Gcp Notes

From Federal Burro of Information
Revision as of 15:49, 23 January 2020 by David (talk | contribs)
Jump to navigationJump to search

Overview

Auth

get the auth file and then:

export GOOGLE_APPLICATION_CREDENTIALS="/usr/home/user/.gcp/XXX-XXX.json"

whoami ?


Storage

Types of storage, how to choose:

https://cloud.google.com/storage-options/

Compute

https://cloud.google.com/sdk/gcloud/reference/compute/instances/create

OS Login

So you want to just ssh into the vm like you do everything else, you don't want to use

gcloud ssh login

or the "in browser" ssh client.

great , you want "OS Login"

lots of steps:

1. for the VM set the enable-oslogin meta data value to "TRUE"

in tf like this:

  metadata  = {
    enable-oslogin = "TRUE"
  }

2. give the user the correct roles:

Computer OS Login ( for vanilla , non-root access )
Compute OS Admin login ( for root access via sudo )

via command line this I think:

gcloud projects add-iam-policy-binding project-ID --member \
 serviceAccount:"velos-manager@project-ID.iam.gserviceaccount.com" \
 --role "roles/iam.serviceAccountUser"
 --no-user-output-enabled --quiet


How Tos

single node NFS
https://medium.com/google-cloud/gke-with-google-cloud-single-node-filer-nfs-4c4dc569964f

Reading

Hashes and ETags
Best Practices
https://cloud.google.com/storage/docs/hashes-etags