未使用 nslookup 解析 Route53 子域
Ada*_*tan 2 amazon-s3 amazon-cloudfront nslookup amazon-route53
我的问题
我正在尝试构建个人 CDN 以与我的联系人共享静态文件。该设计包括一个 S3 存储桶、一个 CloudFront 分配和一个通过 Route53 注册的子域,所有这些都使用 Terraform 进行配置。
但是,我可以通过 S3 和 Cloudfront 访问我的文件,但不能通过我的子域 ( cdn.adamatan.com)。
什么在起作用
S3
curl http://cdn.adamatan.com.s3.amazonaws.com/index.html
云前线
curl https://d36tl9ayobqfgg.cloudfront.net/index.html
什么坏了
我无法使用子域获取文件。此外,nslookupforcdn.adamatan.com和adamatan.con不起作用。我认为我以某种方式错误地配置了 Route53。
配置
领域
托管区
地形配置
variable "hosted_zone" {
default = "adamatan.com"
}
variable "domain" {
default = "cdn.adamatan.com"
}
variable "aws_region" {
default = "us-east-1"
}
provider "aws" {
region = "${var.aws_region}"
profile = "personal"
version = "~> 1.1"
}
/*
The S3 bucket storing the files. It must bear the same name as the domain
pointing to it. See https://gist.github.com/danihodovic/a51eb0d9d4b29649c2d094f4251827dd,
and http://stackoverflow.com/a/5048129/2966951
*/
resource "aws_s3_bucket" "adamatan_cdn_bucket" {
bucket = "${var.domain}"
acl = "public-read"
policy = <<EOF
{
"Version":"2008-10-17",
"Statement":[{
"Sid":"AllowPublicRead",
"Effect":"Allow",
"Principal": {"AWS": "*"},
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::${var.domain}/*"]
}]
}
EOF
tags {
Description = "Origin bucket for my personal CDN"
}
}
resource "aws_route53_zone" "cdn_zone" {
name = "${var.hosted_zone}"
}
resource "aws_route53_record" "root_domain" {
zone_id = "${aws_route53_zone.cdn_zone.zone_id}"
name = "${var.domain}"
type = "A"
alias {
name = "${aws_cloudfront_distribution.adamatan_cdn_distribution.domain_name}"
zone_id = "${aws_cloudfront_distribution.adamatan_cdn_distribution.hosted_zone_id}"
evaluate_target_health = false
}
}
resource "aws_cloudfront_distribution" "adamatan_cdn_distribution" {
origin {
domain_name = "${var.domain}.s3.amazonaws.com"
origin_id = "${var.domain}"
}
enabled = true
is_ipv6_enabled = true
comment = "Permanent public file distribution"
default_root_object = "index.html"
aliases = ["${var.domain}"]
default_cache_behavior {
allowed_methods = ["GET", "HEAD", "OPTIONS"]
cached_methods = ["GET", "HEAD"]
target_origin_id = "${var.domain}"
forwarded_values {
query_string = false
cookies {
forward = "none"
}
}
viewer_protocol_policy = "allow-all"
min_ttl = 60
default_ttl = 300
max_ttl = 86400
}
price_class = "PriceClass_All"
restrictions {
geo_restriction {
restriction_type = "none"
}
}
viewer_certificate {
cloudfront_default_certificate = true
}
}
output "domain" {
value = "${var.domain}"
}
output "cdn_domain" {
value = "${aws_cloudfront_distribution.adamatan_cdn_distribution.domain_name}"
}
我的问题
如何使用 Terraform(最好有 SSL 支持)将我的子域 ( cdn.adamatan.com)映射到我的 Cloudfront 分布 ( d36tl9ayobqfgg.cloudfront.net)?
在 Amazon Hosted Zone 中,您拥有与注册商不同的一组名称服务器。
Domain Name: ADAMATAN.COM
Registrar: Gandi SAS
Name Server: NS-1193.AWSDNS-21.ORG
Name Server: NS-1889.AWSDNS-44.CO.UK
Name Server: NS-4.AWSDNS-00.COM
Name Server: NS-1193.AWSDNS-21.ORG
上面的名称服务器都没有回答adamatan.com SOA& cdn.adamatan.com。这些名称服务器没有在其中配置您的域,而您区域上的一组服务器具有:
;; ANSWER SECTION:
cdn.adamatan.com. 60 IN A 13.33.23.245
cdn.adamatan.com. 60 IN A 13.33.23.59
cdn.adamatan.com. 60 IN A 13.33.23.22
cdn.adamatan.com. 60 IN A 13.33.23.89
cdn.adamatan.com. 60 IN A 13.33.23.45
cdn.adamatan.com. 60 IN A 13.33.23.248
cdn.adamatan.com. 60 IN A 13.33.23.169
cdn.adamatan.com. 60 IN A 13.33.23.94
;; AUTHORITY SECTION:
adamatan.com. 172800 IN NS ns-1511.awsdns-60.org.
adamatan.com. 172800 IN NS ns-1730.awsdns-24.co.uk.
adamatan.com. 172800 IN NS ns-378.awsdns-47.com.
adamatan.com. 172800 IN NS ns-936.awsdns-53.net.
前往您 Gandi 帐户的域管理并相应地更改您的名称服务器。父 ( .com) 区域中的 NS 记录应与您自己 ( adamatan.com) 中的记录相匹配。
请记住,TTL两个区域上的 都是172800秒,即 48 小时。这些更改最多可能需要两天时间才能生效。dig adamatan.com NS @a.gtld-servers.net.显示它们是否已在 的根名称服务器上更新.com,这就是计数实际开始的时间。
| 归档时间: |
|
| 查看次数: |
2951 次 |
| 最近记录: |