yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
e0076dd9e4a6630c7550320c6a3c30b50eafac3d
doc-exports/docs/fg/umn/functiongraph_03_0839.html
chenjunjie da8877ec76 FG UMN 20241021 version 
Reviewed-by: Mützel, Andrea <andrea.muetzel@t-systems.com>
Co-authored-by: chenjunjie <chenjunjie@huawei.com>
Co-committed-by: chenjunjie <chenjunjie@huawei.com>
2025-05-20 13:39:19 +00:00

9.0 KiB
Raw Blame History

How Does FunctionGraph Implement Domain Name Resolution?

FunctionGraph cannot directly resolve private DNS domain names. To resolve them, call DNS APIs and perform the following steps.

Resolving a Private DNS Domain Name with an Event Function

Ensure that a VPC and private DNS domain name have been created before performing the following steps:

  1. Associate a VPC with the private domain name and add record sets.

    Log in to the DNS console and associate a VPC with the private domain name.

    Figure 1 Associating a VPC with the private domain name

    Click the domain name, and add a type A record set.

    Figure 2 Adding a record set
  2. Create a function.

    Create a function whose runtime is Python 2.7. The following is sample code.

    # -*- coding:utf-8 -*-
import json
import os
def handler(event, context):
     os.system("curl -iv www.test.com")
  3. Configure an agency with DNS and VPC permissions for the function.

    Log in to the IAM console, and configure an agency with the DNS ReadOnlyAccess and VPC Administrator permissions for FunctionGraph.

    Figure 3 Creating an agency with DNS and VPC permissions

    You need to configure the permission to read DNS resource data because the function needs to obtain such data when resolving a domain name. Otherwise, the following error message is displayed, indicating that the DNS resource data failed to be obtained.

    2020/08/20 10:37:12 GMT+08:00  Start invoke request 'a2f105b4-2e72-4fda-94a5-86d3837e961d', version: latest
[GET /v2/zones/{zone_id}/recordsets] failed, response: {"code":"DNS.1802","message":"Policy doesn't allow dns:recordset:list to be performed."}
2020/08/20 10:37:13 GMT+08:00  Finish invoke request 'a2f105b4-2e72-4fda-94a5-86d3837e961d', duration: 1030.072ms, billing duration: 1100ms, memory used: 77.039MB.
  4. Configure the function.

    On the details page of the function created in step 2, click the Configuration tab and configure the following settings:

    1. For Permissions, select the agency created in step 3.
    2. Enable VPC access and select the created VPC, subnet, and domain name.
    Figure 4 Configuring the function
  5. Check the execution result.

    All configured IPv4 domain names can be resolved.

    Figure 5 Executing the function

Changes to the IP addresses corresponding to the VPC domain names you configure will take effect in 10 minutes.

Resolving a Private DNS Domain Name with a Container Imagebased Function

  1. Obtain a private domain name and zone ID.

    This procedure uses a domain name with a record set as an example.

    1. Log in to the DNS console.
    2. Obtain a zone ID.

      Click , and select Domain Name in the search box to obtain a zone ID.

    3. Obtain the private domain name corresponding to a recording set.

      Click the domain name to go to the record set list, and select a record set.

  1. Compile the resolution logic.

    Use to debug the API used to query record sets in a zone.

    • Set zone_id to the zone ID obtained in the preceding step, and click Debug. The IP address of the private domain name is displayed in the response body.
    • Switch to the Sample Code tab to obtain the complete code. For details about the dependencies, click View SDK Details.
Parent topic: General FAQs
<script language="JavaScript"> </script>