Add Custom Domains

Coherence supports two types of domain configurations depending on the Google Cloud Platform (GCP) or Amazon Web Services (AWS) reference architecture chosen:

Per-service domains
Per-environment domains (with service routing via a load balancer)

In both cases, Coherence provides a valid domain with an SSL certificate.

Per-service domains

Per-service domains are supported by the following CNC architectures:

Lambda-lite (AWS)
Run-lite (GCP)

The domain for each service is displayed on the environment homepage: A cropped screenshot of an environment homepage shows the "Domains" header and the domain URL above the page tabs.

For these architectures, each service gets its own domain. Although Coherence does not directly support the creation of custom domains for per-service configurations in the Coherence UI, you can set up custom domains through your cloud provider:

For GCP (Run-lite): Define custom domains using a global external Application Load Balancer, Cloud Run domain mapping in the GCP console, or Firebase Hosting.
For AWS (Lambda-lite): Define custom domains using Amazon CloudFront with AWS Lambda as origin.

Per-environment domains

Per-environment domains are supported by the following CNC architectures:

Elastic Container Service (AWS)
Cloud Run (GCP)
Google Kubernetes Engine (GCP)

For these architectures, each environment gets its own domain, and service routing takes place via a load balancer based on the URL path. Coherence supports the creation of custom domains for per-environment configurations by generating DNS records to be set in your DNS provider:

For GCP: Coherence provides a CNAME record.
For AWS: Coherence creates a new Route 53 hosted zone and provides four NS records.

You can set up custom domains using the Custom domains tab on your environment homepage in the Coherence UI.

A cropped screenshot shows the "Add a custom domain" header in the "Custom domains" tab on an environment homepage.

Common issues

DNS propagation

Changes to DNS records can take time to propagate globally. This may cause delays in domain availability after configuration.

Certificate Authority Authorization (CAA) records

CAA records can prevent the cloud issuer from validating and issuing your certificate. Ensure your CAA records allow the necessary certificate authorities.

Wildcard subdomains

AWS: Wildcard subdomains will have a valid certificate.
GCP: Wildcard subdomains will not have a valid certificate by default.

You can obtain a wildcard certificate by adding the name of a self-managed certificate to your cnc.yml. Contact Coherence Support if you need assistance with this.

Please reach out to Coherence Support if you encounter any issues or require further clarification on domain configuration.