gcp gcloud - ghdrako/doc_snipets GitHub Wiki

Config

gcloud component list
gcloud init

gcloud info --run-diagnostics  # sprawdza czy jest mozliwosc polaczenia z gcloud i czy certy sa poprawne np w przypadku przechodzenia przez proxy

gcloud config configurations list
gcloud config configurations create dev
gcloud config configurations activate dev
gcloud config configurations activate user2
gcloud config configurations activate default

copy config_default config_dev
set CLOUDSDK_ACTIVE_CONFIG_NAME=dev

gcloud config set core/account [email protected]


gcloud config set project development-123456 # set the project for the current configuration

gcloud config get-value project
gcloud config get project


gcloud compute project-info describe --project $(gcloud config get-value project) 
gcloud config list --format 'value(core.project)'  # retrive project id
gcloud config set compute/region us-east4    # set the region for the current configuration
gcloud config get-value compute/region
gcloud config set compute/zone us-east4-c    # set the zone for the current configuration
gcloud config get-value compute/zone

gcloud config list  # View the list of configurations in your environment
gcloud config list --all # all properties and their settings

Generate token

Gcloud auth tokens expire in 60 minutes

gcloud auth print-access-token
gcloud sql generate-login-token
#gcloud auth application-default print-access-token
  1. Options work with gcloud, but not all clients

All of the options below worked to setup the gcloud CLI with credentials.

    export CLOUDSDK_AUTH_ACCESS_TOKEN=<access token>
    gcloud config set auth/access_token_file $(pwd)/my-access-token.txt
    gcloud storage ls <bucket> --access_token_file=$(pwd)/my-access-token.txt
  1. Python clients don't respect options listed above

In this github issue, support for CLOUDSDK_AUTH_ACCESS_TOKEN by Google's Python libraries is requested.

import getpass
from google.cloud import storage
from google.oauth2.credentials import Credentials

# import an access token
# - option 1: read an access token from a file
with open("my-access-token.txt") as f:
    access_token = f.read().strip()
# - option 2: read an access token from user input
access_token = getpass.getpass("Enter access token: ")

# setup a storage client using credentials
credentials = Credentials(access_token)
storage_client = storage.Client(credentials=credentials)

# test the storage client by trying to list content in a google storage bucket
bucket_name = "something"  # don't include gs:// here
blobs = list(storage_client.list_blobs(bucket_name))
print(len(blobs))

Activate service accout from json

gcloud auth activate-service-account [email protected] --key-file=/path/key.json --project=PROJECT_ID

Switch between account/Change account

gcloud config set account `ACCOUNT`

Setting environment variables

# Setting environment variables
gcloud compute zones list  # list all the zones available to use
export PROJECT_ID=$(gcloud config get-value project)
export ZONE=$(gcloud config get-value compute/zone)
echo -e "PROJECT ID: $PROJECT_ID\nZONE: $ZONE"
gcloud compute instances create gcelab2 --machine-type n1-standard-2 --zone $ZONE
gcloud compute instances create --help

Manage components

gcloud components list  # List your components typu kubectl ,sql proxy gcloud
gcloud components install COMPONENT_ID
gcloud components remove COMPONENT_ID
gcloud components update
gcloud components install beta # install the component that allows you to access beta commands
gcloud components update beta  # update component to beta

Authorize

gcloud auth login                                      # creates the default configuration if it does not exist
gcloud auth login --no-launch-browser
gcloud auth list                             # list the Google accounts that have been authorized

Config file

The default configuration is stored in ~/.config/gcloud/configurations/config_default.
~/.config/gcloud/configurations # linux
C:\Users\username\AppData\Roaming\gcloud\configurations # Windows
C:\Users\username\AppData\Roaming\gcloud\active_config # active configuration is stored in this file

manage VMs

gcloud compute instances list --configuration=dev
gcloud compute instances list
gcloud compute instances list --filter="name=('gcelab2')" # List the gcelab2 virtual machine
gcloud compute firewall-rules list
gcloud compute firewall-rules list --filter="network='default'"
gcloud compute firewall-rules list --filter="NETWORK:'default' AND ALLOW:'icmp'"

gcloud compute ssh gcelab2 --zone $ZONE  # login to vm ssh

gcloud compute instances add-tags gcelab2 --tags http-server,https-server  # add tag

gcloud compute firewall-rules create default-allow-http --direction=INGRESS --priority=1000 --network=default --action=ALLOW --rules=tcp:80 --source-ranges=0.0.0.0/0 --target-tags=http-server   # update firewall rule

gcloud compute firewall-rules list --filter=ALLOW:'80'

curl http://$(gcloud compute instances list --filter=name:gcelab2 --format='value(EXTERNAL_IP)') # verify connection to nginx sudo apt install -y nginx

Copy files between vm-s, localhost

gcloud compute scp <[[USER@]INSTANCE:]SRC...> <[[USER@]INSTANCE:]DEST>
gcloud compute scp --recurse example-instance:~/narnia ~/wardrobe --zone=us-central1-a
gcloud compute scp --project="my-gcp-project" --zone="us-east1-b" --recurse ~/foo-folder/ gcp-instance-name:~/
D:\temp>gcloud compute scp --project=tst-biz-acp-gcp-pr --zone=europe-north1-a  --internal-ip acp-vm:/mnt/disks/sdb/ebkdb.dmp  .

System logs

gcloud logging logs list 
gcloud logging logs list --filter="compute" 
gcloud logging read "resource.type=gce_instance" --limit 5
gcloud logging read "resource.type=gce_instance AND labels.instance_name='gcelab2'" --limit 5

Container

gcloud container clusters create [CLUSTER-NAME]
gcloud container clusters get-credentials [CLUSTER-NAME]
kubectl create deployment hello-server --image=gcr.io/google-samples/hello-app:1.0
kubectl expose deployment hello-server --type=LoadBalancer --port 8080 # expose your application to external traffic
kubectl get service
kubectl get deployment
kubectl scale --replicas=3 deployment/hello-server  # scale deployment
kubectl get replicaset
kubectl scale --replicas=3 rs/hello-server-34fds    # scale replcaset
gcloud container clusters delete [CLUSTER-NAME]

Trouble shooting

REQUESTS_CA_BUNDLE=/usr/local/share/ca-certificates/ca-bundle.pem
HTTPLIB2_CA_CERTS=/usr/local/share/ca-certificates/ca-bundel.pem

$ gcloud config list
...
custom_ca_certs_file = /usr/local/share/ca-certificates/ca-bundel.pem
...

⚠️ **GitHub.com Fallback** ⚠️