$NAME_SUFFIX-$REGION2 \ --template=template-$NAME_SUFFIX-$REGION2 \ --size=2 \ --region=$REGION2 \ --health-check=http-basic-check-$NAME_SUFFIX ## Dala futhi ulungiselele isilinganisi somthwalo Ukuze abasebenzisi bafinyelele iwebhusayithi yakho, udinga ukuvumela ithrafikhi ukuthi iye kuma-VM asebenza kumaqembu esibonelo aphethwe. Futhi ufuna ukuqondisa kabusha ngokuzenzakalelayo ithrafikhi kuma-VM amasha uma kukhona ukwehluleka kwendawo eqenjini lesibonelo eliphethwe Esigabeni esilandelayo, udala ibhalansi yokulayisha ye-HTTPS yangaphandle enesevisi ye-backend yethrafikhi ye-HTTP ku-port 80, sebenzisa isheke lezempilo elidalwe ezinyathelweni zangaphambilini, futhi wenze imephu ikheli le-IP langaphandle uye kusevisi yasemuva. Ukuze uthole ulwazi olwengeziwe, bona Indlela yokusetha isilinganisi esilula sokulayisha se-HTTP Dala futhi ulungiselele isilinganisi somthwalo sohlelo lwakho lokusebenza: # Lungiselela imithetho yembobo yembobo ye-HTTP 80 gcloud compute example-groups set-named-ports \ example-group-$NAME_SUFFIX-$REGION1 \ --named-ports http:80 \ --region $REGION1 gcloud compute incident-groups set- named-ports \ example-group-$NAME_SUFFIX-$REGION2 \ --named-ports http:80 \ --region $REGION2 # Dala insiza ye-backend futhi wengeze amaqembu esibonelo aphethwe kuyo gcloud compute backend-services create \ web- backend-service-$NAME_SUFFIX \ --protocol=HTTP \ --port-name=http \ --health-checks=http-basic-check-$NAME_SUFFIX \ --global gcloud compute backend-services add-backend \ web- backend-service-$NAME_SUFFIX \ --instance-group=isibonelo-group-$NAME_SUFFIX-$REGION1 \ --isibonelo-group-region=$REGION1 \ --global gcloud compute backend-services add-backend \ web-backend- service-$NAME_SUFFIX \ --instance-group=instance-group-$NAME_SUFFIX-$REGION2 \ --instance-group-region=$REGION2 \ --global # Dala imephu ye-URL yesevisi ye-backend gcloud compute url-maps create imephu yewebhu-http-$NAME_SUFFIX \ --default-service web-backend-service-$NAME_SUFFIX # Lungiselela ukudlulisela kwe-HTTP traffic gcloud compute target-http-proxies dala \ http-lb-proxy-$NAME_SUFFIX \ --url-map web-map-http- $NAME_SUFFIX gcloud compute for forwarding-rule create \ http-content-rule-$NAME_SUFFIX \ --global \ --target-http-proxy=http-lb-proxy-$NAME_SUFFIX \ --ports=80 Thola ikheli le-IP lomthetho wokudlulisela wethrafikhi yewebhu: I-IP_ADDRESSgcloud ikhola ukudlulisa-imithetho ichaza http-okuqukethwe-umthetho-$NAME_SUFFIX \ --global \ --format="value(IPAddress) Sebenzisa curl, noma uvule isiphequluli sakho sewebhu, ukuze ubuke iwebhusayithi usebenzisa ikheli le-IP lesilinganisi somthwalo esinyathelweni sangaphambilini: curl $IP_ADDRESS Kuthatha imizuzu embalwa ukuthi isilinganisi somthwalo siqedele ukusebenzisa futhi siqondise kahle ithrafikhi ku-backend yakho. Iphutha le-HTTP 404 liyabuyiswa uma isilinganisi somthwalo sisasebenza. Uma kudingeka, linda amaminithi ambalwa bese uzama ukufinyelela iwebhusayithi futhi Iwebhusayithi eyisisekelo ibuyiselwa, njengoba kukhonjisiwe kumphumela olandelayo oyisibonelo:HA / DR isibonelo Siyakwamukela kuwebhusayithi ye-Compute Engine ene-failover efudumele ku-Cloud Storagep>
<index.html HA / DR example Welcome to a test static web server with warm failover from Cloud Storagep>
example.com Get the details of the Cloud DNS zone: gcloud dns managed-zones describe zone-$NAME_SUFFIX The following example output shows the nameServersfor the zone, such as ns-cloud-b1.googledomains.com kind: dns#managedZone name: zone-app nameServers: - ns-cloud-b1.googledomains.com. - ns-cloud-b2.googledomains.com. - ns-cloud-b3.googledomains.com. - ns-cloud-b4.googledomains.com Cloud DNS must be authoritative for your domain. Create nameserver (NS) records with your domain registrar that point to your Cloud DNS zone. Use the nameserver addresses returned in the previous step For more information and an example using Google Domains, see How to update name servers In your Cloud DNS zone, add a record for wwwusing the load balancer IP address obtained in a previous section: gcloud dns record-sets transaction start \ --zone=zone-$NAME_SUFFIX gcloud dns record-sets transaction add $IP_ADDRESS \ --name=www.$DOMAIN \ --ttl=300 \ --type=A \ --zone=zone-$NAME_SUFFIX This record directs user requests for the website through the load balancer to the managed instance groups. A TTL of 300 seconds is set to reduce the length of time the cached DNS record exists for a user Create a record to be used by the Cloud Storage bucket for the static website: gcloud dns record-sets transaction add c.storage.googleapis.com. \ --name=static-web.$DOMAIN \ --ttl=300 \ --type=CNAME \ --zone=zone-$NAME_SUFFIX This example uses static-webas the subdomain. Leave the c.storage.googleapis.com.Again, a TTL of 300 seconds is set to reduce the length of time the cached DNS record exists for a user Finally,the DNS record additions to the zone: gcloud dns record-sets transaction execute \ --zone=zone-$NAME_SUFFIX ## Verify and test the DNS zone and records Let's review the resource deployments before simulating a zone failure. All of the resources have been created to support the environment, as shown in the following image: - Cloud DNS zone records direct users to the load balancer for distribution across the managed instance group VMs - A Cloud Storage bucket is configured to host static web pages if there's an outage with the managed instance groups - The Cloud DNS zone is configured to use the static site in Cloud Storage, but doesn't currently resolve requests to the storage bucket To view the DNS records and test resolution, you must resolve addresses against the Cloud DNS servers. In production deployments, make sure you test and verify the addresses resolve correctly, then update your own DNS servers to resolve appropriately. This document doesn't detail the steps to update your own DNS servers, only how to verify traffic flows correctly under normal and failover conditions Get the details of the Cloud DNS zone again: gcloud dns managed-zones describe zone-$NAME_SUFFIX The following example output shows the nameServersfor the zone, such as ns-cloud-b1.googledomains.com kind: dns#managedZone name: zone-app nameServers: - ns-cloud-b1.googledomains.com. - ns-cloud-b2.googledomains.com. - ns-cloud-b3.googledomains.com. - ns-cloud-b4.googledomains.com To resolve the wwwrecord for your Cloud DNS zone against one of these name servers, use the digcommand: dig @ns-cloud-b1.googledomains.com www.$DOMAIN This example uses the ns-cloud-b1.googledomains.comnameserver address returned from the previous describecommand. Provide your own nameserver address shown in the output of the previous command The following example output shows that the record resolves to the IP address of the load balancer. If you used this nameserver to access the address, such as using curland the --resolveparameter with the Cloud DNS nameserver, the default page would be displayed from one of the managed instance groups behind the load balancer ;DiG [email protected] www.example.com ; (1 server found);; QUESTION SECTION: ;www.example.com. IN A ;; ANSWER SECTION: www.example.com. 300 IN A 35.227.253.90 Use the digcommand again to verify the DNS record for the static website in Cloud Storage: dig @ns-cloud-b1.googledomains.com static-web.$DOMAIN The following example output shows that the record resolves to Cloud Storage that can serve the static content from the storage bucket: ;DiG [email protected] static-web.example.com ; (1 server found);; QUESTION SECTION: ;static-web.example.com. IN A ;; ANSWER SECTION: static-web.example.com. 300 IN CNAME c.storage.googleapis.com ## Fail over to the Cloud Storage bucket In a production environment, you might get an alert using Cloud Monitoring or other monitoring solution when there's a problem with the managed instance groups. This alert prompts a human to understand the scope of the failure before you update the Cloud DNS records to redirect traffic to the Cloud Storage-hosted static website. An alternative approach is to use your monitoring solution to automatically respond to outages with the managed instance groups When you fail over, Cloud DNS resolves traffic to the Cloud Storage-hosted static website, as shown in the following image: When you or your monitoring solution determine the most appropriate action is to update the Cloud DNS records to direct traffic to Cloud Storage, update the existing DNS A record. In this document, you manually update the Cloud DNS records to redirect traffic to the Cloud Storage-hosted static website To fail over the Cloud DNS records, remove the existing Arecord that resolves to the load balancer: gcloud dns record-sets transaction start \ --zone=zone-$NAME_SUFFIX gcloud dns record-sets transaction remove $IP_ADDRESS \ --name=www.$DOMAIN \ --ttl=300 \ --type=A \ --zone=zone-$NAME_SUFFIX Create a CNAMErecord for wwwthat points to the Cloud Storage-hosted content: gcloud dns record-sets transaction add static-web.$DOMAIN \ --name=www.$DOMAIN. \ --ttl=30 \ --type=CNAME \ --zone=zone-$NAME_SUFFIX the updates to the Cloud DNS zone: gcloud dns record-sets transaction execute \ --zone=zone-$NAME_SUFFIX Use the digcommand to confirm the wwwrecord now resolves to the address of the Cloud Storage static website: dig @ns-cloud-b1.googledomains.com www.$DOMAIN The following example output shows that the www.example.comrecord resolves to the CNAME record of the Cloud Storage static website. Requests to access www.example.comare redirected to the Cloud Storage bucket, which displays the static website: ;DiG [email protected] www.example.com ; (1 server found);; QUESTION SECTION: ;www.example.com. IN A ;; ANSWER SECTION: www.example.com. 30 IN CNAME static-web.example.com. static-web.example.com. 300 IN CNAME c.storage.googleapis.com ## Fail back to the managed instance groups After issues with the managed instance groups are resolved, you can fail back to serving content from the load-balanced managed instance groups by updating the Cloud DNS records again. Again, a human might make this decision using Cloud Monitoring insights for the health of the managed instance groups. Or, you could use automation to respond to the restored health of the managed instance group. In this document, you manually update the Cloud DNS records When you fail back, Cloud DNS resolves traffic to the managed instance groups again, as shown in the following image: Remove the wwwCNAME record that redirects traffic to the Cloud Storage-hosted content: gcloud dns record-sets transaction start \ --zone=zone-$NAME_SUFFIX gcloud dns record-sets transaction remove static-web.$DOMAIN \ --name=www.$DOMAIN \ --ttl=30 \ --type=CNAME \ --zone=zone-$NAME_SUFFIX Add an Arecord to point to the load balancer in front of the managed instance groups again: gcloud dns record-sets transaction add $IP_ADDRESS \ --name=www.$DOMAIN \ --ttl=300 \ --type=A \ --zone=zone-$NAME_SUFFIX the updates to the Cloud DNS zone: gcloud dns record-sets transaction execute \ --zone=zone-$NAME_SUFFIX Use the digcommand one more time to confirm the wwwrecord resolves to the address of the load balancer in front of the managed instance groups again: dig @ns-cloud-b1.googledomains.com www.$DOMAIN The following example output shows that the record resolves to the IP address of the load balancer and traffic would be served from one of the managed instance groups: ;DiG [email protected] www.example.com ; (1 server found);; QUESTION SECTION: ;www.example.com. IN A ;; ANSWER SECTION: www.example.com. 300 IN A 35.227.253.90 ## Clean up To avoid incurring charges to your Google Cloud account for the resources used in this tutorial, either delete the project that contains the resources, or keep the project and delete the individual resources To delete the individual resources created in this document, complete the following steps: Delete the DNS zone and records: touch empty-file gcloud dns record-sets import -z zone-$NAME_SUFFIX \ --delete-all-existing \ empty-file rm empty-file gcloud dns managed-zones delete zone-$NAME_SUFFIX Delete the Cloud Storage bucket: gsutil rm -r gsstatic-web.$DOMAIN Delete the load balancer configuration: gcloud compute forwarding-rules delete \ http-content-rule-$NAME_SUFFIX --global --quiet gcloud compute target-http-proxies delete \ http-lb-proxy-$NAME_SUFFIX --quiet gcloud compute url-maps delete web-map-http-$NAME_SUFFIX --quiet gcloud compute backend-services delete \ web-backend-service-$NAME_SUFFIX --global --quiet Delete the managed instance groups and health check: gcloud compute instance-groups managed delete \ instance-group-$NAME_SUFFIX-$REGION1 \ --region=$REGION1 --quiet gcloud compute instance-groups managed delete \ instance-group-$NAME_SUFFIX-$REGION2 \ --region=$REGION2 --quiet gcloud compute health-checks delete http-basic-check-$NAME_SUFFIX --quiet Delete the instance templates, images, base VM, and persistent disks: gcloud compute instance-templates delete \ template-$NAME_SUFFIX-$REGION1 --quiet gcloud compute instance-templates delete \ template-$NAME_SUFFIX-$REGION2 --quiet gcloud compute images delete image-$NAME_SUFFIX --quiet gcloud compute images delete image-disk-$NAME_SUFFIX --quiet gcloud compute instances delete vm-base-$NAME_SUFFIX \ --zone=$ZONE --quiet Delete the firewall rules gcloud compute firewall-rules delete \ allow-health-check-$NAME_SUFFIX --quiet gcloud compute firewall-rules delete \ allow-ssh-$NAME_SUFFIX --quiet gcloud compute firewall-rules delete \ allow-http-$NAME_SUFFIX --quiet Delete the subnet and VPC gcloud compute networks subnets delete \ subnet-$NAME_SUFFIX-$REGION1 --region=$REGION1 --quiet gcloud compute networks subnets delete \ subnet-$NAME_SUFFIX-$REGION2 --region=$REGION2 --quiet gcloud compute networks delete network-$NAME_SUFFIX --quiet ## What's next - For an alternative approach that uses external HTTP(S) Load Balancing instead of Cloud DNS to control the failover, see Deploy a warm recoverable web server with Compute Engine and Cloud Storage. This pattern is useful if you don't have, or don't want to use, Cloud DNS - To learn how how to determine the best approach for your own applications and which recovery method to use, see the Disaster recovery planning guide - To see other patterns for applications, such as cold and hot failover, see Disaster recovery scenarios for applications - For more ways to handle scale and availability, see the Patterns for scalable and resilient apps - Explore reference architectures, diagrams, tutorials, and best practices about Google Cloud. Take a look at our Cloud Architecture Center.
Sebenzisa iseva yewebhu efudumele ebuyiselekayo usebenzisa i-Cloud DNS ene-Compute Engine kanye Nesitoreji Samafu | Cloud Architecture Center | I-Google Cloud
Funda indlela yokusebenzisa iphethini ye-failiver efudumele kumaseva ewebhu kusetshenziswa i-Cloud DNS kanye ne-Compute Engine VM kanye Nesitoreji Samafu.
