Cloud Computing - 初识6 Google Compute Engine

• Introduction to GCE
• Exploring GCE
• Integrating User Authentication (OAuth 2.0)
• Developing with JS and GCE
• Working with Python and GCE
• Managing Resources with GCE

Google Cloud Compute Engine is designed to run large scale computing workloads efficiently,quickly and consitently.

Introduction to GCE

1. IaaS
2. Primary components:
   • VM
     • handle computing tasks as need
     • uses other resources:Disk, Network and Image
     • all resources are on a given plane: global, regional or zone
     • OAuth 2.0
       • Compute Engine console
       • REST
       • CMD line interface
   • Network
     • gloval infra
     • static and ephemeral IP
     • each vm isolated from the other
     • firewalls
   • Persisitent Disks
     • handle data storage for connects
     • HDD, SDD
     • all dta written to disk automatically encrypted
     • automatic replication and backup
3. Google Coud UI -> Create project -> APIs -> Compute Engine

Exploring GCE

1. Setup the Google Cloud SDK
2. Create a Compute Engine instance
   • Compute -> VM instance (image, disk, firewell, ip)
3. Accessing your project remotely
   • gcloud auth login
   • gcloud config set project {projectID}
   • gcloud config list
   • set SSH key
     • Compute -> VM instance -> view gcloud cmd/ user another SSH client / open in browser window
4. Setup a cloud-based web server
   • open in browser window (login into the vm)
   • apt-get update (image update)
   • apt-get install apache2
   • UI, external IP, click it

Integrating User Authentication (OAuth 2.0)

1. AuthvRequest from GCE
   • workflow:
     • get credentials (project ID) from console
     • get token from Google Authorizaton Server
     • send token to API via HTTP header
     • refresh token as need
2. Authentication Request to GCE
   • Client ID and Client secret, sope
3. Steps:
   • UI -> APIs & auth -> Credentials -> OAuth -> Web application -> Consent screen -> input vm IP: http://xxx.xxx.xx.xxx -> Generate client ID
   • public API access -> Generate key -> input http://xxx.xxx.xx.xxx -> get SSH key
   • gcloud auth login
   • gcloud compute instances describe {project name} – format json
   • get devstorage.read_only in response
   • UI -> APIs & auth -> Credentials -> OAuth -> Service account -> get sshkey file download

Developing with JS and GCE

1. Steps:
   • login vm by click “open in browser window”
   • sudo chmod 777 /var/www
   • go to cmd line
   • put html file with JS code
   • gcloud compute copy-files xxx.htm {projectName:/var/www} –zone {zoneName}
   • visit http://xxx.xxx.xx.xx/xxx.htm
2. 通过JS code, 可以实现：
   • authenticate your app
   • display available instances and disks
   • create new instances
   • remove instances
   • insert new disk
   • set up an ephemeral IP

Working with Python and GCE

1. python 2.7 required
2. authorize requests:
   • - UI -> APIs & auth -> Credentials -> installed app -> get the “client ID for native application” -> download
   • run you python scripts with auth file
     • pyhon xxx.py
3. 通过python code， 可以实现：
   • display available instances and disk
   • insert new disk
   • create new vm instance
   • …

Managing Resources with GCE

1. Build your project team
   • add user from UI->Compute engine ->permission
   • add git lab as an instane to control code
2. Set up an instnace group
   • add user from UI->Compute ->Compute engine ->instance group
   • based on template
   • based on existed intance
3. Working with Compute Engine metadata
   • metadata instance level
     • gcloud config set compute/zone {zone-name}
     • gcloud compute instance add-metadata {instance-name} –metadata role=workder unique-ID=xxx
     • gcloud cmopute instance describe {instance-name}
     • gcloud compute instance remove-metadata {instance-name} –key role
   • metadata project level
     • gcloud compute project-info add-metadata –metadata startup-id=xxx
     • gcloud compute project-info describe
     • gcloud compute project-info add-metadata –metadata-from-file startup-script=xxx.sh
     • gcloud compute project-ifo remove-metadata –keys startup-script
4. Creating disk snapshots
   • snapshots are considered global resouces
   • steps:
     • UI -> compute -> compute engine -> snapshots
       • select the disk you want to snapshot
     • UI -> compute -> compute engine -> vm
       • create new vm instance
       • go to Disks and click the new disk, source snapshots
5. LBR
   • Network LBR
     • focus on vm instane within a signle geographic region
     • UI -> compute -> compute engine -> network lbr
       • decide the region
       • forwarding rules: directs traffic to specified target pools
       • target rules: a collection of instances, know as an instance group
       • health checks
   • HTTP LBR
     • works with VMs across regions
     • UI -> compute -> compute engine -> HTTP lbr
       • offer global access to you vm
         • content aware: shift to specific servers for specific types of contents (images, data bases, streaming media)
         • limitations: restircted to ports 80 and 8080
       • incoming trafffic
         • global forwarding rules:
       • backend services
         • content-aware feature, URL-map
         • rule for images
         • rule for dynamic content
         • rule for media server
         • …