Setting up custom domains (with subdomains) on Google App Engine with SSL with different versions of app

Question

Problem I want to solve

I want to be able to send different users to different versions of my Google App Engine application, on a custom domain, with SSL enabled. This needs to be done in a controlled way, i.e., even landing page should be different, and it has to work on multiple units for the user.

Solution I can't get to work

I am trying to setup a custom domain with sub-domains, and want to be able to access different versions of the application. For example, I have myapp.mydomain.com, and I want to run one version (alpha) on alpha.myapp.mydomain.com, and one version (beta) on beta.myapp.mydomain.com (where alpha is default).

I use the Google Developers Console to set up custom domains, using myapp.mydomain.com, and *.myapp.mydomain.com as custom domains.

This works perfectly as long as I don't try to add on SSL as well, i.e., beta.myapp.mydomain.com serves the version named beta. When I set up SSL I start by adding my application to Google Apps, (per https://developers.google.com/appengine/docs/ssl) and then set up my domain to point to my app. First I add myapp.mydomain.com, then alpha.myapp.mydomain.com, and last beta.myapp.mydomain.com.

When that is done beta.myapp.mydomain.com start to serve the default version instead. Except that it sometimes also serves the beta version (this happens one in every 20 tries or so, I assume it's a glitch for now).

My questions: a) Should I set up my domains in both Google Apps and Google Developer Console? Or should I remove the setup from Google Developer Console? I tried both, seems to give the same results. b) It seems like it is possible to get it done by using modules as indicated in Google App Engine custom domains, subdomains and SSL and in Appengine modules dispatch.xml routing with custom domain. Is this the only way, or am I doing something wrong in my setup?

Suggestions I have received so far

One suggestion is to use traffic splitting and set a unique cookie depending on what version I want the user to end up with. I did not know about this, and it will solve some other issues I have been looking at. It does not solve my current problem though, as I need to have this set before log in. The answer is useful though.

Answer 1

I'll answer with what I did to make this work for me.

Instead of sending users to different versions of the app, I created a new module called alpha, and directed users using alpha.myapp.mydomain.com to that module using dispatch.xml.

<dispatch>
    <url>*alpha.myapp.mydomain.com/*</url>
    <module>alpha</module>
</dispatch>

I set up custom domains in the App Engine Console (https://console.developers.google.com) under Compute->App Engine->Custom Domains, for *.myapp.mydomain.com and alpha.myapp.mydomain.com. I also added the URL alpha.myapp.mydomain.com to the accepted URLs for my App Engine app on Google Apps (https://admin.google.com). This allowed me to run over SSL as well.

I intend to run the app under another domain (domain alias to my primary domain), so I tried that as well. To make this work I ONLY added the domain alias in Google Apps as www.mydomainalias.com and alpha.mydomainalias.com, because if I added it to Google App Engine custom domains I got an error message ("We are unable to process your request at this time. Please try again later. (Error #1000)"). I have no idea why it that did not work out.

Answer 2

The easier approach is to do traffic splitting on a cookie level compared to setting up extra subdomains AND extra SSL certificates. The domain name to access your alpha version does not have to change using this approach.

from the docs :

The response from your app does not already contain a Set-Cookie: GOOGAPPUID=... header. This allows your app to control which version a user gets.