Download as PDF, PPTX
![Connect to GCE machine
➔ gcutil ssh [instance id]
➔ ssh [username]@[instance-ip] -i [path-to-google-ssh-key]](https://image.slidesharecdn.com/googlecomputeenginegcp-ce-140328111430-phpapp01/75/Google-Compute-Engine-Starter-Guide-12-2048.jpg)
![Windows connect GCE
● Prepare ssh private key for project metadata [Ref]
[username]:ssh-rsa [private keys value]](https://image.slidesharecdn.com/googlecomputeenginegcp-ce-140328111430-phpapp01/75/Google-Compute-Engine-Starter-Guide-13-2048.jpg)
![Add a Persistent Disk...
➔ gcutil adddisk --zone=us-central1-a testdisk
➔ gcutil ssh [instance name]
➔ sudo mkdir /mnt/pd0
➔ sudo /usr/share/google/safe_format_and_mount
-m "mkfs.ext4 -F" /dev/disk/by-id/[disk-id] /mnt/pd0](https://image.slidesharecdn.com/googlecomputeenginegcp-ce-140328111430-phpapp01/75/Google-Compute-Engine-Starter-Guide-21-2048.jpg)
Uploaded bySimon Su
Google Compute Engine Starter Guide
The document provides an overview of the Google Compute Engine (GCE) architecture, including project setup, instance management, firewall configuration, and network design. It outlines key features like billing, security certifications, persistent disks, and load balancing, alongside practical commands for using GCE and creating instances. Additionally, it discusses advanced operations and recommendations for porting applications and managing resources within GCE.
More Related Content
Similar to Google Compute Engine Starter Guide
Google Compute Engine Starter Guide
- 1.
- 2. Prepare ● google cloudproject ● google-cloud-sdk with gcutil ● ssh tool Reference: https://sites.google.com/a/mitac.com.tw/google-cloud-platform/google-compute-engine/gce---sdk-install-and-auth
- 3. ● GCE architecture ●GCE web UI to GCE CLI tool ○ Create, Snapshot, Create from Disk or Snapshot ● Network & FW ○ 3-tier network implements ● Instance option - start script ○ Using start script build a auto scale service Today’s Objective
- 4.
- 5. Something about GCE ●Billing: 1 Minute Increments, Minimum 10 Minutes ● Security: ○ ISO 27001:2005 Certification for GCE, GAE, and GCS ● Location: ○ Region ○ Zone
- 6. About the Instances ●Persistent Disk ● Network block storage ● Max of 16 disks/instance ● Created independently of instance ● 1 Virtual CPU is a Hyperthread on Processor ● Current processor is 2.6 GHz Intel Sandy Bridge Xeon ● No GPU or SSD Options
- 7. About utility -web ui, gcutil, restful
- 8.
- 9. From Web UIto CLI to RESTful
- 10. gcutil - GetHELP ➔ gcutil --help ➔ gcutil help listinstances ◆ ex: gcutil listinstances --columns=all --format=json ➔ https://developers.google.com/compute/docs/gcutil/tips
- 11.
- 12. Connect to GCEmachine ➔ gcutil ssh [instance id] ➔ ssh [username]@[instance-ip] -i [path-to-google-ssh-key]
- 13. Windows connect GCE ●Prepare ssh private key for project metadata [Ref] [username]:ssh-rsa [private keys value]
- 14. Network & Firewall& Instance Scripts
- 15. Sample of createN-Tier ● Security purpose ● Permission control ● Management purpose ● Tiers ○ admin: VPN, management purpose ○ frontend: web server, for public connect ○ db: storing data, sensitive areahttp://gappsnews.blogspot.tw/search?q=n-tier
- 16. # service port gcutiladdfirewall --allowed_tag_sources=frontend --network=my-network --allowed=tcp:80,tcp:443 myfw-service-port # ap to db gcutil addfirewall --allowed_tag_sources=frontend --target_tags=db --network=my-network --allowed=tcp:5984 myfw- couchdb-port # admin zone gcutil addfirewall --allowed_ip_sources=0.0.0.0/8 --network=my-network --allowed=tcp:22 myfw-admin-ssh gcutil addfirewall --allowed_tag_sources=admin --target_tags=frontend,db --network=my-network --allowed=tcp:22 myfw-manage-zone Sample of create N-Tier - Network ACLs
- 17. Sample of createN-Tier - VPN & Web server gcutil --project="my-project" addinstance "my-gateway" --tags="admin" --zone="us-central1-b" --machine_type="g1-small" --network="my-network" --external_ip_address="ephemeral" --can_ip_forward="true" --image="https://www.googleapis.com/compute/v1/projects/.../global/images/..." --persistent_boot_disk="true" gcutil --project="my-project" addinstance "my-web-01" --tags="frontend" --zone="us-central1-b" --machine_type="n1-standard-1" --network="my-network" --external_ip_address="ephemeral" --can_ip_forward="true" --image="https://www.googleapis.com/compute/v1/projects/.../global/images/..." --persistent_boot_disk="true"
- 18. Instance option -Start Script $ cat -> install-couchdb.sh << EOF sudo apt-get update -y sudo apt-get install gcc openssl couchdb -y EOF $ gcutil --service_version="v1" --project="my-project" addinstance "my-couchdb-01" --tags="db" --zone="us-central1-b" --machine_type="n1-highmem-2" --network="my-network" --external_ip_address="ephemeral" --can_ip_forward="true" --image="https://www.googleapis.com/compute/v1/projects/centos-cloud/global/images/centos-6-v20131120" --persistent_boot_disk="true" --metadata_from_file=startup-script:install-couchdb.sh
- 19. Share your project ●Is Owner: resource management, project permission ● Can Edit: resource management ● Can View: resource view
- 20. ● Add persistentdisk ● Create image ● Bring your own kernel (brief) Advance operations
- 21. Add a PersistentDisk... ➔ gcutil adddisk --zone=us-central1-a testdisk ➔ gcutil ssh [instance name] ➔ sudo mkdir /mnt/pd0 ➔ sudo /usr/share/google/safe_format_and_mount -m "mkfs.ext4 -F" /dev/disk/by-id/[disk-id] /mnt/pd0
- 22. Create a Image... ➔sudo gcimagebundle -d /dev/sda -o /tmp/ --log_file=/tmp/abc.log ➔ gsutil cp /tmp/308...439.image.tar.gz gs://arecord-customise-images ➔ gcutil addimage test-image gs://arecord-customise-images/308...439.image.tar.gz
- 23. Porting recommendation ● InstallLAMP sudo yum -y install httpd php php-mysql mysql mysql-server sudo yum install php-mysql php-gd libjpeg* php-imap php-ldap php-odbc php-pear php-xml php- xmlrpc php-mbstring php-mcrypt php-bcmath php-mhash libmcrypt ● FW configure (GCE default enabled the iptables) sudo vi /etc/sysconfig/iptables ⇒ Add your port… like 80, 443... ● SELinux setting (GCE default enable the SELinux) sudo vi /etc/sysconfig/selinux ⇒ SELINUX=disabled ● Setup boot level services sudo chkconfig --level 23456 mysqld on sudo chkconfig --level 23456 httpd on
- 24. Porting recommendation ● Mountpersistence disk when boot $ sudo vi /etc/fstab UUID=a8cf...aaf98 / ext4 defaults,barrier=0 1 1 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/sdb /mnt/pd0 ext4 defaults 1 1
- 25. Bring Your OwnImage ● Any common Linux distro ● Must support some specific kernel settings (e.g., specific PCI and ISA bridge, vCPU settings, SCSI settings) ● Must have Python 2.6 or higher & sshd ● Must contain some Google packages (startup script support, google-daemon, gcimagebundle) ● Should have other settings configured (e.g. DHCP, SSH, firewall)