Comments

Latest Posts

GCP (Google Cloud Platform) Usage Tips and Tricks

This post is to collect some experienced learned during working around GCP. Most are relating to Linux commands and usage. 
  • Enable Root Account and Password Access
  • Measure Your Latency to GCP Regions
  • DD GCP / Azure Ubuntu Cloud VM
  • DD GCP Alpine
  • DD GCP Windows


Enable Root Account and Password Access

By default, Google Compute Engine offers the browser-based Google Cloud Platform Console tool that lets you manage your Google Compute Engine resources through a graphical interface. Use the GCP Console to manage your resources if you prefer using a user-interface through the browser.

In the GCP documentation setting up ssh keys  which shows how to set up your own ssh key to access all your virtual machines in GCP. here's the summary of steps:
  1. Generate your keys using ssh-keygen or PuTTYgen for Windows, if you haven't already.
  2. Copy the contents of your public key. If you just generated this key, it can probably be found in a file named id_rsa.pub.
  3. Log in to the Developers Console.
  4. In the navigation, Compute->Compute Engine->Metadata.
  5. Click the SSH Keys tab.
  6. Click the Edit button.
  7. In the empty input box at the bottom of the list, enter the corresponding public key, in the following format: 

    <protocol> <public-key> [email protected] 

    This makes your public key automatically available to all of your instances in that project. To add multiple keys, list each key on a new line.
  8. Click Done to save your changes. 

    It can take several minutes before the key is inserted into the instance. Try connecting with ssh to your instance. If it is successful, your key has been propagated to the instance.

Once you connect to your GCP VM using PuTTY or gcloud compute instances ssh or even clicking on the "SSH" button on the Developers Console next to the instance, you should be able to use the sudo command. Note that you shouldn't be using the su command to become root, just run:
sudo [command]
and it should not prompt you for a password.
If you want to get a root shell to run several commands as root and you want to avoid prefixing all commands with sudo, run:
sudo su -

Sometimes, you might need to have directly root ssh access with username/password authentication. Here is how we can do it:


1. As the root user, edit the sshd_config file found in /etc/ssh/sshd_config:
vim /etc/ssh/sshd_config

2. PermitRootLogin and PasswordAuthentication

Add the following line to the file, you can add it anywhere but it’s good practice to find the block about authentication and add it there.
PermitRootLogin yes
PasswordAuthentication yes
Save and exit the file.


3. Restart ssh server to make your configuration effective
Restart the SSH server:
systemctl restart sshdOr:
service sshd restart


4. Disable public key authentication:

vim /etc/ssh/sshd_config

PubkeyAuthentication no


YouTube Video:



Measure Your Latency to GCP Regions

gcping - http://www.gcping.com/



DD GCP / Azure Ubuntu Cloud VM

For GCP or Azure cloud environment, all steps are similar. Only different is that you will need to manual pass network parameters into the Windows VM during DD process.


# Change X.X.X.X to your Script's configuration # --ip-addr :IP Address # --ip-mask :Netmask # --ip-gate :Gateway wget --no-check-certificate -qO InstallNET.sh 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh' && bash InstallNET.sh --ip-addr X.X.X.X --ip-mask X.X.X.X --ip-gate X.X.X.X -dd 'DD Image'

Wait about 30 minutes then use RDP to connect. Make sure RDP port has been opened from your security group firewall rule.

username : administrator
password : www.nat.ee



    Command Example 1 for Windows 2008 64B R2: 
    wget --no-check-certificate -qO InstallNET.sh 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh' && bash InstallNET.sh --ip-addr X.X.X.X --ip-mask 255.255.255.0 --ip-gate 10.x.0.1 -dd 'https://api.moeclub.org/GoogleDrive/1DTps9WwC6RZ8szflais8YazpkCVdqdI7'
    Command Example 2 for Win7 64B SP1 with IIS:
    wget --no-check-certificate -qO InstallNET.sh 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh' && bash InstallNET.sh --ip-addr X.X.X.X --ip-mask 255.255.255.0 --ip-gate 10.x.0.1 -dd 'https://api.moeclub.org/GoogleDrive/1KA9PDH4T2ODbxS97T6MtTk5TwifQQoIp'
    You will need to replace x.x.x.x with your own Linux VM's ip. You will need to change the gateway as well.




    DD GCP  Alpine


    Two notes:
    1. IP Address network mask will need to be 255.255.255.0. Gateway is .1 for IP Address network
    2. Change Root password to the one you know. After Alpine installed, it will use same root password.



    1. wget --no-check-certificate https://donghaiair.com.cn/alpine.sh && chmod +x alpine.sh && sed -i "s|^mask|mask=255.255.255.0\n#mask|" alpine.sh && ./alpine.sh

    or 
    1. wget --no-check-certificate https://haoduck.com/DEMO/sh/alpine.sh && chmod +x alpine.sh && sed -i "s|^mask|mask=255.255.255.0\n#mask|" alpine.sh && ./alpine.sh


    DD GCP  Windows

    1  Install Required Packages

    Debian/Ubuntu

    1. apt-get install -y xz-utils openssl gawk file wget

    CentOS

    1. yum install -y xz openssl gawk file wget
    2  Download DD Script

    1. wget --no-check-certificate -qO InstallNET.sh 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh'
    2. chmod +x InstallNET.sh

    3  Using Script to Install


    1. bash InstallNET.sh --ip-addr 10.168.0.7 --ip-gate 10.168.0.1 --ip-mask 255.255.255.0 -dd 'https://moeclub.org/onedrive/IMAGE/Windows/win10ltsc_x64.tar.gz'

    This script is coming from moeclub. Default username administrator and password is Vicer.




    Run Docker Containers Free From GCP Cloud Shell

    You can directly access your GCP cloud shell through page:https://cloud.google.com/shell, or by enableing Cloud Shell access from top right terminal icon of your GCP console page:

    Both Docker and Docker-Compose have been installed.

    Welcome to Cloud Shell! Type "help" to get started.
    Your Cloud Platform project in this session is set to sec-2-213000.
    Use “gcloud config set project [PROJECT_ID]” to change to a different project.
    [email protected]:~ (sec-2-213000)$ curl cip.cc
    IP      : 34.139.137.247
    地址    : 美国  美国
    
    数据二  : 美国 | 得克萨斯州
    
    数据三  : 美国德克萨斯休斯顿
    
    URL     : http://www.cip.cc/34.139.137.247
    [email protected]:~ (sec-2-213000)$ docker version
    Client: Docker Engine - Community
     Version:           20.10.8
     API version:       1.41
     Go version:        go1.16.6
     Git commit:        3967b7d
     Built:             Fri Jul 30 19:54:02 2021
     OS/Arch:           linux/amd64
     Context:           default
     Experimental:      true
    
    Server: Docker Engine - Community
     Engine:
      Version:          20.10.8
      API version:      1.41 (minimum version 1.12)
      Go version:       go1.16.6
      Git commit:       75249d8
      Built:            Fri Jul 30 19:52:10 2021
      OS/Arch:          linux/amd64
      Experimental:     false
     containerd:
      Version:          1.4.9
      GitCommit:        e25210fe30a0a703442421b0f60afac609f950a3
     runc:
      Version:          1.0.1
      GitCommit:        v1.0.1-0-g4144b63
     docker-init:
      Version:          0.19.0
      GitCommit:        de40ad0
    [email protected]:~ (sec-2-213000)$ docker-compose version
    docker-compose version 1.24.0, build 0aa59064
    docker-py version: 3.7.2
    CPython version: 3.6.8
    OpenSSL version: OpenSSL 1.1.0j  20 Nov 2018
    [email protected]:~ (sec-2-213000)$
    
    
    Install a Ubuntu VNC Desktop docker from github page: https://github.com/fcwu/docker-ubuntu-vnc-desktop

    docker run -p 6080:80 -v /dev/shm:/dev/shm dorowu/ubuntu-desktop-lxde-vnc
    We also can install NextCloud using Docker Compose file from : https://hub.docker.com/_/nextcloud
    Create a new docker-compose.yml file and copy contents from https://hub.docker.com/_/nextcloud. Make sure enter a new password for your MYSQL root account and MYSQL DB. 


    [email protected]:~ (sec-2-213000)$nano docker-compose.yml
    
    version: '2'
    
    volumes:
      nextcloud:
      db:
    
    services:
      db:
        image: mariadb
        restart: always
        command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
        volumes:
          - db:/var/lib/mysql
        environment:
          - MYSQL_ROOT_PASSWORD=Password1234!
          - MYSQL_PASSWORD=Password1234!
          - MYSQL_DATABASE=nextcloud
          - MYSQL_USER=nextcloud
    
      app:
        image: nextcloud
        restart: always
        ports:
          - 8080:80
        links:
          - db
        volumes:
          - nextcloud:/var/www/html
        environment:
          - MYSQL_PASSWORD=Password1234!
          - MYSQL_DATABASE=nextcloud
          - MYSQL_USER=nextcloud
          - MYSQL_HOST=db
    Run "docker-compose up" command to bring this NextCloud dockers up. 

    YouTube Video:




    References




    No comments