I added a custom domain to point to one of my Google App Engine Projects. It has been approximately 18 hours since I made this change.
How long does it take for DNS changes to propagate. After 18 hours when I hit the domain, I still get "Site can't be reached" on Chrome.
ping: cannot resolve: Unknown host, when I do a ping.
UPDATE: I figured out the issue. I bought the domain uisng Google Domains. It seemed like Google App engine settings, where I added, custom domain was going to update A records in Google Domains for my domain. It didn't. Created A records in Google Domains, and now it works fine. My domain, and subdomain are pointing to a project in Google App engine.
At the bottom of the Add a new custom domain screen from the GAE App's Custom Domains page in the developer console you can see:
DNS changes can require up to 24 hours to take effect
A snapshot of that screen is illustrated at step 5 of the Adding a custom domain for your application procedure.
Side note: maybe it's also worth re-checking the updated settings, it actually happened to me once - I was waiting (in vain) for DNS propagation only to notice that the changes I thought I completed weren't there - I must have missed an ok/confirm button or something...
If the settings are there you could also try checking using some network other than your usual internet provider (which often is involved in the DNS propagation). Mobile/office maybe?
You can also try some online DNS lookup tools or even website verification tools - often propagation to such servers is faster than to end-user internet providers. It doesn't matter if the app is not up, all you want to see if they're able to get the IP address for your domain. If any of them can get an address then it's really just a matter of time.
Related
I'm doing a server-side GTM setup. I managed to set up a Google cloud App engine.
I added a custom domain (verified with Google webmaster central, added DNS records etc.).
I can see in the Cloud settings that the custom domain (actually it's a subdomain) is set up, using also Google-managed, auto-renewing SSL.
So, everything looks fine except when I try to access this custom domain (directly or while doing a GTM container preview), I get the connection error in the browser (ERR_CONNECTION_CLOSED).
Since all DNS records looks OK (I have TXT record for the GWC/ownersip verification, 4 A records and 4 AAAA records for Google cloud) I did a tracert where I can see that it gets to the google server (hop 5), but then it gets lost:
The last hop should be the subdomain, but it's a "random" Google server).
It's more than 24 hours from the DNS records change so I don't believe it's a DNS propagation issue (although it still might be of course but the chances are very small). So if anyone has any idea, what could be wrong, I'd be very glad :D
I managed to repeat exactly the same setup with another subdomain (on totally different domain). I had issues with geeting Google-managed certificate - it took the App Engine a really long time to install it. But at the end it worked.
So it looks like the issue is indeed with Google and the certificate. I'll wait and let you know if this was the issue.
Edit (additional explanation): it turns out that the issue is with the client's domain which doesn't allow another CAA (in this case Google or Let's encrypt) to issue a certificate.
You haven't mentioned a CNAME record for the subdomain. You need a DNS record like this for the subdomain to work:
www CNAME ghs.googlehosted.com
I've assumed that www is you subdomain but you would use your subdomain if different.
I did pore through other similar questions and found answers. I am still having a situation that is not answered and I am not able to comment on those posts to seek clarifications. Thus this new question.
Let me explain my situation...
I have a GCP Project and enabled AppEngine on the same.
I have setup 3 services: 'default', 'api' and 'ui'.
I have deployed apps on all the 3 services and they are all being served through their appspot urls without any issues.
Now I want to setup routing using own domain, purchased from GoDaddy. The schema looks like the following:
www.my-domain.com -> 'default'
rest.app.my-domain.com -> 'api'
ui.app.my-domain.com -> 'ui'
I have the dispatch.yaml to setup the routing rules and I can see the same properly defined in the 'Services' screen. No problems there... The problem is in defining the custom domain mappings for these services.
For the 'default' service, it was easy. GAE identified GoDaddy and requested A & AAAA records for managed security. And then CNAME 'www' pointing to 'ghs.googlehosted.com'. Done and all went well.
Now, for the other services, GAE is asking for the same set of A, AAAA and CNAME records.
Here is the problem. I cannot setup multiple CNAME records pointing to the same value ('ghs.googlehosted.com'). The GoDaddy cPanel/DNS Manager Tool does not even allow adding such records. I have spoken to their support and they confirm that their tool is restricted ti ICAAN policies. So multiple CNAME records is out of question.
As a workaround, I setup a sub-domain pointing to googledomains. I setup 'app' as a new Zone in 'Cloud DNS' in m GCP Project. All name servers are placed in master DNS zone in my GoDaddy. This could allow me to create CNAME record for 'app' in googledomains, atleast theoretically. But GAE Project Settings does not recognise the domain. Its forcing me to make the CNAME records in GoDaddy under the master zone. Not sure how Google doesnt understand the ICAAN policies!! So this option walked into a wall too.
Then I read about the wildcard subdomains. GoDaddy documentation describes the support for this but limited to a specific IP (so only A record). However, GAE needs the value 'ghs.googlehosted.com' and that means I must create a CNAME record only. There are many discussions on this; some saying this will not work and others claiming this works.
This is quite literally my last option and I would like to know how to make this work. If there is any other way to get this setup working, it would save me a lot of time and trouble. I am a developer and all this infra work is just such a hog on my productive bandwidth.
Thanking you in advance.
Finally, the way I have resolved this is to define a single wildcard CNAME in GoDaddy pointing to 'ghs.googlehosted.com' and registered all subdomains as new domain names (actually with different names) in googledomains now. The latter is an alternate fail-safety to ensure my clients can connect. I am now waiting for the current subscription to run out and move away from GoDaddy after. Right now, the pricing I pay GoDaddy is too much compared to Google Domains and for the level of support quality from GoDaddy it is really not justified.
So, I've worked on this for some time and I believe that there is something odd here.
I tried this with a go daddy domain and 2 app engine services. So the steps that I followed are explained next:
1) Go to App engine and on settings/custom domains add the custom domains you'd like to have (with the subdomains in this case)
2) On go daddy you need to go to your domain and admin your DNS records on your domain.
3) Add The Cnames registers with your sub domain pointing to ghs.googlehosted.com
4) deploy your dispatch.yaml
The thing that I don't understand is why you say that is impossible to do the step 3 as it has never caused issues when I tried to do this. Could you specify how are you doing the third step in go daddy?
Additionally, I believe that this same information is better explained on this documentation Is just that I don't get why is it failing on your side.
I've looked at previous questions enter link description here, but they use the GSuite Administrator to make changes, while my app uses GCloud. The domain registrar is separate since Google domains don't work in my country.
I mainly followed this guide to setting up my Zones and updating the name servers. I've configured the
https://cloud.google.com/dns/docs/update-name-servers
The question I linked to earlier recommended setting up a www. subdomain, but it used Authenticator. I'm not sure how to do this in a zone. I set up all the records properly in my domain registrar.
Here are the settings:
When I load the site itself (There's no actual HTTP response code):
And when I try the www. subdomain
I'm sure there's a step I'm missing, but this is my first site with GCloud. So I'm not very familiar with the process.
I think where is your missing step.
When you ask Google to use your domain, Google will expose HTTPS endpoint. HTTPS requires a certificate, and Google will generate it for you. However, before doing this, Google has to be sure that the domain belong to you.
You have to prove to google that you own your domain. For this, go to this page, log in and add a property (your website URL). Follow the instruction and be sure that your property has been validated.
Then, wait some minutes (hours?) the time that the certificates are generated and deployed.
Problem I want to solve
I want to be able to send different users to different versions of my Google App Engine application, on a custom domain, with SSL enabled. This needs to be done in a controlled way, i.e., even landing page should be different, and it has to work on multiple units for the user.
Solution I can't get to work
I am trying to setup a custom domain with sub-domains, and want to be able to access different versions of the application. For example, I have myapp.mydomain.com, and I want to run one version (alpha) on alpha.myapp.mydomain.com, and one version (beta) on beta.myapp.mydomain.com (where alpha is default).
I use the Google Developers Console to set up custom domains, using myapp.mydomain.com, and *.myapp.mydomain.com as custom domains.
This works perfectly as long as I don't try to add on SSL as well, i.e., beta.myapp.mydomain.com serves the version named beta. When I set up SSL I start by adding my application to Google Apps, (per https://developers.google.com/appengine/docs/ssl) and then set up my domain to point to my app. First I add myapp.mydomain.com, then alpha.myapp.mydomain.com, and last beta.myapp.mydomain.com.
When that is done beta.myapp.mydomain.com start to serve the default version instead. Except that it sometimes also serves the beta version (this happens one in every 20 tries or so, I assume it's a glitch for now).
My questions:
a) Should I set up my domains in both Google Apps and Google Developer Console? Or should I remove the setup from Google Developer Console? I tried both, seems to give the same results.
b) It seems like it is possible to get it done by using modules as indicated in
Google App Engine custom domains, subdomains and SSL and in Appengine modules dispatch.xml routing with custom domain. Is this the only way, or am I doing something wrong in my setup?
Suggestions I have received so far
One suggestion is to use traffic splitting and set a unique cookie depending on what version I want the user to end up with. I did not know about this, and it will solve some other issues I have been looking at. It does not solve my current problem though, as I need to have this set before log in. The answer is useful though.
I'll answer with what I did to make this work for me.
Instead of sending users to different versions of the app, I created a new module called alpha, and directed users using alpha.myapp.mydomain.com to that module using dispatch.xml.
<dispatch>
<url>*alpha.myapp.mydomain.com/*</url>
<module>alpha</module>
</dispatch>
I set up custom domains in the App Engine Console (https://console.developers.google.com) under Compute->App Engine->Custom Domains, for *.myapp.mydomain.com and alpha.myapp.mydomain.com. I also added the URL alpha.myapp.mydomain.com to the accepted URLs for my App Engine app on Google Apps (https://admin.google.com). This allowed me to run over SSL as well.
I intend to run the app under another domain (domain alias to my primary domain), so I tried that as well. To make this work I ONLY added the domain alias in Google Apps as www.mydomainalias.com and alpha.mydomainalias.com, because if I added it to Google App Engine custom domains I got an error message ("We are unable to process your request at this time. Please try again later. (Error #1000)"). I have no idea why it that did not work out.
The easier approach is to do traffic splitting on a cookie level compared to setting up extra subdomains AND extra SSL certificates.
The domain name to access your alpha version does not have to change using this approach.
from the docs :
The response from your app does not already contain a Set-Cookie:
GOOGAPPUID=... header. This allows your app to control which version a
user gets.
A few months ago I posted this question because I tried to follow all of the Google instructions, perfectly, for setting up a domain with your Google App Engine application.
I still couldn't get my new domain (purchased through Google) to work properly. After a bit of triple checking in my Google Apps account and DNS setting tweaks (with the ENOM registrar which Google uses), I gave up and figured I'd just wait a few days to see what happened.
Surprise, after a few days my domain started to work without any problems and I've begun to wonder if the problem was that it takes Google a bit of time to get everything setup on there end.
Today, I've once again published an App Engine application and went through the process of purchasing a domain through Google and setting it up in Google Apps. After following Googles instructions, going to my new domain points to a generic welcome page (seen here.)
I have a hunch that I've setup my web site correctly and I should probably just be patient. However, I've never seen Google documentation stating that the setup may take a while, so I'm still a wee bit skeptical.
How long should I have to wait for my domain, Apps site and App Engine application to be fully setup and functional against my new domain?
When you register your new Domain name, the new Domain will typically take between 24 to 96 hours to propagate.
Once the Domain is propagated, you can setup your Google App Engine application in few minutes.
Usually you will need to tweak the DNS of your Domain for a couple of operations that does not require more than 10 minutes of work:
TXT record creation to allow Google to verify you own that Domain
CNAME record creation to map your App engine application to the new registered Domain