<a href="https://colab.research.google.com/github/thecodemancer/study-with-me/blob/main/gcp/Getting_Started_with_Cloud_Shell_and_gcloud.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# Getting Started with Cloud Shell and gcloud

## Overview

**Cloud Shell** provides you with command-line access to computing resources hosted on Google Cloud. Cloud Shell is a Debian-based virtual machine with a persistent 5-GB home directory, which makes it easy for you to manage your Google Cloud projects and resources. The **gcloud** command-line tool and other utilities you need are pre-installed in Cloud Shell, which allows you to get up and running quickly.

In this hands-on lab, you learn how to connect to computing resources hosted on Google Cloud via Cloud Shell with the gcloud tool.

You are encouraged to type the commands themselves, which reinforces the core concepts. 

## Task 1. Configure your environment

Certain **Google Compute Engine** resources live in regions or zones. A region is a specific geographical location where you can run your resources. Each region has one or more zones. For example, the `us-central1` region denotes a region in the Central United States that has zones `us-central1-a`, `us-central1-b`, `us-central1-c`, and `us-central1-f`. The following table shows zones in their respective regions:


| Western US      | Central US | Eastern US | Western Europe | Eastern Asia |
| ----------- | ----------- | ----------- | ----------- | ----------- |
| us-west1-a | us-central1-a | us-east1-b	| europe-west1-b	| asia-east1-a |
| us-west1-b | us-central1-b | us-east1-c	| europe-west1c	| asia-east1-b |
| - | us-central1-c	| us-east1-d	| europe-west1-d	| aisia-east1-c |
| - | us-central1-f | - | - | - |

Resources that live in a zone are referred to as zonal resources. Virtual machine instances and persistent disks live in a zone. If you want to attach a persistent disk to a virtual machine instance, both resources must be in the same zone. Similarly, if you want to assign a static IP address to an instance, the instance must be in the same region as the static IP address.

1. Set the region to ____


In [None]:
gcloud config set compute/region

2. To view the project region setting, run the following command:

In [None]:
gcloud config get-value compute/region

3. Set the zone to ____ :

In [None]:
gcloud config set compute/zone

4. To view the project zone setting, run the following command:

In [None]:
gcloud config get-value compute/zone

### Finding project information

1. Copy your project ID to your clipboard or text editor. 

In the Cloud Console, on the Dashboard, under **Project info**. (Click **Navigation menu**, and then click **Cloud overview** > **Dashboard**.)

2. In Cloud Shell, run the following `gcloud` command, to view the project id for your project:



In [None]:
gcloud config get-value project

3. In Cloud Shell, run the following gcloud command to view details about the project:



In [None]:
gcloud compute project-info describe --project $(gcloud config get-value project) 

Find the zone and region metadata values in the output. You'll use the zone (**google-compute-default-zone**) from the output later in this lab.

### Setting environment variables

Environment variables define your environment and help save time when you write scripts that contain APIs or executables.

1. Create an environment variable to store your Project ID, replacing **\<your_project_ID>** with the value for name from the gcloud compute project-info describe command you ran earlier:



In [None]:
export PROJECT_ID=$(gcloud config get-value project)

2. Create an environment variable to store your Zone, replacing **\<your_zone>** with the value for zone from the **gcloud compute project-info describe** command you ran earlier:



In [None]:
export ZONE=$(gcloud config get-value compute/zone)

3. To verify that your variables were set properly, run the following commands:



In [None]:
echo -e "PROJECT ID: $PROJECT_ID\nZONE: $ZONE"

If the variables were set correctly, the echo commands will output your Project ID and Zone.

### Creating a virtual machine with the gcloud tool

Use the gcloud tool to create a new virtual machine (VM) instance.

1. To create your VM, run the following command:

In [None]:
gcloud compute instances create gcelab2 --machine-type e2-medium --zone $ZONE

- To open help for the create command, run the following command:



In [None]:
gcloud compute instances create --help

### Explore gcloud commands

The **gcloud** tool offers simple usage guidelines that are available by adding the **-h** flag (for help) onto the end of any **gcloud** command.

Run the following command:




In [None]:
gcloud -h

You can access more verbose help by appending the **--help** flag onto a command or running the **gcloud help** command.

2. Run the following command:




In [None]:
gcloud config --help

- Run the following command:



In [None]:
gcloud help config

The results of the **gcloud config** --help and gcloud help config commands are equivalent. Both return long, detailed help.

gcloud [Global Flags](https://cloud.google.com/sdk/gcloud/reference/) govern the behavior of commands on a per-invocation level. Flags override any values set in SDK properties.

4. View the list of configurations in your environment:





In [None]:
gcloud config list  

5. To see all properties and their settings:



In [None]:
gcloud config list --all

6. List your components:



In [None]:
gcloud components list

This command displays the gcloud components that are ready for you to use in this lab.



## Task 2. Filtering command line output

The gcloud CLI is a powerful tool for working at the command line. You may want specific information to be displayed.

1. List the compute instance available in the project:

In [None]:
gcloud compute instances list

2. List the gcelab2 virtual machine:



In [None]:
gcloud compute instances list --filter="name=('gcelab2')"

3. List the Firewall rules in the project:



In [None]:
gcloud compute firewall-rules list

4. List the Firewall rules for the default network:



In [None]:
gcloud compute firewall-rules list --filter="network='default'"

5. List the Firewall rules for the default network where the allow rule matches an ICMP rule:



In [None]:
gcloud compute firewall-rules list --filter="NETWORK:'default' AND ALLOW:'icmp'"

## Task 3. Connecting to your VM instance

**gcloud** compute makes connecting to your instances easy. The **gcloud compute ssh** command provides a wrapper around SSH, which takes care of authentication and the mapping of instance names to IP addresses.

1. To connect to your VM with SSH, run the following command:

In [None]:
gcloud compute ssh gcelab2 --zone $ZONE

To continue, type **Y**.

To leave the passphrase empty, press **ENTER** twice.

Install nginx web server on to virtual machine:




In [None]:
sudo apt install -y nginx

5. You don't need to do anything here, so to disconnect from SSH and exit the remote shell, run the following command:



In [None]:
exit

## Task 4. Updating the Firewall

When using compute resources such as virtual machines, it's important to understand the associated firewall rules.

1. List the firewall rules for the project:

In [None]:
gcloud compute firewall-rules list

From the above we can see we have two networks available. The default network is where our virtual machine gcelab2 is located.

2. Try to access the nginx service running on the gcelab2 virtual machine.

3. Add a tag to the virtual machine:



In [None]:
gcloud compute instances add-tags gcelab2 --tags http-server,https-server

4. Update the firewall rule to allow:



In [None]:
gcloud compute firewall-rules create default-allow-http --direction=INGRESS --priority=1000 --network=default --action=ALLOW --rules=tcp:80 --source-ranges=0.0.0.0/0 --target-tags=http-server

5. List the firewall rules for the project:



In [None]:
gcloud compute firewall-rules list --filter=ALLOW:'80'

6. Verify communication is possible for http to the virtual machine:



In [None]:
curl http://$(gcloud compute instances list --filter=name:gcelab2 --format='value(EXTERNAL_IP)')

## Task 5. Viewing the system logs

1. View the available logs on the system:



In [None]:
gcloud logging logs list 

2. View the logs that relate to compute resources:



In [None]:
gcloud logging logs list --filter="compute" 

3. Read the logs related to the resource type of **gce_instance**:



In [None]:
gcloud logging read "resource.type=gce_instance" --limit 5

4. Read the logs for a specific virtual machine:



In [None]:
gcloud logging read "resource.type=gce_instance AND labels.instance_name='gcelab2'" --limit 5

## Congratulations!

You did it!