NGINX charges $2500/year per-instance for the privilege of having it respect DNS TTL for upstream blocks. Open source nginx resolves the names in an upstream block when the configuration is loaded and caches it forever. Can work around it if you don't need upstream blocks...
Conversation
Even without an upstream block for remoteprovisioning.googleapis.com, this will cache the name forever:
proxy_pass remoteprovisioning.googleapis.com;
A variable essentially tricks it into respecting DNS TTL:
resolver [::1];
set $target remoteprovisioning.googleapis.com;
proxy_pass $target;
It's great.
1
6
Using a variable bypasses upstream block configuration so there's no way to configure failing handling, keepalives, load balancing, etc.
The least terrible approach might be making a script to monitor for DNS name changes and reload the configuration but reloading isn't free.