Basics
------
Installing gcloud | curl https://sdk.cloud.google.com | bash exec -l $SHELL |
Compute Instances
-----------------
Auto scaling | - create image - create instance template - create instance group (tune auto scaling) |
Spinning Up compute instance via ansible | 1. Create credentials file * see "Generatin credentials file" under IAM/Security
2. Install pip packages pip install apache-libcloud PyCrypto
3. Create a simple playbook --- - hosts: localhost connection: local gather_facts: False tasks:
- name: Create VM instance gce: instance_names: my-test-instance1 zone: us-central1-a machine_type: n1-standard-1 image: debian-8 state: present service_account_email: "639770814480-compute@developer.gserviceaccount.com" credentials_file: "~/Downloads/creds-my-private-cloud-01.json" project_id: "my-private-cloud-01" disk_size: 10
4. Run playbook ansible-playbook create_gcp_instance.yml |
Moving an instance to a different zone within same region | NOTE:
Move can also be done while instance is online. |
SSH'ing using from local laptop to target using internal IP | gcloud compute ssh --zone asia-southeast1-a <compute instance name> --internal-ip |
IAM/Security
------------
Generating credentials file | - go to: APIs & Services > Credentials - choose: Create credentials > Service account key * JSON format |
GKE
---
Authenticating to cluster | gcloud auth activate-service-account --key-file=creds.json gcloud container clusters get-credentials my-sample-cluster --zone europe-west2-c |
Adding insecure registry | 1. Update DOCKER_OPTS under /etc/default/docker of each nodes to look like this: DOCKER_OPTS="-p /var/run/docker.pid [...] --insecure-registry docker.registry2:5000 --insecure-registry docker.registry2:5001"
2. Drain the node. kubectl drain node1
3. Restart docker. systemctl restart docker
4. Repeat steps 1 -3 on the remaining nodes. |
Scenarios in draining a node | Scenario 1: |
No comments:
Post a Comment