Skip to content

GCP

Jump to bottom
Andres Olarte edited this page Jun 1, 2022 · 28 revisions

gcloud

Manage configurations

gcloud config configurations activate ACCOUNT
gcloud config configurations list
gcloud config list

Get config info

gcloud config list

Get project number

PROJECT_ID=$(gcloud config get-value project)
PROJECT_NUMBER=$(gcloud projects list --filter="$PROJECT_ID" --format="value(PROJECT_NUMBER)")

Set project

gcloud config set core/project project_name

Setup default application credentials

gcloud auth application-default login

Use service account

gcloud auth activate-service-account --project=someproject --key-file=sa.json

Cloud Build

To shell into a Cloud Build container locally:

docker run -it --entrypoint /bin/sh --rm -v ~/my_data:/data gcr.io/cloud-builders/git

GCE

Scopes

gcloud beta compute instances set-scopes INSTANCE --zone=us-central1-f  --scopes=https://www.googleapis.com/auth/gerritcodereview,storage-ro,default

gcloud  compute instances describe INSTANCE --zone=us-central1-f

SSH port forwarding

gcloud compute --project "project-name" ssh --zone "us-central1-c" --ssh-flag="-L" --ssh-flag="5005:localhost:5005" "instance-name"

Get Startup scripts

gcloud compute instances describe --zone us-central1-f  instance-name

Run Startup scripts

sudo google_metadata_script_runner --script-type startup

Results:

  • CentOS and RHEL: /var/log/messages
  • Debian: /var/log/daemon.log
  • Ubuntu 14.04, 16.04, and 16.10: /var/log/syslog
  • SLES 11 and 12: /var/log/messages
  • On systemd results can also be seen with: journalctl -f

Metadata

Instance

Query metadata:

curl "http://metadata.google.internal/computeMetadata/v1/instance/attributes/key-name"  -H "Metadata-Flavor: Google"

Assign the result to a variable:

METADATA_VALUE=`curl -s "http://metadata.google.internal/computeMetadata/v1/instance/attributes/key-name"  -H "Metadata-Flavor: Google"`

Get internal IP of instance:

INTERNAL_IP=$(curl -s -H "Metadata-Flavor: Google" \
  http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip)

Project

gcloud compute project-info add-metadata --metadata key=value

gcloud compute project-info describe --format='value(commonInstanceMetadata.items.key)'

Backend Services

To list backend services, use --uri which will show if it's global or regional. Without it the output is confusing since it shows the zone of the backends.

gcloud compute backend-services list --uri

SSH using IAP

Run gcloud compute config-ssh to setup these files under ~/.ssh:

  • config
  • google_compute_engine
  • google_compute_engine.ppk
  • google_compute_engine.pub

Add to ~/.ssh/config:

Host SSH_HOSTNAME
    IdentityFile ~/.ssh/google_compute_engine
    User USERNAME
    HostName GCP_HOSTNAME
    ProxyCommand gcloud compute start-iap-tunnel %h 22 --listen-on-stdin --zone GCP_ZONE

Then simply ssh into it:

ssh SSH_HOSTNAME

GCS

Delete a bucket

If empty (safer): gsutil rb gs://bucket

If NOT empty: gsutil rm -r gs://bucket

REST

Run a request using curl:

curl -XPOST -T request.json \
  -H"Authorization: Bearer $(gcloud config config-helper --format='value(credential.access_token)')" \
  https://cloudbuild.googleapis.com/v1/projects/$YOUR_PROJECT_ID/triggers
Clone this wiki locally