Skip to content

Instantly share code, notes, and snippets.

@dims

dims/gcp-quick-start.md

Last active June 10, 2022 13:52
Show Gist options
  • Save dims/19fff66f27445c5c1f0e0195e203afef to your computer and use it in GitHub Desktop.
Save dims/19fff66f27445c5c1f0e0195e203afef to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gcp-quick-start.md

Authentication

  1. Run gcloud auth list to check if you have authenticated to gcloud already and what email was used.
  2. Run gcloud auth login to login with the right email id. cross check with step 1 when done.
  3. Run gcloud auth application-default login to set up default application credentials.
  4. Step 3 will create a json file with credentials, you should run export GOOGLE_APPLICATION_CREDENTIALS=$HOME/.config/gcloud/application_default_credentials.json after cross checking if the file exists and is in the correct path which is typically $HOME/.config/gcloud/application_default_credentials.json

Initialize project etc

  1. gcloud config set project k8s-infra-sandbox-capg to set the correct project for operations

Creating a scratch VM for trying things out

  1. gcloud compute instances create my-first-instance --image-family ubuntu-2004-lts --image-project ubuntu-os-cloud --zone us-central1-a

(if you need a bigger box (MORE COSTLY!) you can add --machine-type n1-standard-4 described here https://cloud.google.com/compute/docs/general-purpose-machines )

SSH into the box

  1. gcloud compute ssh my-first-instance --zone us-central1-a

Cleanup

  1. gcloud compute instances delete my-first-instance --zone us-central1-a
  2. gcloud compute instances list to confirm if the vm went away.

Running image builder on the VM (WORK IN PROGRESS!! Don't use yet)

  1. sudo apt update && sudo apt install build-essential unzip to install a bunch of pre-requisites
  2. git clone https://github.com/kubernetes-sigs/image-builder to fetch the image builder repository
  3. Run through all the steps in the Authentication section above, make sure GOOGLE_APPLICATION_CREDENTIALS is set correctly.
  4. export PATH=$PATH:$HOME/.local/bin:$HOME/image-builder/images/capi/.local/bin
  5. export GCP_PROJECT_ID=k8s-infra-sandbox-capg
  6. cd $HOME/image-builder/images/capi
  7. make deps-gce
  8. make build-gce-all

Simplified steps borrowed from https://github.com/kubernetes-sigs/image-builder/blob/master/images/capi/scripts/ci-gce-nightly.sh

@cpanato
Copy link

cpanato commented Oct 26, 2021

@dims
need to run gcloud auth application-default login instead of gcloud auth login and after that export the GOOGLE_APPLICATION_CREDENTIALS`

gcloud auth application-default login

You are running on a Google Compute Engine virtual machine.
The service credentials associated with this virtual machine
will automatically be used by Application Default
Credentials, so it is not necessary to use this command.

If you decide to proceed anyway, your user credentials may be visible
to others with access to this virtual machine. Are you sure you want
to authenticate with your personal account?

Do you want to continue (Y/n)?  y

Go to the following link in your browser:

    https://accounts.google.com/o/oauth2/auth?response_type=........

Enter verification code: xxxoxoxoxoxoxoox

Credentials saved to file: [/home/cpanato/.config/gcloud/application_default_credentials.json]

These credentials will be used by any library that requests Application Default Credentials (ADC).

Quota project "k8s-infra-sandbox-capg" was added to ADC which can be used by Google client libraries for billing and quota. Note that some services may still bill the project owning the resource.
cpanato@cpanato:~/image-builder/images/capi$ export GOOGLE_APPLICATION_CREDENTIALS=/home/cpanato/.config/gcloud/application_default_credentials.json

@dims
Copy link
Author

dims commented Oct 26, 2021

thanks @cpanato updated the gist!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment