Time: 1 hour
Difficulty: Introductory
Price: 1 Credit
Quest: Create and Manage Cloud Resources
Last updated: May 22, 2023
You have started a new role as a Junior Cloud Engineer for Jooli, Inc. You are expected to help manage the infrastructure at Jooli. Common tasks include provisioning resources for projects.
You are expected to have the skills and knowledge for these tasks, so step-by-step guides are not provided.
Some Jooli, Inc. standards you should follow:
Create all resources in the default region or zone, unless otherwise directed.
Naming normally uses the format team-resource; for example, an instance could be named nucleus-webserver1.
Allocate cost-effective resource sizes. Projects are monitored, and excessive resource use will result in the containing project's termination (and possibly yours), so plan carefully. This is the guidance the monitoring team is willing to share: unless directed, use f1-micro for small Linux VMs, and use n1-standard-1 for Windows or other applications, such as Kubernetes nodes.
As soon as you sit down at your desk and open your new laptop, you receive several requests from the Nucleus team. Read through each description, and then create the resources.
Export the following environment variables using the values specific to your labs instruction.
export INSTANCE_NAME=
export ZONE=
export REGION=
export PORT=
export FIREWALL_NAME=
You can find the zone in Task 2 description.
Region is just the first part of the zone. For example, if the zone is us-east1-b
, then the region is us-east1
.
Example:
export INSTANCE_NAME=nucleus-jumphost-295
export ZONE=us-central1-b
export REGION=us-central1
export PORT=8080
export FIREWALL_NAME=accept-tcp-rule-633
Beware with machine-type, maybe have different with me, dont forget to change
Go to cloud shell and run the following command:
gcloud compute instances create $INSTANCE_NAME \
--network nucleus-vpc \
--zone $ZONE \
--machine-type e2-micro \
--image-family debian-10 \
--image-project debian-cloud
Go to cloud shell and run the following command:
gcloud container clusters create nucleus-backend \
--num-nodes 1 \
--network nucleus-vpc \
--zone $ZONE
gcloud container clusters get-credentials nucleus-backend \
--zone $ZONE
- Use the Docker container hello-app (
gcr.io/google-samples/hello-app:2.0
) as place holder.
kubectl create deployment hello-server \
--image=gcr.io/google-samples/hello-app:2.0
- Expose the app on port
APP_PORT_NUMBER
.
kubectl expose deployment hello-server \
--type=LoadBalancer \
--port $PORT
-
Create startup-script.
cat << EOF > startup.sh #! /bin/bash apt-get update apt-get install -y nginx service nginx start sed -i -- 's/nginx/Google Cloud Platform - '"\$HOSTNAME"'/' /var/www/html/index.nginx-debian.html EOF
-
Create instance template.
gcloud compute instance-templates create web-server-template \ --metadata-from-file startup-script=startup.sh \ --network nucleus-vpc \ --machine-type g1-small \ --region $ZONE
-
Create target pool.
gcloud compute target-pools create nginx-pool --region=$REGION
-
Create managed instance group.
gcloud compute instance-groups managed create web-server-group \ --base-instance-name web-server \ --size 2 \ --template web-server-template \ --region $REGION
-
Create firewall rule named as
FIREWALL_RULE
to allow traffic (80/tcp).gcloud compute firewall-rules create $FIREWALL_NAME \ --allow tcp:80 \ --network nucleus-vpc
-
Create health check.
gcloud compute http-health-checks create http-basic-check gcloud compute instance-groups managed \ set-named-ports web-server-group \ --named-ports http:80 \ --region $REGION
-
Create backend service, and attach the managed instance group with named port (http:80).
gcloud compute backend-services create web-server-backend \ --protocol HTTP \ --http-health-checks http-basic-check \ --global gcloud compute backend-services add-backend web-server-backend \ --instance-group web-server-group \ --instance-group-region $REGION \ --global
-
Create URL map and target the HTTP proxy to route requests to your URL map.
gcloud compute url-maps create web-server-map \ --default-service web-server-backend gcloud compute target-http-proxies create http-lb-proxy \ --url-map web-server-map
-
Create forwarding rule.
gcloud compute forwarding-rules create http-content-rule \ --global \ --target-http-proxy http-lb-proxy \ --ports 80 gcloud compute forwarding-rules create $FIREWALL_NAME \ --global \ --target-http-proxy http-lb-proxy \ --ports 80 gcloud compute forwarding-rules list
Note: Just wait for the load balancer to finish setting up. It may take a few minutes. If you get an error checkmark, wait a few moments and try again.
- Testing traffic sent to your instances. (Optional)
- In the Cloud Console, click the Navigation menu > Network services > Load balancing.
- Click on the load balancer that you just created (
web-server-map
). - In the Backend section, click on the name of the backend and confirm that the VMs are Healthy. If they are not healthy, wait a few moments and try reloading the page.
- When the VMs are healthy, test the load balancer using a web browser, going to
http://IP_ADDRESS/
, replacingIP_ADDRESS
with the load balancer's IP address.