Gcp Notes: Difference between revisions
From Federal Burro of Information
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
== Overview == | == Overview == | ||
== Auth === | |||
get the auth file and then: | |||
export GOOGLE_APPLICATION_CREDENTIALS="/usr/home/user/.gcp/XXX-XXX.json" | |||
== Storage == | == Storage == | ||
| Line 13: | Line 19: | ||
== OS Login == | == OS Login == | ||
So you want to just ssh into the vm like you do everything else, you don't want to use | |||
gcloud | gcloud ssh login | ||
or the "in browser" ssh client. | or the "in browser" ssh client. | ||
| Line 38: | Line 44: | ||
Compute OS Admin login ( for root access via sudo ) | Compute OS Admin login ( for root access via sudo ) | ||
via | via command line this I think: | ||
<pre> | <pre> | ||
Revision as of 18:05, 17 January 2020
Overview
Auth =
get the auth file and then:
export GOOGLE_APPLICATION_CREDENTIALS="/usr/home/user/.gcp/XXX-XXX.json"
Storage
Types of storage, how to choose:
https://cloud.google.com/storage-options/
Compute
https://cloud.google.com/sdk/gcloud/reference/compute/instances/create
OS Login
So you want to just ssh into the vm like you do everything else, you don't want to use
gcloud ssh login
or the "in browser" ssh client.
great , you want "OS Login"
lots of steps:
1. for the VM set the enable-oslogin meta data value to "TRUE"
in tf like this:
metadata = {
enable-oslogin = "TRUE"
}
2. give the user the correct roles:
Computer OS Login ( for vanilla , non-root access ) Compute OS Admin login ( for root access via sudo )
via command line this I think:
gcloud projects add-iam-policy-binding project-ID --member \ serviceAccount:"velos-manager@project-ID.iam.gserviceaccount.com" \ --role "roles/iam.serviceAccountUser" --no-user-output-enabled --quiet
How Tos
- single node NFS
- https://medium.com/google-cloud/gke-with-google-cloud-single-node-filer-nfs-4c4dc569964f
Reading
- Hashes and ETags
- Best Practices
- https://cloud.google.com/storage/docs/hashes-etags
