Google Cloud Platform

https://cloud.google.com/sdk/docs/

gcloud

• https://cloud.google.com/compute/docs/gcloud-compute/tips

# General
gcloud projects list
gcloud config set compute/zone europe-west4-b

# Google Compute Engine
gcloud compute images list
gcloud compute zones list
gcloud machine-types list # f1-micro is the smallest burstable size

latest_image () {
  gcloud compute images list --sort-by ~NAME --format json --filter "$1" \
    | jq -r '.[0].name'
}

gcloud compute instances create $INSTANCE_NAME \
  --image "$(latest_image cos-stable)" \
  --image-project cos-cloud \
  --zone europe-west4-b \
  --machine-type f1-micro \
  --tags http-server,https-server \
  --metadata-from-file user-data=cloud-config.yaml
    
gcloud compute ssh $INSTANCE_NAME \
  --project $PROJECT_ID \
  --zone $ZONE

Google Compute Engine

• https://cloud.google.com/container-optimized-os/docs/how-to/create-configure-instance
• https://cloud.google.com/community/tutorials/docker-compose-on-container-optimized-os
• https://cloud.google.com/compute/docs/storing-retrieving-metadata
• https://cloud.google.com/compute/docs/reference/rest/v1/?hl=en_GB
• https://cloud.google.com/sdk/gcloud/reference/beta/compute/instance-templates/create-with-container

Google Container Registry

• Using Google’s Private Container Registry with Docker
• Pushing and Pulling Images
• Managing Images
• Configuring Access Control

Push (RW) access requires the roles/storage.admin (Storage Admin) role, which provides the following permissions: (storage).buckets.create, buckets.delete, buckets.get, buckets.list, buckets.update, objects.create, objects.delete, objects.get, objects.list, objects.update.

Pull (RO) access requires the roles/storage.objectViewer (Storage Object Viewer) role, which provides the following permissions: storage.objects.get and storage.objects.list.

# List your projects to get PROJECT_ID.
gcloud projects list

# Setup environment for convenience.
export PROJECT_ID="my-project-id"
export KEY_NAME="rw-key-name"
export KEY_DISPLAY_NAME="My RW Key Name"

# Create a new service account.
gcloud iam service-accounts create "${KEY_NAME}" \
  --display-name "${KEY_DISPLAY_NAME}"

# List service accounts to confirm creation (optional).
gcloud iam service-accounts list

# Create a new key for the service account.
gcloud iam service-accounts keys create \
  --iam-account "$KEY_NAME@$PROJECT_ID.iam.gserviceaccount.com" \
  rw-key.json
 
# Grant service account push (RW) access with roles/storage.admin role.
gcloud projects add-iam-policy-binding "$PROJECT_ID" \
  --member "serviceAccount:$KEY_NAME@$PROJECT_ID.iam.gserviceaccount.com" \
  --role "roles/storage.admin"

# Build and push your Docker image.
docker build . -t eu.gcr.io/$PROJECT_ID/my-image-name
docker login -u _json_key -p "$(cat rw-key.json)" https://eu.gcr.io
docker push eu.gcr.io/$PROJECT_ID/my-image-name