By Victor Mak, Solutions Architect
In this article, we'll show you how to use Alibaba Cloud DNS's Private Zone to quickly build a DNS in one or more specified VPCs and resolve private domain names to IP addresses. We'll also use Global Traffic Manager (GTM) to route users' access traffic of an application service to different regional IP addresses.
After successfully building your website or mobile app, you may want to use DNS instead of IP Address for private access across VPCs. For public access, you may want to route the users' access traffic to the nearest servers based on their geolocation IP addresses.
In this tutorial, we will be combining several Alibaba Cloud products, including Elastic Compute Service (ECS), Alibaba Cloud DNS and Global Traffic Manager (GTM).
The following will be a step-by-step explanation about how to configure the whole setup in under 30 minutes.
We have set up and internet accessible website, hosted on an Alibaba Cloud ECS server (Hong Kong Region): http://47.52.230.124
We'll add an ECS Nginx proxy in Alibaba Cloud (Shenzhen Region) to proxy Mainland China visitors and route back the traffics to original ECS server by use private domain name.
The following figure illustrates the solution architecture:
Setting Up Alibaba Cloud DNS Private Zone
Navigate to Private Zone under Alibaba Cloud DNS console, Click Add Zone in right side and give a zone name. In this tutorial, we will use aliyun.local as the zone name.
We need to add at least one DNS entry before we can bind to VPC. Click the zone name then you can add DNS entry by click Add Record in the right side. In this tutorial, we will add an "A Record" and point to website public IP address.
We are now able to bind VPC correctly. In this tutorial, bind Shenzhen VPC to this private zone. The Bind VPC status will be changed to Bind afterward.
Setting ECS reversed proxy in Shenzhen Region
We'll add one ECS in Shenzhen Region to proxy Mainland China visitor traffic. Linux ECS server with Nginx are recommended.
Login to the proxy server. We are able to communicate with ECS (HK region) using DNS now.
Modify proxy server Nginx configuration. Use Nginx upstream module to proxy all the Mainland China traffic to original server. For more details, see Nginx reverse proxy configuration.
upstream backend {
server original-website.aliyun.local;
}
location / {
proxy_pass http://backend;
}
After restarting the Nginx service, we should see original website through ECS (Shenzhen Region) public IP address http://120.79.239.228
Setting Up Alibaba Cloud DNS Private Zone
Navigate to Global Traffic Manager under Alibaba Cloud DNS console, Click Authorize Now to enable GTM feature.
Click Confirm Authorization Policy
We are now ready to Create Instance in Global Traffic Manager console. GTM instance is currently in public beta and is still available free of charge.
The system will give us a CNAME address after we purchase a GTM instance. The CNAME address will be used to configure DNS CNAME record later. Click Configure in right side
In Global Settings, we need to first configure Instance Name, Primary Domain and Alert Group. Click Edit in right side. We use website.alibabacloudhk.com as Primary Domain.
Next, we need to define two Address pools in Address Pool Configurations.
Go to Access policy, select Add Access Policy in right side and configure DNS routing based on access region.
Add DNS record in Alibaba Cloud DNS Service
Add a CNAME record and bind website.alibabacloudhk.com to GTM instance CNAME address.
Verifying the Results from Oversea and Mainland China
We can find any machines located in Oversea and China. Ping the hostname and DNS will return different IP addresses.
Building a Serverless PDF Text Recognition Using Function Compute with Node.js in 10 Minutes
Boost Your E-Commerce Business in China Using Global Acceleration
2,599 posts | 764 followers
FollowAlibaba Cloud Indonesia - June 9, 2024
Alibaba Cloud Community - March 2, 2022
Alibaba Clouder - September 16, 2020
Alibaba Container Service - April 17, 2024
Thomas KW Poon - February 23, 2021
JJ Lim - April 19, 2022
2,599 posts | 764 followers
FollowAlibaba Cloud DNS is an authoritative high-availability and secure domain name resolution and management service.
Learn MoreA virtual private cloud service that provides an isolated cloud network to operate resources in a secure environment.
Learn MoreA global network for rapidly building a distributed business system and hybrid cloud to help users create a network with enterprise level-scalability and the communication capabilities of a cloud network
Learn MoreMore Posts by Alibaba Clouder