# Creating a Google Cloud instance with SSH for your team
**Author:** Edward T (edwardtky@berkeley.edu)

Follow these steps to create a basic virtual machine instance on Google Cloud and enable your team to ssh into the instance.


***
## Step 1 - Create a new virtual machine (VM) instance
***

### Step 1a

1. Open Google Cloud 'Navigation Menu' (top left corner button)
2. Hover over 'Compute Engine'  
3. Click 'VM Instances'

![title](images/1_create_instance.png)

### Step 1b

1. Click 'CREATE INSTANCE'

![title](images/2_create_instance.png)

## Step 1c

1. Use the settings shown below for the following field:
    - Name (just a unique title for your instance)
    - Region (choose somewhere close to where you are to reduce latency)
    - Zone (not very important)
    - Machine Type (can increase number of vCPUs or add GPUs)
    - Boot disk (recommended to use Ubuntu 14.04 LTS)
    - ***or change it according to your requirement***
2. Check "Allow HTTPS traffic"

![title](images/3_create_instance.png)

#### Great! Your instance has been setup and it will be ready in ~60 seconds.

***
## Step 2 - Create SSH key pairs

Meanwhile, you will need to create SSH key pairs to remotely access the instance via the terminal.
***

### Step 2.1

1. Open terminal on your local machine
2. Run the following code, with:
    - [KEY_FILENAME] as the name you want to use for your SSH key files, eg. edwardkey
    - [USERNAME] is the user for whom you will apply this SSH key, eg. edward

In [None]:
ssh-keygen -t rsa -f ~/.ssh/[KEY_FILENAME] -C [USERNAME]

### Step 2.2

1. Restrict access to your private key by running the following code:  
(this is to ensure only you can read it)
    - remember to use the correct [KEY_FILENAME] eg. edwardkey

In [None]:
chmod 400 ~/.ssh/[KEY_FILENAME]

***
## Step 3 - Copy and add public key to Google Cloud
***

### Step 3.1

1. Run the following code to copy your public key
    - remember to use the correct [KEY_FILENAME] eg. edwardkey

In [None]:
pbcopy < ~/.ssh/[KEY_FILENAME].pub

### Step 3.2

1. Open Google Cloud 'Navigation Menu' (top left corner button)
2. Click 'Compute Engine'
3. Click 'Metadata'
4. Click 'SSH-Keys'
5. Click 'Edit'

![title](images/7_add_public_key.png)

### Step 3.3
1. Paste the copied public key (in text form) into the field 'Enter entire key data'
    -  notice that the username should auto populate eg. edward
2. Click 'Save'

![title](images/8_add_public_key.png)

### Step 3.4 - Repeat for every team member

Repeat Steps 2.1 to 3.3 for each member in your team

#### Great! Now, you're done with creating your SSH keys and adding them to your instance.

***
## Step 4 - Edit instance settings

To enable your team to remotely access the Google Cloud instance through SSH, we need to configure some simple settings.
***

### Step 4.1 - Configure Firewall Rules
1. Open Google Cloud 'Navigation Menu' (top left corner button)
2. Scroll down the 'Navigation Menu'
3. Hover over 'VPC network'
4. Click 'Firewall rules

![title](images/4_firewall_ssh.png)

5. Ensure that there is a rule "default allow ssh"


![title](images/5_firewall_ssh.png)

### Step 4.2 - Configure External IP Address
1. Open Google Cloud 'Navigation Menu' (top left corner button)
2. Scroll down the 'Navigation Menu'
3. Click 'VPC network'
4. Click 'External IP addresses"
5. Under 'Type', change "Emphemeral" to "Static"
6. Name your static ip address, eg. "ganip"


![title](images/6_static_ip.png)

### Great! You're all set!

***
## Step 5 - Finally..

Now, you are read to SSH remotely into the instance.
***

### Step 5.1 - Get the following info ready..

1. [PATH_TO_PRIVATE_KEY]
    - Locate your private key and copy the path
    - eg. ~/.ssh/edwardkey
2. [USERNAME]
    - You can find that at Google Cloud Navigation Menu > Metadata > SSH Keys, under the column 'Username'
    - eg. edward
3. [EXTERNAL_IP_ADDRESS]
    - You can find that at Google Cloud Navigation Menu > VM Instances, under column 'External IP'
    - eg. 35.237.153.189

### Step 5.2
1. Open Terminal
2. Enter the following code, with the corresponding info found in 5.1:
    - [PATH_TO_PRIVATE_KEY]
    - [USERNAME]
    - [EXTERNAL_IP_ADDRESS]

In [None]:
ssh -i [PATH_TO_PRIVATE_KEY] [USERNAME]@[EXTERNAL_IP_ADDRESS]

For example..

In [None]:
ssh -i ~/.ssh/edwardkey edward@35.237.153.189

#### If you are successful, you should see a block of text starting with something like this:

Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.15.0-1021-gcp x86_64)  
...  
...  
...

***
## Congratulations! You have successfully setup your Google Cloud VM instance and enabled your team to SSH remotely into the instance.
***

### References:

1. https://cloud.google.com/compute/docs/instances/connecting-advanced#provide-key
2. https://docs.joyent.com/public-cloud/getting-started/ssh-keys/generating-an-ssh-key-manually/manually-generating-your-ssh-key-in-mac-os-x