I have this problem when forwarding www CNAME to a Google App Engine application. It's not working maybe I am missing something.
Is it possible to forward CNAME to Google App Engine without adding custom domain?
The documentation you linked actually contains the answer to your question: You have to add a custom domain to your app with a wildcard.
And here is the reason why you have to add every domain to your custom domain.
When you create a cname it will always point to ghs.googlehosted.com. My guess is that the servers behind that domain are one huge load balancer, but that's not really important here. What is important is, that before your HTTP request is made the DNS name is resolved to an IP address. The range of IP addresses is the same for all appengine apps, so the server doesn't know that this particular request is intended for your app. However with that IP address a TCP connection is opened to the server. Now you send a request like:
GET / HTTP/1.1
HOST: www.yourcustomdomain.com
The server looks at the HOST part and must decide which app this request should be forwarded to. But it cannot know that if you didn't add your domain to the custom domains of your project. There simply is no information about where to route that request. So the simple answer is:
Yes you must add all your custom domains to your project, but you could use wildcards
No it will not work without that step, because the Google infrastructure houses tons of apps and your app does not have a dedicated IP address by which it could be identified
Related
I am running a flask application on Google App Engine Standard.
I have not found a resource which states that Google App Engine provides a static IP address. I am trying to route my domain name, let's call it 'mydomain.com' to hit the google app engine endpoint, which Goole provides as something similar to https://my-appengine-name.appspot.com/
I have verified the domain with Google and selected it as a custom domain.
If https://my-appengine-name.appspot.com/ was a numerical IP address I could simply route my domain i.e. 'mydomain.com' to the numerical IP address in the A name record. However, as from what I understand app engine has dynamic IP addresses for APP engine and so this is not possible.
What are my options here to route 'mydomain.com' to Google's App Engine domain: 'https://myappenginename.appspot.com/
' then?
In addition of John comment, if you choose the root domain of your service (in the example, my own domain gblaquiere.dev, a list of IPs (and 1 CNAME) is provided and you have to update your registrar with them
If you absolutely want only one IP to register, you can create an HTTPS Load balancer in front of App Engine and create a serverless NEG backend
Although #guillaume posted correctly above I just wanted to reiterate the steps explicitly. Generally someone asking such a question is a newbie to GCloud and it helps to have explicit steps.
At the App engine dashboard click on settings.
From the settings, click on ADD Custom Domain
To add a domain you needed to verify your domain with Google already, either through adding a TXT record or another method offered by Google (if you haven't registered your domain with Google). This verification can happen almost immediately with Registrars like namecheap.com or name.com (as per my experience)
Then go back to this custom domains area in the Google App Engine console and you will be provided with a list of verified domain you can select to route to your App Engine.
Once you have done this Google will provide you with a series of A, AAAA and a CNAMe record which you will need to update at your Registrar, generally in the advanced DNS settings.
This should definitely be sufficient. I think my struggle resulted due to a problem with my deployed app which I misdiagnosed as a problem with the DNS routing. Thanks for the previous responses which assisted me.
I have a google app engine instance running for a custom domain. When I hit the *.appspot.com url I get proper values for headers like X-AppEngine-City, X-AppEngine-Region, X-AppEngine-CityLatLong etc. But when I hit the custom domain url, I get only ? in all the above mentioned headers.
I think since google doesn't send the UserAgent IP to the GAE instance, the instance is not able to determine proper values for the header. Any clue in fixing this issue will be very helpful
Are you mapping your domain straight to the Google IP ranges/CNAME for AppEngine or do you have some sort of proxy such as CloudFlare infront of it.
If your domain name maps straight to AppEngine, I see no reason for those headers not to be set. (I think that around a year ago I used them on a custom domain myself to determine the rough user location in AppEngine.)
My use case is this: I have a domain that points to a server at IP 1.2.3.4 and I would like a subdomain at the domain to point to my App Engine application i.e.
example.com --> 1.2.3.4
app.example.com --> App Engine application
The naked domain as well as the www subdomain must point to the standalone server.
From what I've found out so far, this doesn't seem possible.
Would anyone be able to confirm if this configuration is indeed not possible?
I might actually have a better solution to this.
You can only verify the subdomain.domain.tld with google.
Then you only will add A and AAAA entries to the DNS, with the alias subdomain.
subdomaid.domain.tld will then be independent from domain.tld
After much testing, I've come to the conclusion that the scenario which I've painted is not feasible. So I settled for www.example.com to point to the web server (1.2.3.4) and app.example.com
When users go to the naked domain example.com, they get redirected to www.example.com
Here's what I did:
Remap the naked domain's A records (4 of them, and 4 AAAA records) back to the IP addresses that App Engine suggested.
Added a redirect of the naked domain to the www subdomain, and
Added an A record for www to point to the web server IP (i.e. 1.2.3.4)
Finally, added a CNAME record for app to point to ghs.googlehosted.com so that app.example.com points to the App Engine application.
There might be another option, but I can't really test it for sure as I can't risk it my app ever fails without me knowing.
So from my empirical testing, I was able to set the domain to external hosting and subdomain to GAE:
point main domain to google.
point subdomain to google
wait for certificates to be issued
remove domain from "custom domains" tab (click on the trash can)
point your domain wherever you want
This worked for me for 4 days, in test env, but I couldn't really risk my app of this kind of failure, so I just used the accepted answer at the end (redirect domain to www)
This is definitely possible, I've done it for the exact same scenario:
In App engine, when you verify your domain, only map the subdomain (mysubdomain.example.com). GCP will prepopulate the naked and www domains. Remove them before proceeding.GCP will then provide the A, AAAA, and CNAME records for you to add to your DNS records.
Go to wherever you manage those (Google Domains, GoDaddy, etc), and add all four A's, all four AAAA's and the CNAME yo your subdomain/host
Eventually, gcp should see it's provided records on the DNS records and should issue certificates for https.
On gcp, adjust the dispatch.yaml file to route things to the service I wanted:
dispatch:
- url: "mysubdomain.example.com/*"
service: myservice
Your service should now be accessible via https://mysubdomain.example.com with a pretty padlock to go with it.
Yes, I can confirm this is possible. In fact, it is the recommended way for handling the microservice architecture on App Engine [0].
In your case specifically, all you have to do is create a CNAME with your DNS registrar pointing to ghs.googlehosted.com.
You then have to first verify your TLD with App Engine and add a specific mapping to your subdomain as described here [1].
Let me know if you have any specific questions with the process.
[0] https://cloud.google.com/appengine/docs/standard/python/microservices-on-app-engine
[1] https://cloud.google.com/appengine/docs/standard/python/console/using-custom-domains-and-ssl
I found out it is possible to verify ownership of the whole url, and use that...
App Engine doesn't need to have the A records on the root domain if
you are only serving from a subdomain. App Engine should work properly
for you with just the one CNAME on subdomain.example.com.
Duplicate of App Engine and Firebase Hosting in One Domain
This is the correct answer and is working as expected.
I setup a custom domain on GAE using the tutorial at aral balkan to access http;//app.apspot.com at http://app.com. (I can access the app at www.app.com)
The tutorial is pretty old(Sep 2008) and it mentions
Add four Hostnames for the naked
domain (i.e., yourdomain.com without
the www) and have them point to IP
addresses 216.239.32.21,
216.239.34.21, 216.239.36.21, and 216.239.38.21.
I added the required A names to my domain dns, but accessing app.com leads me to a Google 404 page
I have used naked to www redirection on blogger using a similar method(A names provided by Google Blogger Help) and it has worked for me(it still works). However apart from the article at aralbalkan.com, I have not come across an official source which says that naked to www domain redirection using these IPs works for domains on Google Apps(which GAE uses to manage custom domains).
My Question:
Does anybody use a similar method(A names pointing to Google IPs) to resolve www domains from naked domains for custom domains on GAE? If yes, are the IPs different or am I doing it wrong?
The alternate method that I can think of using is, getting a third party host and pointing the A name of app.com to the IP address of that third party host, followed by placing a 301 redirect script to www.app.com on that host.But that will require me to manage another hosting just for naked to www redirection.
If anyone knows of any easier methods to achieve naked to www redirection on custom domains for GAE, please help.
Update:
Thank you for the answers. If it can be of any help, I am using geoscaling.com for DNS. I have an everydns account too. The domain is on namecheap and namecheap offers a freedns option too.
Update 2
Switched back my dns to namecheap. I guess geoscaling.com does not offer a 301 url redirect(correct me if I am wrong), although it's still a great service. Namecheap offers a 301 URL redirect. Should start working in some time.
While it's true Google doesn't officially support naked domains, it is possible to make this work using your registrar's DNS and Domain Forwarding tools.
For example, http://conversionsupport.com is hosted on Google App Engine, and GoDaddy is where the DNS is managed. The naked domain redirects to the http://www.conversionsupport.com subdomain using a domain forwarding rule.
Requests for the naked domain result in a 301 redirect to the www subdomain. Some SEO resources claim that using one subdomain is better for ensuring search engines don't see your site's content as being duplicative. This 301 redirect should help ensure that both naked domain and www subdomain are treated the same.
Here is a resource for Setting up URL Forwarding in GoDaddy. Note that while this is intended for Google Sites, I have confirmed that it does work on Google App Engine apps.
UPDATE:
To clarify, the naked domain itself will redirect to the www subdomain. This means that if your users type http://example.com then they'll be redirected to http://www.example.com as is the case with my original example above.
From what I understand, most Google Apps accounts are partnered with GoDaddy. Here are the Instructions from GoDaddy Support on Domain Forwarding Using a 301 Redirect..
Naked domains are not supported on App Engine. You need to use www-redirects, as you suggest.
Naked domain (e.g. yourdomain.com) support for App Engine can be setup in three steps:
Setup a naked domain redirect to a subdomain of your choice (e.g. redirect mydomain.com -> www.mydomain.com). See the App Engine FAQ, which instructs you to configure the redirect via the Google Apps control panel for your domain.
Configure App Engine to serve traffic for your custom subdomain (e.g. www.yourdomain.com) via the Google Apps control panel.
(Optionally), setup SSL for your custom domain. This step is required if you which to serve https:// traffic, but not required if you only plan on hosting http:// content.
As nick says, naked domains are not supported by app engine.
On your point of easier methods to achieve naked to www redirection on custom domains... Some DNS hosts, (for example, dyndns.com) integrate that ability into their DNS control panel. You may check with your DNS provider to see if that is the case.
With all the changes over time, I wanted to post that GAE (at least at the time of this writing) DOES support naked domains. I have this working for wdydfun.com. Follow the directions as mentioned above by Fred Sauer and it will eventually work. I'd love to provide more detail on those steps, but things seem to change frequently. You'll have to click around a bit to find where to set stuff. With the DNS propagation time that can be a bit frustrating. I recommend running
dig ns <your url>
from the command line to help see what is going on. My "www" domain was resolving to ghs.google.com and my naked domain was resolving to dreamhost where the domain was registered. After filling out the extra "A" records from the google directions, the naked domain eventually started returning different information and it worked. If you are testing this out in a browser, it's worth mentioning that at the time of this writing webkit browsers seem to be pickier than mozilla. My DNS settings:
A 216.239.32.21
A 216.239.34.21
A 216.239.36.21
A 216.239.38.21
TXT google-site-verification=W0rC...fnQ
* CNAME ghs.google.com.
Yours will probably look similar. Unless the directions have changed again. The CNAME value changed since when I first set things up, so if what I'm writing here differs from the directions on Google, trust the directions on Google. HTH.
Naked domain mapping works from the Google Developers Console.
https://code.google.com/p/googleappengine/issues/detail?id=777
We have added support for custom domains for App Engine from the
Google Developers Console, meaning you can now associate a custom
domain without first associating that domain with Google Apps.
To access the feature, visit https://console.developers.google.com/
and you will find the option to add a custom domain under App Engine >
Settings.
NOTE: Currently we do not support SSL on custom domains created
through this method (although we expect to rectify this in a future
release). In the meantime, we continue to support SSL (via VIP or SNI)
for custom domains that are created through Google Apps, and we
continue to provide free HTTPS for all *.appspot.com domains.
Alternatively, you could follow below steps which solves this problem, for sure,
Ping the website you are wanting to forward to, in order to get the
IP address if you don't know it.
"Run"; CMD; "ping yourwebsite.com"
Will display ping data and reply from IP address. Note this address.
Login to Godaddy.com to manage your account or other domain registry
site
Go to DNS Control Modify/Add "A Host"
Under "Host" enter: #
Under "Points To" Enter the IP Address you obtained earlier.
You are done! Site is forwarded without the www prefix when entered into
address bar.
More details and reference :
http://www.techproceed.com/2014/05/custom-domain-setup-on-blogger-with.html
I am in the process of porting some sites from my own server to Google (GHS). I've always used ZoneEdit to manage my DNS needs and in the past - wrongly or rightly - configured it so that:
domain.com and www.domain.com pointed to: <my known ip address>
With the www sub-domain all is fine and it (www.domain.com) resolves to ghs.google.com (via a CNAME entry) and the site is displayed.
However, if I try and reach the bare domain (domain.com) FF states it is unable to establish a connection. I assume this is because my DNS configuration has no A ip-address entry for it anymore.
I was considering forwarding any URL from domain.com to www.domain.com, although possible ZoneEdit is not recommending it I think because I telling it to only forward requests for http://domain.com and leave http://www.domain.com as it is (i.e CNAME configured).
Am I handling this the best way?
Please advise.
You could also add your vote to Issue 777: Officially Support Naked Domains for GAE Apps to ask Google to support naked domains. That way you would also be able to use http://domain.com as a valid address for your App Engine application.
According to the article on URL forwarding in the Google Apps Help, forwarding your naked domain to the www domain is the best way to handle it.
And then you leave the CNAME record for the www domain to point to ghs.google.com, as you already have done.
You can also look at the post 'Naked' domains on App Engine by Nick Johnson
Now there is a direct way within Google Apps to do this.
It is located in Gooogle Apps > Domain Settings > Domain Names
https://www.google.com/a/cpanel/yourwebsite.com/DomainSettingsDomains
Requisite : Your 'A' Records should point to the google server.
How it works?
User types yourwebsite.com
DNS sends it to the server whose IP is mentioned in the A Record
That server (Googles host server), takes the domain name and
redirects to www.yourwebsite.com (or the sub-domain / link you
specify)
User reaches www.yourwebsite.com
From there you know ...
The naked to www redirection in Google Apps is broken, or at least it is for some of my apps. If Google Apps uses eNom, the redirection works properly, but if it uses GoDaddy, it will not carry forward the path (e.g. domain.com/this/is/path will redirect to www.domain.com). The fix is to use 3rd party DNS.
I think that now Google Apps has a built-in feature for forwarding of naked domains. You just go to "Domain Settings" tab in Google Apps management panel. There you click "Domain Names" sub-tab. Enter the destination where to forward your naked domain. Then you make changes to DNS, adding A record for your domain to Google provided IP. That's it.