github.com/weaveworks/common@v0.0.0-20230728070032-dd9e68f319d5/tools/provisioning/gcp/README.md

github.com/weaveworks/common@v0.0.0-20230728070032-dd9e68f319d5/tools/provisioning/gcp/README.md (about)

     1  # Google Cloud Platform
     2  
     3  ## Introduction
     4  
     5  This project allows you to get hold of some machine on Google Cloud Platform.
     6  You can then use these machines as is or run various Ansible playbooks from `../config_management` to set up Weave Net, Kubernetes, etc.
     7  
     8  ## Setup
     9  
    10  * Log in [console.cloud.google.com](https://console.cloud.google.com) with your Google account.
    11  
    12  * Go to `API Manager` > `Credentials` > `Create credentials` > `Service account key`, 
    13    in `Service account`, select `Compute Engine default service account`,
    14    in `Key type`, select `JSON`, and then click `Create`.
    15  
    16  * This will download a JSON file to your machine. Place this file wherever you want and then create the following environment variables:
    17  
    18  ```
    19  $ export GOOGLE_CREDENTIALS_FILE="path/to/your.json"
    20  $ export GOOGLE_CREDENTIALS=$(cat "$GOOGLE_CREDENTIALS_FILE")
    21  ```
    22  
    23  * Go to `Compute Engine` > `Metadata` > `SSH keys` and add your username and SSH public key;
    24    or
    25    set it up using `gcloud compute project-info add-metadata --metadata-from-file sshKeys=~/.ssh/id_rsa.pub`.
    26    If you used your default SSH key (i.e. `~/.ssh/id_rsa.pub`), then you do not have anything to do.
    27    Otherwise, you will have to either define the below environment variable:
    28  
    29  ``` 
    30  $ export TF_VAR_gcp_public_key_path=<path to your SSH public key>
    31  $ export TF_VAR_gcp_private_key_path=<path to your SSH private key>
    32  ```
    33  
    34    or to pass these as Terraform variables:
    35  
    36  ```
    37  $ terraform <command> \
    38  -var 'gcp_public_key_path=<path to your SSH public key>' \
    39  -var 'gcp_private_key_path=<path to your SSH private key>'
    40  ```
    41  
    42  * Set the username in your public key as an environment variable.
    43    This will be used as the username of the Linux account created on the machine, which you will need to SSH into it later on.
    44  
    45    N.B.: 
    46    * GCP already has the username set from the SSH public key you uploaded in the previous step.
    47    * If your username is an email address, e.g. `name@domain.com`, then GCP uses `name` as the username.
    48  
    49  ```
    50  export TF_VAR_gcp_username=<your SSH public key username>
    51  ```
    52  
    53  * Set your current IP address as an environment variable:
    54  
    55  ```
    56  export TF_VAR_client_ip=$(curl -s -X GET http://checkip.amazonaws.com/)
    57  ```
    58  
    59    or pass it as a Terraform variable:
    60  
    61  ```
    62  $ terraform <command> -var 'client_ip=$(curl -s -X GET http://checkip.amazonaws.com/)'
    63  ```
    64  
    65  * Set your project as an environment variable:
    66  
    67  ```
    68  export TF_VAR_gcp_project=weave-net-tests
    69  ```
    70  
    71    or pass it as a Terraform variable:
    72  
    73  ```
    74  $ terraform <command> -var 'gcp_project=weave-net-tests'
    75  ```
    76  
    77  ### Bash aliases
    78  
    79  You can set the above variables temporarily in your current shell, permanently in your `~/.bashrc` file, or define aliases to activate/deactivate them at will with one single command by adding the below to your `~/.bashrc` file:
    80  
    81  ```
    82  function _gcp_on() {
    83    export GOOGLE_CREDENTIALS_FILE="<path/to/your/json/credentials/file.json"
    84    export GOOGLE_CREDENTIALS=$(cat "$GOOGLE_CREDENTIALS_FILE")
    85    export TF_VAR_gcp_private_key_path="$HOME/.ssh/id_rsa"     # Replace with appropriate value.
    86    export TF_VAR_gcp_public_key_path="$HOME/.ssh/id_rsa.pub"  # Replace with appropriate value.
    87    export TF_VAR_gcp_username=$(cat "$TF_VAR_gcp_public_key_path" | cut -d' ' -f3 | cut -d'@' -f1)
    88  }
    89  alias _gcp_on='_gcp_on'
    90  function _gcp_off() {
    91    unset GOOGLE_CREDENTIALS_FILE
    92    unset GOOGLE_CREDENTIALS
    93    unset TF_VAR_gcp_private_key_path
    94    unset TF_VAR_gcp_public_key_path
    95    unset TF_VAR_gcp_username
    96  }
    97  ```
    98  
    99  N.B.: 
   100  
   101  * sourcing `../setup.sh` defines aliases called `gcp_on` and `gcp_off`, similarly to the above (however, notice no `_` in front of the name, as opposed to the ones above);
   102  * `../setup.sh`'s `gcp_on` alias needs the `SECRET_KEY` environment variable to be set in order to decrypt sensitive information.
   103  
   104  ## Usage
   105  
   106  * Create the machine: `terraform apply`
   107  * Show the machine's status: `terraform show`
   108  * Stop and destroy the machine: `terraform destroy`
   109  * SSH into the newly-created machine:
   110  
   111  ```
   112  $ ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no `terraform output username`@`terraform output public_ips`
   113  ```
   114  
   115  or
   116  
   117  ```
   118  source ../setup.sh
   119  tf_ssh 1  # Or the nth machine, if multiple VMs are provisioned.
   120  ``` 
   121  
   122  ## Resources
   123  
   124  * [https://www.terraform.io/docs/providers/google/](https://www.terraform.io/docs/providers/google/)
   125  * [https://www.terraform.io/docs/providers/google/r/compute_instance.html](https://www.terraform.io/docs/providers/google/r/compute_instance.html)
   126  * [Terraform variables](https://www.terraform.io/intro/getting-started/variables.html)