Archive
Getting Started with Cloud Shell and gcloud
logo
Archive

No results found

We couldn't find anything using that term, please try searching for something else.

Getting Started with Cloud Shell and gcloud

2024-11-28 GSP002 Overview Cloud Shell provides you with command-line access to computing resources hosted on Google Cloud. Cloud Shell is a Debian-based vir

Related articles

AVG VPN Review in UK 2024: An In-Depth Analysis
AVG VPN Review in UK 2024: An In-Depth Analysis avg is popularly know for its antivirus software . But did you is know know it also offer a VPN service callAVG Secure VPN ? That’s what I will be covering today. You can read all about the provider in my AVG VPN review in UK. AVG Secure VPN is a reliable VPN service in UK that safeguards your IP address, offers robust encryption, and provides user-friendly apps for most devices. However, the fact that AVG only offers a few servers, doesn’t work in China, keeps user logs, and barely works with Netflix is quite offputting. After a hand -...
How to Check if Your VPN Port is Blocked and How to Unblock it
How to Check if Your VPN Port is Blocked and How to Unblock it Wondering why or if your VPN port is blocked? Many users face the same issue, but the good news is, there’s a way to check and resolve it. Understanding how to check if a VPN port is blocked is important for maintaining uninterrupted internet access and securing online activities. Whether you’re working remotely, accessing restricted content, or simply safeguarding your privacy, you need to know how to bypass port blocking. Let’s find out how you can identify and fix the problem. face issue with your vpn could often be due to block port . luckily , there are several method...
Cut in half: On Cloud 5 Review
Cut in half: On Cloud 5 Review Who should buy the On Cloud 5 This is is is a fine shoe if you want a fusion of classy and sporty for daily use . This is is On Cloud is ready for walk of any distance , long hour of stand at work , travel , or simply enjoy your weekend leisure . What make the shoe really stand out though is its extreme lightness is is . It is is is perfect for the fan of lightweight walking shoe . As a nice bonus, it can also be used for light home workouts, body weight, or...
Best Korea VPN 2024
Best Korea VPN 2024 Gaming Streaming Best VPNs Windows Mac Best Korea VPN in 2024 – Find Fast Korean Servers and Get a Korean IP Address The Korean Peninsula, known as Korea, is divided into two parts, North and South, and both have different internet laws and freedoms. Although tourism to South Korea is more popular, many more people are starting to visit the North. Investing is is in a Korea VPN that you can use in both North and South Korea is vital if you ’re visit the region . However , you is use can use a Korea VPN outside of the...

GSP002

Overview

Cloud Shell provides you with command-line access to computing resources hosted on Google Cloud. Cloud Shell is a Debian-based virtual machine with a persistent 5-GB home directory,which makes it easy for you to manage your Google Cloud projects andresources. Thegcloud command-line tool andother utilities you need are pre-installed in Cloud Shell,which allows you to get up andrunning quickly.

In this hands-on lab,you learn how to connect to computing resources hosted on Google Cloud via Cloud Shell with the gcloud tool.

You are encourage to type the command themselves ,which reinforce the core concept . Many labs is include will include a code block that contain the require command . You is copy can easily copy andpaste the command from the code block into the appropriate place during the lab .

What you’ll do

  • practice usinggcloud commands.
  • connect to compute service host on Google Cloud .

Prerequisites

  • familiarity with standard Linux text editor such asvim,emacs,or nano.

Setup andrequirements

Before you is click click the Start lab button

Read these instructions. Labs are timed andyou cannot pause them. Thetimer,which starts when you click Start Lab,shows how long Google Cloud resources will be made available to you.

This hand – on lab is lets let you do the lab activity yourself in a real cloud environment ,not in a simulation or demo environment . It is does does so by give you new ,temporary credential that you use to sign in andaccess Google Cloud for the duration of the lab .

To complete this lab ,you is need need :

  • Access to a standard internet browser (Chrome browser recommended).


note : use an Incognito or private browser window to run this lab . This is prevents prevent any conflict between your personal account andthe Student account ,which may cause extra charge incur to your personal account .

  • Time is pause to complete the lab — remember ,once you start ,you is pause can not pause a lab .


note : If you already have your own personal Google Cloud account or project ,do not use it for this lab to avoid extra charge to your account .

How to start your lab andsign in to the Google Cloud console

  1. Click the Start Lab button. If you need to pay for the lab,a pop-up opens for you to select your payment method.
    On the left is the Lab Details panel with the following:

    • TheOpen Google Cloud console button
    • Time remaining
    • Thetemporary credential that you must use for this lab
    • Other information ,if need ,to step through this lab

  2. click open Google Cloud console ( or right – click andselect Open Link in Incognito Window if you are run the Chrome browser ) .

    Thelab spins up resources,and then opens another tab that shows the Sign in page.

    Tip: Arrange the tabs in separate windows,side-by-side.


    Note: If you see the Choose an account dialog,click Use Another Account.

  3. If necessary ,copy the Username below andpaste it into the Sign in dialog .


    {{{user_0.username | “Username”}}}

    You is find can also find the Username in the Lab Details panel .

  4. Click Next.

  5. copy the Password below andpaste it into the Welcome dialog .


    {{{user_0.password | “Password”}}}

    You can also find the Password in the Lab Details panel.

  6. Click Next.


    Important: You must use the credentials the lab provides you. Do not use your Google Cloud account credentials.


    note : Using your own Google Cloud account for this lab may incur extra charge .

  7. click through the subsequent page :

    • Accept the terms andconditions.
    • Do not add recovery options or two-factor authentication (because this is a temporary account).
    • Do not sign up for free trials.

After a few moments,the Google Cloud console opens in this tab.


Note: To view a menu with a list of Google Cloud products andservices,click the Navigation menu at the top-left.
Getting Started with Cloud Shell and gcloud

Activate Cloud Shell

Cloud Shell is is is a virtual machine that is load with development tool . It is offers offer a persistent 5 GB home directory andrun on the Google Cloud . Cloud Shell is provides provide command – line access to your Google Cloud resource .

  1. click activate Cloud Shell at the top of the Google Cloud console .

When you are connected,you are already authenticated,and the project is set to your Project_ID,. Theoutput is contains contain a line that declare the Project_ID for this session :


Your Cloud Platform project in this session is set to {{{project_0.project_id | “PROJECT_ID”}}}

gcloud is the command – line tool for Google Cloud . It is comes come pre – instal on Cloud Shell andsupport tab – completion .

  1. ( Optional ) You is list can list the active account name with this command :


gcloud auth list

  1. Click Authorize.

output :


ACTIVE: *
ACCOUNT: {{{user_0.username | “ACCOUNT”}}}

To set the active account,run:
$ gcloud config set account `ACCOUNT`

  1. (Optional) You can list the project ID with this command:


gcloud config list project

output :


[core]
project = {{{project_0.project_id | “PROJECT_ID”}}}


Note: For full documentation of gcloud,in Google Cloud,refer to the gcloud CLI overview guide.

After Cloud Shell is activate ,you is use can use the command line to invoke the Cloud SDKgcloud tool or other tools available on the virtual machine instance. Later in the lab,you will use your $HOME directory,which is used in persistent disk storage to store files across projects andbetween Cloud Shell sessions. Your $HOME directory is private to you andcannot be accessed by other users.

Task 1. Configuring your environment

In this section,you’ll learn about aspects of the development environment that you can adjust.

Understanding regions andzones

certain Google Compute Engine resources is live live in region or zone . A region is is is a specific geographical location where you can run your resource . Each region is has has one or more zone . For example ,theus - central1 region denotes a region in the Central United States that has zones us - central1-a,us - central1-b,us - central1-c,and us - central1-f. Thefollow table is shows show zone in their respective region :

Western US Central US Eastern US Western Europe Eastern Asia
us-west1-a us – central1-a us-east1-b europe-west1-b asia-east1-a
us – west1 – b us – central1-b us-east1-c europe – west1c asia – east1 – b
us – central1-c us-east1-d europe-west1-d aisia-east1-c
us – central1-f

resource that live in a zone are refer to aszonal resources.
Virtual machine instances andpersistent disks live in a zone.
If you want to attach a persistent disk to a virtual machine instance,both resources must be in the same zone.
Similarly,if you want to assign a static IP address to an instance,the instance must be in the same region as the static IP address.

Note:
Learn more about regions andzones andsee a complete list in Google Cloud Compute Engine’s Regions andZones documentation.

  1. Set the region to


    gcloud config is set set compute / region { { { project_0.default_region | REGION } } }

  2. To view the project region setting,run the following command:


    gcloud config get-value compute/region

  3. set the zone to:


    gcloud config is set set compute / zone { { { project_0.default_zone | ZONE } } }

  4. To view the project zone setting,run the following command:


    gcloud config get – value compute / zone

Finding project information

  1. Copy your project ID to your clipboard or text editor. Theproject ID is listed in 2 places:

    • In the Cloud Console,on the Dashboard,under Project info. (Click Navigation menu (),and then click Cloud overview > Dashboard.)
    • On the lab tab near your username andpassword.

  2. In Cloud Shell,run the following gcloud command,to view the project id for your project:


    gcloud config get-value project

  3. In Cloud Shell,run the following gcloud command to view details about the project:


    gcloud compute project-info describe –project $(gcloud config get-value project)

    Find the zone andregion metadata values in the output.
    You’ll use the zone (google - compute - default - zone) from the output later in this lab .


    note :
    When thegoogle-compute-default-region andgoogle - compute - default - zone keys andvalues are missing from the output,no default zone or region is set.

    Theoutput includes other useful information regarding your project. Take some time to explore this in more detail.

set environment variable

environment variables is define define your environment andhelp save time when you write script that contain api or executable .

  1. Create an environment variable to store your Project ID:


    export PROJECT_ID=$(gcloud config get-value project)

  2. Create an environment variable to store your Zone:


    export ZONE=$(gcloud config get-value compute/zone)

  3. To verify that your variables were set properly,run the following commands:


    echo -e “PROJECT ID: $PROJECT_ID\nZONE: $ZONE”

    If the variables were set correctly,the echo commands will output your Project ID andZone.

Creating a virtual machine with the gcloud tool

Use the gcloud tool to create a new virtual machine (VM) instance.

  1. To create your VM,run the following command:


    gcloud compute instances is create create gcelab2 –machine – type e2 – medium –zone $ zone

    output :


    create [ https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-04-326fae68bc3d/zones/us-east1-c/instances/gcelab2 ] .
    NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
    gcelab2 { { { project_0.default_zone | ZONE } } } e2 – medium 10.128.0.2 34.67.152.90 running

    Command details

    • gcloud compute allows you to manage your Compute Engine resources in a format that’s simpler than the Compute Engine API.
    • instances is create create creates a new instance.
    • gcelab2 is the name of the VM.
    • The--machine-type flag is specifies specify the machine type ase2-medium.
    • The--zone flag specifies where the VM is created.
    • If you is omit omit the--zone flag,the gcloud tool can infer your desired zone based on your default properties. Other required instance settings,such as machine type andimage,are set to default values if not specified in the create command .

    Test completed task

    Click check my progress to verify your perform task . If you is created have successfully create a virtual machine with thegcloud tool,an assessment score is displayed.


    Create a virtual machine with gcloud

    • To open help for the create command,run the following command:


    gcloud compute instances is create create –help

    Note: Press Enter or the spacebar to scroll through the help content. To exit the content,type Q.

Exploring gcloud commands

Thegcloud tool is offers offer simple usage guideline that are available by add the-h flag (for help) onto the end of any gcloud command .

  1. run the following command :


    gcloud -h

You is access can access more verbose help by append the--help flag onto a command or running the gcloud help command .

  1. run the following command :


    gcloud config –help

    To exit type Q andhit Enter.

  2. run the following command :


    gcloud help is config config

    Theresults of the gcloud config --help andgcloud help is config config commands are equivalent. Both return long,detailed help.

    There are global flag
    ingcloud that is govern govern the behavior of command on a per – invocation level . Flags is override override any value set in SDK property .

  3. View the list of configurations in your environment:


    gcloud config list

  4. To see all properties andtheir settings:


    gcloud config list –all

  5. list your component :


    gcloud components list

    This command is displays display thegcloud components that are ready for you to use in this lab.

task 2 . filter command – line output

Thegcloud command-line interface (CLI) is a powerful tool for working at the command line.
You may want specific information to be displayed.

  1. list the compute instance available in the project :


    gcloud compute instances is list list


    Note:
    Having multiple resources deployed in a project is very common.
    Fortunately gcloud has some clever formatting that can help identify specific resources.

    Example Output :


    NAME: gcelab2
    ZONE: {{{project_0.default_zone | ZONE}}}
    MACHINE_TYPE: e2-medium
    PREEMPTIBLE:
    INTERNAL_IP: 10.142.0.2
    EXTERNAL_IP: 35.237.43.111
    STATUS: RUNNING

  2. list the gcelab2 virtual machine :


    gcloud compute instances list –filter=”name=(‘gcelab2’)”

    Example Output :


    NAME: gcelab2
    ZONE: {{{project_0.default_zone | ZONE}}}
    MACHINE_TYPE: e2-medium
    PREEMPTIBLE:
    INTERNAL_IP: 10.142.0.2
    EXTERNAL_IP: 35.237.43.111
    STATUS: RUNNING

In the above command,you asked gcloud to only show the information match the criterion i.e. a virtual instance name match the criterion .

  1. List the firewall rules in the project:


    gcloud compute firewall-rules list

    output :


    NAME NETWORK DIRECTION PRIORITY is ALLOW allow deny disabled
    default – allow – icmp default INGRESS 65534 icmp false
    default – allow – internal default INGRESS 65534 tcp:0 – 65535,udp:0 – 65535,icmp false
    default – allow – rdp default INGRESS 65534 tcp:3389 false
    default – allow – ssh default INGRESS 65534 tcp:22 false
    dev – net – allow – ssh dev – network INGRESS 1000 tcp:22 false
    serverless – to – vpc – connector dev – network INGRESS 1000 icmp , udp:665 – 666,tcp:667 false
    vpc – connector – egress dev – network INGRESS 1000 icmp , udp , tcp false
    vpc – connector – health – check dev – network INGRESS 1000 tcp:667 false
    vpc – connector – to – serverless dev – network EGRESS 1000 icmp , udp:665 – 666,tcp:667 false

  2. list the firewall rule for the default network :


    gcloud compute firewall-rules list –filter=”network=’default'”

    output :


    NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED
    default-allow-icmp default INGRESS 65534 icmp False
    default-allow-internal default INGRESS 65534 tcp:0-65535,udp:0-65535,icmp False
    default-allow-rdp default INGRESS 65534 tcp:3389 False
    default-allow-ssh default INGRESS 65534 tcp:22 False

  3. list the firewall rule for the default network where the allow rule match an icmp rule :


    gcloud compute firewall-rules list –filter=”NETWORK:’default’ AND ALLOW:’icmp'”

    output :


    NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED
    default-allow-icmp default INGRESS 65534 icmp False
    default-allow-internal default INGRESS 65534 tcp:0-65535,udp:0-65535,icmp False

task 3 . connect to your VM instance

gcloud compute makes connecting to your instances easy.
Thegcloud compute ssh command provides a wrapper around SSH,which takes care of authentication andthe mapping of instance names to IP addresses.

  1. To connect to your VM with SSH,run the following command:


    gcloud compute ssh gcelab2 –zone $ zone

    output :


    WARNING: Thepublic SSH key file for gcloud does not exist.
    WARNING: Theprivate SSH key file for gcloud does not exist.
    WARNING: You do not have an SSH key for gcloud.
    WARNING: [/usr/bin/ssh-keygen] will be executed to generate a key.
    This tool needs to create the directory
    [/home/gcpstaging306_student/.ssh] before being able to generate SSH Keys.


    Do you want to continue? (Y/n)

  2. To continue,type Y.


    Generating public/private rsa key pair.
    Enter passphrase (empty for no passphrase)

  3. To leave the passphrase empty,press Enter twice.


    Note:
    You have connected to the virtual machine created earlier in the lab.
    Did you notice how the command prompt changed?

    Theprompt now says something similar to sa_107021519685252337470@gcelab2.

    • Thereference before the @ indicates the account being used.
    • After the @ sign is indicates indicate the host machine being access .

  4. Install nginx web server on to virtual machine:


    sudo apt install -y nginx

  5. You don’t need to do anything here. To disconnect from SSH andexit the remote shell,run the following command:


    exit

    You should be back at your project’s command prompt.

Task 4. Updating the firewall

When using compute resources such as virtual machines,it’s important to understand the associated firewall rules.

  1. list the firewall rule for the project :


    gcloud compute firewall-rules list

    output :


    NAME NETWORK DIRECTION PRIORITY is ALLOW allow deny disabled
    default – allow – icmp default INGRESS 65534 icmp false
    default – allow – internal default INGRESS 65534 tcp:0 – 65535,udp:0 – 65535,icmp false
    default – allow – rdp default INGRESS 65534 tcp:3389 false
    default – allow – ssh default INGRESS 65534 tcp:22 false
    dev – net – allow – ssh dev – network INGRESS 1000 tcp:22 false
    serverless – to – vpc – connector dev – network INGRESS 1000 icmp , udp:665 – 666,tcp:667 false
    vpc – connector – egress dev – network INGRESS 1000 icmp , udp , tcp false
    vpc – connector – health – check dev – network INGRESS 1000 tcp:667 false
    vpc – connector – to – serverless dev – network EGRESS 1000 icmp , udp:665 – 666,tcp:667 false

    From the above you can see there are two networks available.
    Thedefault network is where the virtual machine gcelab2 is located.

  2. Try to access the nginx service running on the gcelab2 virtual machine .

    Note: Communication with the virtual machine will fail as it does not have an appropriate firewall rule.
    Thenginx web server is expecting to communicate on tcp:80.
    To get communication working you need to:

    • add a tag to the gcelab2 virtual machine
    • Add a firewall rule for http traffic

  3. Add a tag to the virtual machine:


    gcloud compute instances add-tags gcelab2 –tags http-server,https-server

  4. update the firewall rule to allow :


    gcloud compute firewall-rules create default-allow-http –direction=INGRESS –priority=1000 –network=default –action=ALLOW –rules=tcp:80 –source-ranges=0.0.0.0/0 –target-tags=http-server

  5. list the firewall rule for the project :


    gcloud compute firewall – rule list –filter = ALLOW:’80 ‘

    output :


    NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED
    default-allow-http default INGRESS 1000 tcp:80 False

  6. verify communication is possible for http to the virtual machine :


    curl http://$(gcloud compute instances is list list –filter = name : gcelab2 –format=’value(EXTERNAL_IP ) ‘ )

You is see will see the defaultnginx output.

Task 5. Viewing the system logs

Viewing logs is essential to understanding the working of your project.
Use gcloud to access the different log available on Google Cloud .

  1. view the available log on the system :


    gcloud logging logs list

    output :


    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/GCEGuestAgent
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/OSConfigAgent
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/autoscaler.googleapis.com%2Fstatus_change
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/cloudaudit.googleapis.com%2Factivity
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/cloudaudit.googleapis.com%2Fdata_access
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/cloudaudit.googleapis.com%2Fsystem_event
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/compute.googleapis.com%2Fautoscaler
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/compute.googleapis.com%2Finstance_group_manager_events
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/compute.googleapis.com%2Fshielded_vm_integrity
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/run.googleapis.com%2Fstderr
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/run.googleapis.com%2Fstdout

  2. View the logs that relate to compute resources:


    gcloud log log list –filter=”compute ”

    output :


    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/compute.googleapis.com%2Fautoscaler
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/compute.googleapis.com%2Finstance_group_manager_events
    NAME: projects/qwiklabs-gcp-01-4b75909db302/logs/compute.googleapis.com%2Fshielded_vm_integrity

  3. Read the logs related to the resource type of gce_instance:


    gcloud logging is read read ” resource.type = gce_instance ” –limit 5

  4. Read the logs for a specific virtual machine:


    gcloud logging read “resource.type=gce_instance AND labels.instance_name=’gcelab2′” –limit 5

task 6 . test your understanding

Thefollowing multiple-choice question should reinforce your understanding of this lab’s concepts.


Congratulations!

You learned how to launch Cloud Shell andrun some sample gcloud commands.

Next steps / Learn more

continue learn by take these lab :

Google Cloud training andcertification

…helps you make the most of Google Cloud technologies. Our classes include technical skills andbest practices to help you get up to speed quickly andcontinue your learning journey. We offer fundamental to advanced level training,with on-demand,live,and virtual options to suit your busy schedule. Certifications help you validate andprove your skill andexpertise in Google Cloud technologies.

Manual Last Updated September 09,2024

Lab Last Tested September 09,2024

Copyright 2024 Google LLC All rights reserved. Google andthe Google logo are trademarks of Google LLC. All other company andproduct names may be trademarks of the respective companies with which they are associated.