I am following the codelab on PSC with automatic DNS configuration:
https://codelabs.developers.google.com/psc-automatic-dns#4
I am getting stuck at the step “Create a service attachment.”
I have an example test public domain that i am entering in place of “cosmopup.net.”
I am running the following command:
gcloud compute service-attachments create published-service --region=us-central1 --producer-forwarding-rule=l7-ilb-forwarding-rule --connection-preference=ACCEPT_AUTOMATIC --nat-subnets=psc-nat-subnet --domain-names=.
I am getting the following error though:
ERROR: (gcloud.compute.service-attachments.create) Could not fetch resource:
What am i missing here please?
1 Like
Can i please seek some guidance in relation to this query please.
Thank you!
1 Like
Hi @mountaincode2 ,
Upon investigation the error illustrates a possible lack of control over the domain. Your account has to be verified as the primary domain on Google admin. As a super admin you should be able to view the ownership verification, here are the steps:
- Go to Network Services
- Then Private Service Connect
- Scroll down to Advanced configuration
- Type in your domain name: Make sure to add the ‘.’ at the end of the domain name
- Click Verify Domain
Go to settings to check if your account is the verified owner:
On the other hand, below image shows your domain is not verified:
References:
Publish services by using Private Service Connect
DNS configuration for published services
Codelabs reminder: If you specify a domain name, the name is used to automatically configure private DNS entries for your services in the service consumer’s VPC network. You must be a verified owner of the domain name that you are specifying. Publishing the service fails if you do not own the domain. You can click Verify Domain to view and configure domain ownership. Update the configuration with an authorized Public domain you own.
I hope the above information is helpful.
2 Likes
@diannemcm thank you, i was able to verify the domain following the steps you outlined. (I created the service attachment in the producer using the console and then verified the domain.)
However, when i curl into my domain:
curl -v .<xxx.cloud>
i get the HTTP 503 Service Unavailable error:
- Trying 10.10.0.10:80…
- Connected to thestranger-endpoint.thestranger.cloud (10.10.0.10) port 80 (#0)
GET / HTTP/1.1
Host: xxx-endpoint.xxx.cloud
User-Agent: curl/7.88.1
Accept: /
HTTP/1.1 503 Service Unavailable
< content-length: 13
< content-type: text/plain
< date: Wed, 07 Aug 2024 10:01:04 GMT
< via: 1.1 google
<
- Connection #0 to host .<xxx.cloud> left intact
drop overload
…as opposed to the expected output in the codelab:
https://codelabs.developers.google.com/psc-automatic-dns#9
What am i missing here please?
1 Like
Update: My VM instance serving the application on the producer side had stopped.
Everything checks out now.
Thank you!
2 Likes
