Migrate to google CDN (external origin ) without DNS change

Question

We are using AWS cloudfront and planning to migrating to Google cloud CDN as we have opted google cloud as the cloud provider. At the moment our DNS is registered with 3rd party provider. However I identified while configuring LB back-end service in google cloud that to enable the backend service with external origin we should do it via google cloud Public DNS . Is there any way I can continue with current DNS provider and migrate to google cloud CDN

Answer 1

Please have a look at the documentation again:

An internet endpoint with an FQDN defined must be resolvable by Google Public DNS. Names that cannot be resolved by the public DNS system will not be usable as an internet endpoint.

As a result, yes, you can continue with current DNS provider and migrate to google cloud CDN if your domain name public and can be resolved by the public DNS system. To check it please go here or run commands:

host -a your.fqdn.domain.name 8.8.8.8
host -a your.fqdn.domain.name 8.8.4.4

In addition, please have a look at the documentation section Authenticating requests:

Query the _cloud-eoips.googleusercontent.com DNS TXT record using a tool like dig or nslookup. Note the CIDRs (following ip4:) and ensure these ranges are allowed by your firewall or cloud Access Control List (ACL).

$ dig TXT _cloud-eoips.googleusercontent.com 
...
;; ANSWER SECTION:
_cloud-eoips.googleusercontent.com. 3600 IN TXT "v=spf1 ip4:34.96.0.0/20 ip4:34.127.192.0/18 ~all"

and at the section IP address resolution for FQDN endpoints:

The external HTTP(S) load balancer attempts to connect to the first IP address in the DNS response. If that IP address isn't reachable, the load balancer returns an HTTP 502 (Bad Gateway) response. This is true even if other IP addresses from the DNS response are available.

The external HTTP(S) load balancer uses a DNS resolver in a Google Cloud region that is closest to its client on the internet. If the DNS record for your INTERNET_FQDN_PORT endpoint returns different IP addresses based on the location of the client, make sure that each of those IP addresses can be reached by the load balancer.

So, allow access from 34.96.0.0/20, 34.127.192.0/18 and be sure that IP address in the DNS response are highly available. No special configuration of DNS is needed.