Google Compute Engine (GCE)

Hello everyone, thanks for coming today! Ready to learn Google Compute Engine?

In this codelab, we will explore Compute Engine working through an example Guestbook application.

You'll create Compute Engine instances, deploy nginx, and finally put a network balancer in the front. You can create a Compute Engine instance from either the graphical console or from the command line. This lab will walk you through using the command-line.

ComputeEngine_128px.png

Google Compute Engine (GCE) offers virtual machines running in Google's data centers connected to its worldwide fiber network. The tooling and workflow offered enables scaling from single instances to global, load-balanced cloud computing.

These VMs boot quickly, come with persistent disk storage, and deliver consistent performance. The machines are available in many configurations including predefined sizes and can also be created with Custom Machine Types optimized for your specific needs.

Finally, GCE virtual machines are also the technology used by several other GCP products (Kubernetes Engine, Cloud Dataproc, Cloud Dataflow, etc...).

Self-paced environment setup

  1. Sign in to Cloud Console and create a new project or reuse an existing one. (If you don't already have a Gmail or G Suite account, you must create one.)

dMbN6g9RawQj_VXCSYpdYncY-DbaRzr2GbnwoV7jFf1u3avxJtmGPmKpMYgiaMH-qu80a_NJ9p2IIXFppYk8x3wyymZXavjglNLJJhuXieCem56H30hwXtd8PvXGpXJO9gEUDu3cZw

ci9Oe6PgnbNuSYlMyvbXF1JdQyiHoEgnhl4PlV_MFagm2ppzhueRkqX4eLjJllZco_2zCp0V0bpTupUSKji9KkQyWqj11pqit1K1faS1V6aFxLGQdkuzGp4rsQTan7F01iePL5DtqQ

8-tA_Lheyo8SscAVKrGii2coplQp2_D1Iosb2ViABY0UUO1A8cimXUu6Wf1R9zJIRExL5OB2j946aIiFtyKTzxDcNnuznmR45vZ2HMoK3o67jxuoUJCAnqvEX6NgPGFjCVNgASc-lg

Remember the project ID, a unique name across all Google Cloud projects (the name above has already been taken and will not work for you, sorry!). It will be referred to later in this codelab as PROJECT_ID.

  1. Next, you'll need to enable billing in Cloud Console in order to use Google Cloud resources.

Running through this codelab shouldn't cost much, if anything at all. Be sure to to follow any instructions in the "Cleaning up" section which advises you how to shut down resources so you don't incur billing beyond this tutorial. New users of Google Cloud are eligible for the $300USD Free Trial program.

Google Cloud Shell

While Google Cloud and Compute Engine can be operated remotely from your laptop, in this codelab we will be using Google Cloud Shell, a command line environment running in the Cloud.

This Debian-based virtual machine is loaded with all the development tools you'll need. It offers a persistent 5GB home directory and runs in Google Cloud, greatly enhancing network performance and authentication. This means that all you will need for this codelab is a browser (yes, it works on a Chromebook).

  1. To activate Cloud Shell from the Cloud Console, simply click Activate Cloud Shell fEbHefbRynwXpq1vj2wJw6Dr17O0np8l-WOekxAZYlZQIORsWQE_xJl-cNhogjATLn-YxLVz8CgLvIW1Ncc0yXKJsfzJGMYgUeLsVB7zSwz7p6ItNgx4tXqQjag7BfWPcZN5kP-X3Q (it should only take a few moments to provision and connect to the environment).

I5aEsuNurCxHoDFjZRZrKBdarPPKPoKuExYpdagmdaOLKe7eig3DAKJitIKyuOpuwmrMAyZhp5AXpmD_k66cBuc1aUnWlJeSfo_aTKPY9aNMurhfegg1CYaE11jdpSTYNNIYARe01A

Screen Shot 2017-06-14 at 10.13.43 PM.png

Once connected to Cloud Shell, you should see that you are already authenticated and that the project is already set to your PROJECT_ID.

gcloud auth list

Command output

Credentialed accounts:
 - <myaccount>@<mydomain>.com (active)
gcloud config list project

Command output

[core]
project = <PROJECT_ID>

If, for some reason, the project is not set, simply issue the following command:

gcloud config set project <PROJECT_ID>

Looking for your PROJECT_ID? Check out what ID you used in the setup steps or look it up in the Cloud Console dashboard:

R7chO4PKQfLC3bvFBNZJALLTUiCgyLEq_67ECX7ohs_0ZnSjC7GxDNxWrJJUaoM53LnqABYamrBJhCuXF-J9XBzuUgaz7VvaxNrkP2TAn93Drxccyj2-5zz4AxL-G3hzxZ4PsM5HHQ

Cloud Shell also sets some environment variables by default, which may be useful as you run future commands.

echo $GOOGLE_CLOUD_PROJECT

Command output

<PROJECT_ID>
  1. Finally, set the default zone and project configuration.
gcloud config set compute/zone us-central1-f

You can choose a variety of different zones. For more information, see Regions & Zones.

As discussed previously we will use the gcloud command- line in this codelab. Everything done here can be achieved using the console (available at console.cloud.google.com).

Let's first create an instance with default settings :

$ gcloud compute instances create myinstance
Created [...].
NAME       ZONE           MACHINE_TYPE  PREEMPTIBLE INTERNAL_IP EXTERNAL_IP    STATUS
myinstance us-central1-f n1-standard-1             10.240.X.X  X.X.X.X        RUNNING

Note down the EXTERNAL_IP - that's important later on.

The instance is created using a number of defaults :

  • The zone that you choose. All instances live in a zone. You can select a zone at instance creation time by using the --zone flag or you can set a default zone (as we did in the initial setup) and omit the --zone flag.
  • The latest Debian GNU/Linux 9 (stretch) image. If you are using your own custom image, provide the image name here instead. For example, --image my-own-image.
  • The n1-standard-1 machine type. You can select another machine type such as n1-highmem-4 or n1-highcpu-6. If none of the predefined machine types match your needs, use a custom machine type.
  • A root persistent disk with the same name as the instance; the disk is automatically attached to the instance.

Run gcloud compute instances create --help to see all the options that are available.

By default, Google Cloud Platform only allows few port accesses. Since we'll be installing Nginx soon - let's enable port 80 in the firewall configuration first.

$ gcloud compute firewall-rules create allow-80 --allow tcp:80
Created [...].
NAME      NETWORK  DIRECTION  PRIORITY  ALLOW   DENY  DISABLED
allow-80  default  INGRESS    1000      tcp:80        False

This will create a firewall rule named allow-80 that has a default list of IP address blocks that are allowed to make inbound connections (--source-ranges) are set to 0.0.0.0/0 (Everywhere).

Run gcloud compute firewall-rules create --help to see all the defaults and all the options available, including the ability to apply a firewall rules based on tags.

To SSH into the instance from the command line (still from CloudShell) :

$ gcloud compute ssh myinstance
Waiting for SSH key to propagate.
Warning: Permanently added 'compute.12345' (ECDSA) to the list of known hosts.
...

yourusername@myinstance:~#

That's it! pretty easy. (In production, make sure you enter a passphrase :)

Alternatively, you can also SSH into the instance directly from the console ( console.cloud.google.com), by navigating to Compute Engine > VM Instances, and clicking on SSH.

3fa1439c56ff6ac3.png

Log into myinstance, the newly created instance, and install nginx:

$ sudo su - 
# apt-get update
# apt-get install -y nginx
# service nginx start
# exit

Test that the server is running using wget from myinstance:

$ wget -q -O - localhost:80 | grep nginx
<title>Welcome to nginx!</title>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
<a href="http://nginx.org/">nginx.org</a>.<br/>
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>

Find the external IP for your instance by listing your instances either via the web UI:

10394eb9943471c7.png

Make sure you exit from SSH, and run this command from the Cloud Shell:

$ gcloud compute instances list
NAME       ZONE           MACHINE_TYPE  PREEMPTIBLE INTERNAL_IP EXTERNAL_IP    STATUS
myinstance us-central1-f n1-standard-1             10.240.0.2  104.155.42.166 RUNNING

Then navigate to http://EXTERNAL_IP/ where EXTERNAL_IP is the public IP of myinstance and you should be able to see the nginx page:

ad478a07edeb6e60.png

Rather than setting up the instance every time, you can use a startup script to initialize the instance upon startup.

Let's open up another Cloud Shell session by click + to add a new session tab:

c50a4c4ae0f95efb.png

A new session requires you to update the configuration again:

$ gcloud config set compute/zone us-central1-f
$ gcloud config set compute/region us-central1

Create a file named startup.sh with the following content (you can use your favorite text editor: vim, nano, or emacs):

#! /bin/bash
apt-get update
apt-get install -y nginx
service nginx start
sed -i -- 's/nginx/Google Cloud Platform - '"$HOSTNAME"'/' /var/www/html/index.nginx-debian.html

To create a new GCE instance with this startup script simply type :

$ gcloud compute instances create nginx \
         --metadata-from-file startup-script=startup.sh 
Created [...].
NAME       ZONE           MACHINE_TYPE  PREEMPTIBLE INTERNAL_IP EXTERNAL_IP    STATUS
nginx      us-central1-f n1-standard-1             10.X.X.X    X.X.X.X   RUNNING

Browse to http://EXTERNAL_IP/ and you should see the updated home page. If the page doesn't show immediately retry after a couple of seconds, the host might be still starting nginx.

To create a cluster of servers, you first need to create an Instance Template. Once an instance template is created, you can then create an instance group to manage the number of instances to create.

First, create an instance template using the startup script :

$ gcloud compute instance-templates create nginx-template \
         --metadata-from-file startup-script=startup.sh
Created [...].
NAME           MACHINE_TYPE  PREEMPTIBLE CREATION_TIMESTAMP
nginx-template n1-standard-1             2015-11-09T08:44:59.007-08:00

Second, let's create a target pool. A target pool allows us to have a single access point to all the instances in a group and is necessary for load balancing in the future steps.

$ gcloud compute target-pools create nginx-pool
Created [...].
NAME       REGION       SESSION_AFFINITY BACKUP HEALTH_CHECKS
nginx-pool us-central1

Finally, create an instance group using the template:

$ gcloud compute instance-groups managed create nginx-group \
         --base-instance-name nginx \
         --size 2 \
         --template nginx-template \
         --target-pool nginx-pool
Created [...].
NAME        ZONE           BASE_INSTANCE_NAME SIZE TARGET_SIZE GROUP       INSTANCE_TEMPLATE AUTOSCALED
nginx-group us-central1-f nginx                   2           nginx-group nginx-template

This will create two additional GCE instances with names that are prefixed with nginx-.

You should now be able to see all of the instances created!

$ gcloud compute instances list
NAME       ZONE           MACHINE_TYPE  PREEMPTIBLE INTERNAL_IP EXTERNAL_IP    STATUS
myinstance us-central1-f n1-standard-1             10.240.X.X  X.X.X.X           RUNNING
nginx      us-central1-f n1-standard-1             10.240.X.X  X.X.X.X           RUNNING
nginx-7wvi us-central1-f n1-standard-1             10.240.X.X  X.X.X.X           RUNNING
nginx-9mwd us-central1-f n1-standard-1             10.240.X.X  X.X.X.X           RUNNING

There are several types of load balancers in Google Cloud Platform including :

Let's create a regional network load balancer targeting our instance group:

$ gcloud compute forwarding-rules create nginx-lb \
         --ports 80 \
         --target-pool nginx-pool

For the following forwarding rule:
 - [nginx-lb]
choose a region or global:
 [1] global
 [2] region: asia-east1
 [3] region: asia-east2
 [4] region: asia-northeast1
 [5] region: asia-south1
 [6] region: asia-southeast1
 [7] region: australia-southeast1
 [8] region: europe-north1
 [9] region: europe-west1
 [10] region: europe-west2
 [11] region: europe-west3
 [12] region: europe-west4
 [13] region: northamerica-northeast1
 [14] region: southamerica-east1
 [15] region: us-central1
 [16] region: us-east1
 [17] region: us-east4
 [18] region: us-west1
 [19] region: us-west2
Please enter your numeric choice: 15

$ gcloud compute forwarding-rules list
NAME     REGION       IP_ADDRESS     IP_PROTOCOL TARGET
nginx-lb us-central1  104.155.48.184 TCP         us-central1/targetPools/nginx-pool

You can then visit the load balancer from the browser http://IP_ADDRESS/ where IP_ADDRESS is the address shown as the result of running the previous command.

Due to the time, we will not be creating a HTTP load balancer today.

Don't forget to shut down your cluster, otherwise they'll keep running and accruing costs. The following commands will delete the Google Compute Engine instances, Instance Group, Targeting Group, and the Load Balancer.

$ gcloud compute forwarding-rules delete nginx-lb

$ gcloud compute instance-groups managed delete nginx-group

$ gcloud compute target-pools delete nginx-pool

$ gcloud compute instance-templates delete nginx-template

$ gcloud compute instances delete nginx

$ gcloud compute instances delete myinstance

$ gcloud compute firewall-rules delete allow-80

Each of the commands above should ask you to confirm the deletion of the resource.

Congratulations, you've completed this GCE codelab!

More GCE features

Google Compute Engine (GCE) has a rich set of features. You may want to dive into some of these :

Google Kubernetes Engine

Google Kubernetes Engine (GKE) is GCP's hosted and fully-managed Kubernetes offering. There are several codelabs available to help you start with GKE. Here's a good one to start with :

Give us your feedback

  • Please take a moment to complete our very short survey