使用gcloud 连线到Google Cloud Platform 上的VM

虽然把WordPress网站架在Google Cloud Platform (GCP)上了,但其实对GCP 这个平台还是相当的陌生…有时候需要进去WordPress 机器里执行一些指令操作,都只能从Google Cloud 网页上,选择SSH 的功能:

使用gcloud 连线到Google Cloud Platform 上的VM
使用gcloud 连线到Google Cloud Platform 上的VM

 

这会开启一个浏览器的视窗,里面就是SSH 连到VM 后的画面,操作起来和一般的SSH 没什么不同,不过毕竟不是自己执行的SSH,所以也不晓得要怎么利用它传档案到VM 上去:

使用gcloud 连线到Google Cloud Platform 上的VM
使用gcloud 连线到Google Cloud Platform 上的VM

 

今天稍微瞄了一下文件,把Google Cloud SDK 装起来了,之后就可以直接用gcloud 指令SSH 到VM 上,快速许多~

 

1. 安装Google Cloud SDK

参考文件  Google Cloud Platform > Cloud SDK > Quickstart for Mac OS X

因为我是Mac 的机器,因此抓下面的档案:

https://cloud.google.com/sdk/docs/quickstart-mac-os-x

Windows:

https://cloud.google.com/sdk/docs/quickstart-windows

Linux:

https://cloud.google.com/sdk/docs/quickstart-linux

 

抓下来之后,解开放到一个固定的位置。

最好不要直接放在~/Downloads 目录,因为gcloud 会在解开的目录里,把gcloud 留在像~/Downloads 这种暂存用的目录感觉怪怪的,可能不小心在清除~/Downloads 目录时,就不小心把gcloud 砍掉了~

像我是将解开后的google-cloud-sdk 目录,放到Dropbox 目录里,这样我在公司与家里的电脑上,都能藉由Dropbox 同步,而使用到相同的 gcloud:

tar xvf google-cloud-sdk-156.0.0-darwin-x86_64.tar.gz
mv google-cloud-sdk ~/Dropbox/Software/

接着执行google-cloud-sdk/install.sh 开始安装~

一开始会问是不是要帮忙改善Google Cloud SDK,按下y:

testuser@localhost ~ $ ~/Dropbox/Software/google-cloud-sdk/install.sh

Welcome to the Google Cloud SDK!

To help improve the quality of this product, we collect anonymized usage data
and anonymized stacktraces when crashes are encountered; additional information
is available at <https://cloud.google.com/sdk/usage-statistics>. You may choose
to opt out of this collection now (by choosing 'N' at the below prompt), or at
any time in the future by running the following command:

    gcloud config set disable_usage_reporting true

Do you want to help improve the Google Cloud SDK (Y/n)?  y

接着说会修改~/.bash_profile 档案,把gcloud 的路径加进去:

Your current Cloud SDK version is: 156.0.0
The latest available version is: 156.0.0

┌─────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│                                                  Components                                                 │
├───────────────┬──────────────────────────────────────────────────────┬──────────────────────────┬───────────┤
│     Status    │                         Name                         │            ID            │    Size   │
├───────────────┼──────────────────────────────────────────────────────┼──────────────────────────┼───────────┤
│ Not Installed │ App Engine Go Extensions                             │ app-engine-go            │  96.7 MiB │
│ Not Installed │ Cloud Bigtable Command Line Tool                     │ cbt                      │   4.0 MiB │
│ Not Installed │ Cloud Bigtable Emulator                              │ bigtable                 │   3.3 MiB │
│ Not Installed │ Cloud Datalab Command Line Tool                      │ datalab                  │   < 1 MiB │
│ Not Installed │ Cloud Datastore Emulator                             │ cloud-datastore-emulator │  15.4 MiB │
│ Not Installed │ Cloud Datastore Emulator (Legacy)                    │ gcd-emulator             │  38.1 MiB │
│ Not Installed │ Cloud Pub/Sub Emulator                               │ pubsub-emulator          │  21.0 MiB │
│ Not Installed │ Emulator Reverse Proxy                               │ emulator-reverse-proxy   │  14.5 MiB │
│ Not Installed │ Google Container Registry's Docker credential helper │ docker-credential-gcr    │   2.3 MiB │
│ Not Installed │ gcloud Alpha Commands                                │ alpha                    │   < 1 MiB │
│ Not Installed │ gcloud Beta Commands                                 │ beta                     │   < 1 MiB │
│ Not Installed │ gcloud app Java Extensions                           │ app-engine-java          │ 132.2 MiB │
│ Not Installed │ gcloud app PHP Extensions (Mac OS X)                 │ app-engine-php-darwin    │  21.9 MiB │
│ Not Installed │ gcloud app Python Extensions                         │ app-engine-python        │   6.2 MiB │
│ Not Installed │ kubectl                                              │ kubectl                  │  14.8 MiB │
│ Installed     │ BigQuery Command Line Tool                           │ bq                       │   < 1 MiB │
│ Installed     │ Cloud SDK Core Libraries                             │ core                     │   6.1 MiB │
│ Installed     │ Cloud Storage Command Line Tool                      │ gsutil                   │   2.9 MiB │
│ Installed     │ Default set of gcloud commands                       │ gcloud                   │           │
└───────────────┴──────────────────────────────────────────────────────┴──────────────────────────┴───────────┘
To install or remove components at your current SDK version [156.0.0], run:
  $ gcloud components install COMPONENT_ID
  $ gcloud components remove COMPONENT_ID

To update your SDK installation to the latest version [156.0.0], run:
  $ gcloud components update


Modify profile to update your $PATH and enable shell command
completion?

Do you want to continue (Y/n)?  y

这样子就安装好Google Cloud SDK 了,而gcloud 指令也已经可以使用了,就在google-cloud-sdk/bin 目录下,不过要记得开一个新的Terminal 视窗,才会用到新的gcloud 路径:

The Google Cloud SDK installer will now prompt you to update an rc
file to bring the Google Cloud CLIs into your environment.

Enter a path to an rc file to update, or leave blank to use
[/Users/testuser/.bash_profile]:
Backing up [/Users/testuser/.bash_profile] to [/Users/testuser/.bash_profile.backup].
[/Users/testuser/.bash_profile] has been updated.

==> Start a new shell for the changes to take effect.


For more information on how to get started, please visit:
  https://cloud.google.com/sdk/docs/quickstarts

 

2. 初始化设定Google Cloud SDK

装好Google Cloud SDK 后,还要让SDK 绑定一个Google 帐号,gcloud 才知道它的动作要应用在哪个Google 帐户上。

执行gcloud init 开始设定:

testuser@localhost ~ $ gcloud init
Welcome! This command will take you through the configuration of gcloud.

Your current configuration has been set to: [default]

You can skip diagnostics next time by using the following flag:
  gcloud init --skip-diagnostics

Network diagnostic detects and fixes local network connection issues.
Checking network connection...done.
Reachability Check passed.
Network diagnostic (1/1 checks) passed.

You must log in to continue. Would you like to log in (Y/n)?  y

按下y 后,浏览器会开启Google 登入的画面,选择要使用的Google 帐户:

使用gcloud 连线到Google Cloud Platform 上的VM
使用gcloud 连线到Google Cloud Platform 上的VM

 

允许Google Cloud SDK 来存取我们在Google Cloud Platform 上的资源:

使用gcloud 连线到Google Cloud Platform 上的VM
使用gcloud 连线到Google Cloud Platform 上的VM

 

这样子Google Cloud SDK 就已经和我们的Google 帐号绑定了~

接着选择预设使用的专案:

You are logged in as: [testuser@gmail.com].

Pick cloud project to use:
 [1] ephrain-blog
 [2] Create a new project
Please enter numeric choice or text value (must exactly match list
item):  1

专案选好之后,还可以修改一下Google Compute Engine 的设定,按下y 来设定:

Your current project has been set to: [ephrain-blog].

Do you want to configure Google Compute Engine
(https://cloud.google.com/compute) settings (Y/n)?  y

主要可以设定的也就是这个VM 的实体所在地,之前有提过asia-east1-a 是中华电信的机房,而且有较多的CPU 核心,因此我还是设定在这个区域上:

Which Google Compute Engine zone would you like to use as project
default?
If you do not specify a zone via a command line flag while working
with Compute Engine resources, the default is assumed.
 [1] asia-east1-b
 [2] asia-east1-a
 [3] asia-east1-c
 [4] asia-northeast1-a
 [5] asia-northeast1-c
 [6] asia-northeast1-b
 [7] asia-southeast1-b
 [8] asia-southeast1-a
 [9] europe-west1-c
 [10] europe-west1-d
 [11] europe-west1-b
 [12] us-central1-f
 [13] us-central1-a
 [14] us-central1-b
 [15] us-central1-c
 [16] us-east1-d
 [17] us-east1-b
 [18] us-east1-c
 [19] us-east4-b
 [20] us-east4-c
 [21] us-east4-a
 [22] us-west1-a
 [23] us-west1-b
 [24] Do not set default zone
Please enter numeric choice or text value (must exactly match list
item):  2

这样子就初始化完成了:

Your project default Compute Engine zone has been set to [asia-east1-a].
You can change it by running [gcloud config set compute/zone NAME].

Your project default Compute Engine region has been set to [asia-east1].
You can change it by running [gcloud config set compute/region NAME].

Your Google Cloud SDK is configured and ready to use!

* Commands that require authentication will use testuser@gmail.com by default
* Commands will reference project `ephrain-blog` by default
* Compute Engine commands will use region `asia-east1` by default
* Compute Engine commands will use zone `asia-east1-a` by default

Run `gcloud help config` to learn how to change individual settings

This gcloud configuration is called [default]. You can create additional configurations if you work with multiple accounts and/or projects.
Run `gcloud topic configurations` to learn more.

Some things to try next:

* Run `gcloud --help` to see the Cloud Platform services you can interact with. And run `gcloud help COMMAND` to get help on any gcloud command.
* Run `gcloud topic -h` to learn about advanced features of the SDK like arg files and output formatting

 

3. 使用gcloud 开SSH 连线至VM 里面

可以参考这篇文件:

Google Cloud Platform > Compute Engine > Connecting to Linux Instances

首先,用gcloud compute instances list,将我们拥有的VM 都列出来~

目前我是只有wordpress-ephrain-vm 这个VM:

testuser@localhost ~ $ gcloud compute instances list

NAME                  ZONE          MACHINE_TYPE  PREEMPTIBLE  INTERNAL_IP  EXTERNAL_IP     STATUS
wordpress-ephrain-vm  asia-east1-a  f1-micro                   10.140.0.2   35.185.170.101  RUNNING

得知VM 的名称后,就可以用gcloud compute ssh 指令,来SSH 连线到指定的VM 了~

因为我这是第一次使用gcloud 连线,因此gcloud 会帮忙建出SSH 的public/private key:

testuser@localhost ~ $ gcloud compute ssh wordpress-ephrain-vm

WARNING: The public SSH key file for gcloud does not exist.
WARNING: The private SSH key file for gcloud does not exist.
WARNING: You do not have an SSH key for gcloud.
WARNING: SSH keygen will be executed to generate a key.
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/testuser/.ssh/google_compute_engine.
Your public key has been saved in /Users/testuser/.ssh/google_compute_engine.pub.
Updating project ssh metadata.../Updated [https://www.googleapis.com/compute/v1/projects/ephrain-blog].
Updating project ssh metadata...done.
Waiting for SSH key to propagate.

gcloud 会在~/.ssh 目录下,产生出名叫google_compute_engine 的公私钥,接着就直接SSH 连线到VM 中了:

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
       ___ _ _                   _
      | _ |_) |_ _ _  __ _ _ __ (_)
      | _  |  _| ' / _` | '  | |
      |___/_|__|_|_|__,_|_|_|_|_|

  *** Welcome to the Bitnami WordPress 4.7.3-0 ***
  *** Documentation:  https://docs.bitnami.com/google/apps/wordpress/ ***
  ***                 https://docs.bitnami.com/google/ ***
  *** Bitnami Forums: https://community.bitnami.com/ ***
testuser@wordpress-ephrain-vm:~$

有了gcloud 之后,就不用再打开浏览器,才能做SSH 连线啦~

 

本文:使用gcloud 连线到Google Cloud Platform 上的VM