GCP Tutorial - Create VM
Page content
Get API key (not used so far)
- Project erstellen.
- API & Services -> Anmeldedaten -> Anmeldendaten erstellen.
- Add IP restriction to the API key.
- Schränken: Google Cloud APIs.
Install SDK
- Install Python on your local environment.
- Install Google Cloud SDK.
- Configure the SDK with
gcloud init. <- need to check which credentials are used for SDK auth.
Install Python
Refer to the instructions (on pyenv.) I installed v3.8.6 at this time.
Install Google Cloud SDK
I installed Google Cloud SDK on Windows Subsystem Linux. Here is the official instruction using apt.
echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
sudo apt-get install apt-transport-https ca-certificates gnupg
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -
sudo apt-get update && sudo apt-get install google-cloud-sdk
sudo apt install google-cloud-sdk-app-engine-python google-cloud-sdk-app-engine-python-extras
Configure the SDK (initialize)
gcloud init
- I want to use GCP for free, so I set the default region as Oregon (
[13] us-west1-a).
Create VM using Google Cloud SDK
About free tier: as of 28/11/2020
https://cloud.google.com/free/docs/gcp-free-tier
Eine f1-micro-VM-Instanz auf Abruf pro Monat in einer der folgenden US-Regionen:
Oregon: us-west1
Iowa: us-central1
South Carolina: us-east1
Create VM
Check available images.
gcloud compute images list
- I’ll install Container-optimized OS.
- Using for free, the machine type is
f1-micro(the default is… sorry I forgot it).
gcloud compute instances create atlex00-privat \
--image cos-85-13310-1209-10 \
--image-project cos-cloud \
--machine-type f1-micro
Created [https://www.googleapis.com/compute/v1/projects/atlex00-202011/zones/us-west1-a/instances/atlex00-privat].
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
atlex00-privat us-west1-a f1-micro 10.138.0.3 {{ global IP }} RUNNING
Done!!
Basic security: SSH key and Firewall
SSH
- The default username of the VM we created is same as your Google Account.
If your Google Account is
foo@gmail.com, the default username in the VM isfoo. - We can upload our SSH public key as follows.
gcloud compute instances add-metadata atlex00-privat --metadata-from-file ssh-keys=.ssh/gcp.pub - You can check you ssh keys at
https://console.cloud.google.com/compute/metadata/sshKeys?project={{ your_project_name }}.
Firewall
Delete default firewall rules and add only ssh from your IP.
$ gcloud compute firewall-rules list
NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED
default-allow-icmp default INGRESS 65534 icmp False
default-allow-internal default INGRESS 65534 tcp:0-65535,udp:0-65535,icmp False
default-allow-rdp default INGRESS 65534 tcp:3389 False
default-allow-ssh default INGRESS 65534 tcp:22
$ gcloud compute firewall-rules delete default-allow-icmp default-allow-internal default-allow-rdp default-allow-ssh
$ gcloud compute firewall-rules create ssh-from-home --allow=tcp:22 --source-ranges={{ your_home_IP }}/32
28/11/2020: Error using Python 3.9.0
Both gsutil config -n and gcloud compute images list was failed.
Memo:
because ModuleNotFoundError: No module named '_ctypes'
sudo apt install -y libffi-dev
Appendix A. Full-log of gcloud init
I’ve already created the project atlex00-202011.
$ gcloud init
Welcome! This command will take you through the configuration of gcloud.
Your current configuration has been set to: [default]
You can skip diagnostics next time by using the following flag:
gcloud init --skip-diagnostics
Network diagnostic detects and fixes local network connection issues.
Checking network connection...done.
Reachability Check passed.
Network diagnostic passed (1/1 checks passed).
You must log in to continue. Would you like to log in (Y/n)? Y
Go to the following link in your browser:
https://accounts.google.com/o/oauth2/auth{{ long_long_parameter }}
Enter verification code: {{ verification_code }}
You are logged in as: [{{ your_Google_account }}].
Pick cloud project to use:
[1] atlex00-202011
[2] Create a new project
Please enter numeric choice or text value (must exactly match list
item): 1
Your current project has been set to: [atlex00-202011].
Do you want to configure a default Compute Region and Zone? (Y/n)? Y
Which Google Compute Engine zone would you like to use as project
default?
If you do not specify a zone via a command line flag while working
with Compute Engine resources, the default is assumed.
[1] us-east1-b
[2] us-east1-c
[3] us-east1-d
[4] us-east4-c
[5] us-east4-b
[6] us-east4-a
[7] us-central1-c
[8] us-central1-a
[9] us-central1-f
[10] us-central1-b
[11] us-west1-b
[12] us-west1-c
[13] us-west1-a
[14] europe-west4-a
[15] europe-west4-b
[16] europe-west4-c
[17] europe-west1-b
[18] europe-west1-d
[19] europe-west1-c
[20] europe-west3-c
[21] europe-west3-a
[22] europe-west3-b
[23] europe-west2-c
[24] europe-west2-b
[25] europe-west2-a
[26] asia-east1-b
[27] asia-east1-a
[28] asia-east1-c
[29] asia-southeast1-b
[30] asia-southeast1-a
[31] asia-southeast1-c
[32] asia-northeast1-b
[33] asia-northeast1-c
[34] asia-northeast1-a
[35] asia-south1-c
[36] asia-south1-b
[37] asia-south1-a
[38] australia-southeast1-b
[39] australia-southeast1-c
[40] australia-southeast1-a
[41] southamerica-east1-b
[42] southamerica-east1-c
[43] southamerica-east1-a
[44] asia-east2-a
[45] asia-east2-b
[46] asia-east2-c
[47] asia-northeast2-a
[48] asia-northeast2-b
[49] asia-northeast2-c
[50] asia-northeast3-a
Did not print [24] options.
Too many options [74]. Enter "list" at prompt to print choices fully.
Please enter numeric choice or text value (must exactly match list
item): 13
Your project default Compute Engine zone has been set to [us-west1-a].
You can change it by running [gcloud config set compute/zone NAME].
Your project default Compute Engine region has been set to [us-west1].
You can change it by running [gcloud config set compute/region NAME].
Created a default .boto configuration file at [/home/atlex00/.boto]. See this file and
[https://cloud.google.com/storage/docs/gsutil/commands/config] for more
information about configuring Google Cloud Storage.
Your Google Cloud SDK is configured and ready to use!
* Commands that require authentication will use {{ your_Google_account }} by default
* Commands will reference project `atlex00-202011` by default
* Compute Engine commands will use region `us-west1` by default
* Compute Engine commands will use zone `us-west1-a` by default
Run `gcloud help config` to learn how to change individual settings
This gcloud configuration is called [default]. You can create additional configurations if you work with multiple accounts and/or projects.
Run `gcloud topic configurations` to learn more.
Some things to try next:
* Run `gcloud --help` to see the Cloud Platform services you can interact with. And run `gcloud help COMMAND` to get help on any gcloud command.
* Run `gcloud topic --help` to learn about advanced features of the SDK like arg files and output formatting
Appendix B. Delete an instance
$ gcloud compute instances list
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
atlex00-privat us-west1-a f1-micro 10.138.0.2 {{ global IP }} RUNNING
$ gcloud compute instances delete atlex00-privat --zone=us-west1-a
The following instances will be deleted. Any attached disks configured
to be auto-deleted will be deleted unless they are attached to any
other instances or the `--keep-disks` flag is given and specifies them
for keeping. Deleting a disk is irreversible and any data on the disk
will be lost.
- [atlex00-privat] in [us-west1-a]
Do you want to continue (Y/n)? Y
Deleted [https://www.googleapis.com/compute/v1/projects/atlex00-202011/zones/us-west1-a/instances/atlex00-privat].
$ gcloud compute instances list
Listed 0 items.