brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 05:44:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: removed duplicate information for gcp cli (gcloud)

Browse Source
This commit is contained in:
Michele Cereda
2023-09-14 22:40:26 +02:00
parent c5d091c9be
commit 72f0f8af7b
3 changed files with 158 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
knowledge base/gcloud.md
View File

@@ -1,96 +0,0 @@
# Google cloud platform CLI
## Table of contents <!-- omit in toc -->
1. [TL;DR](#tldr)
1. [Further readings](#further-readings)
1. [Sources](#sources)
## TL;DR
```sh
# Login.
gcloud auth login
gcloud auth login account
# Set applications.
gcloud auth application-default login
gcloud auth application-default login --no-launch-browser
# Activate a service account.
gcloud auth activate-service-account \
serviceaccount@gcpproject.iam.gserviceaccount.com \
--key-file /tmp/sa.credentials.json
# Configure the CLI.
gcloud config set account serviceaccount@gcpproject.iam.gserviceaccount.com
gcloud config set project project-id
gcloud config set compute/region europe-west1
# List current settings.
gcloud config list
gcloud config list --configuration profile
# Create a new profile.
gcloud config configurations create new-active-profile
gcloud config configurations create --no-activate new-inactive-profile
# List available profiles.
gcloud config configurations list
# Switch to a different configuration.
gcloud config configurations activate old-profile
# SSH into a compute instance.
gcloud compute ssh --zone zone instance --project project
gcloud beta compute ssh --zone zone instance --project project
# Show operations.
# Filters are suggested.
gcloud container operations list --filter="NOT status:DONE"
gcloud container operations list \
--filter="name:operation-1513320920760-9c26cff5 AND status:RUNNING"
gcloud compute operations list --filter="region:europe-west4 AND -status:DONE"
gcloud compute operations list \
--filter="region:(europe-west4 us-east2)" \
--filter="status!=DONE"
# Use a specific service account for an operation.
# The service account must have been activated.
gcloud config set account serviceaccount@gcpproject.iam.gserviceaccount.com \
&& gcloud auth application-default login --no-launch-browser \
&& gcloud compute instances list
# Logout.
gcloud auth revoke --all
gcloud auth revoke account
```
## Further readings
- [Gcloud cheat-sheet]
- [Kubectl cluster access]
- [Gcloud config configurations]
## Sources
All the references in the [further readings] section, plus the following:
- [How to run gcloud command line using a service account]
- [How to change the active configuration profile in gcloud]
<!--
References
-->
<!-- Upstream -->
[gcloud cheat-sheet]: https://cloud.google.com/sdk/gcloud/reference/cheat-sheet
[gcloud config configurations]: https://cloud.google.com/sdk/gcloud/reference/config/configurations
[kubectl cluster access]: https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl
<!-- In-article sections -->
[further readings]: #further-readings
<!-- Others -->
[how to change the active configuration profile in gcloud]: https://stackoverflow.com/questions/35744901/how-to-change-the-active-configuration-profile-in-gcloud#35750001
[how to run gcloud command line using a service account]: https://pnatraj.medium.com/how-to-run-gcloud-command-line-using-a-service-account-f39043d515b9

158
knowledge base/gcp/cli.md Normal file
View File

@@ -0,0 +1,158 @@
# The `gcloud` utility
CLI for the Google Cloud Platform.
## Table of contents <!-- omit in toc -->
1. [TL;DR](#tldr)
1. [Further readings](#further-readings)
1. [Sources](#sources)
## TL;DR
```sh
# Login.
gcloud auth login
gcloud … --brief
gcloud … "email@example.com"
# Print access tokens.
gcloud auth print-access-token
gcloud … "email@example.com"
# List all credentialed accounts.
# Also identify the current active account.
gcloud auth list
# Revoke credentials.
# A.K.A. logout.
gcloud auth revoke "email@example.com"
gcloud auth revoke --all
# Setup applications.
gcloud auth application-default login
gcloud … --no-launch-browser
# Activate service accounts.
gcloud auth activate-service-account \
"serviceaccount@gcpproject.iam.gserviceaccount.com" \
--key-file "/path/to/sa.credentials.json"
# Configure the CLI.
gcloud config set 'account' "serviceaccount@gcpproject.iam.gserviceaccount.com"
gcloud … 'project' "project_id"
gcloud … 'compute/region' "europe-west1"
gcloud config unset 'project'
# List current settings.
gcloud config list
gcloud … --configuration "profile_name"
# Create new profiles.
gcloud config configurations create "new_active_profile"
gcloud … --no-activate "new_inactive_profile"
# List available profiles.
gcloud config configurations list
# Switch to different configurations.
gcloud config configurations activate "old_profile"
# List all project the current user has access to.
gcloud projects list --sort-by='projectId'
# Delete projects.
gcloud projects delete "project_name"
# Undo delete project.
# Available for a limited period of time only.
gcloud projects undelete "project_name"
# Add the 'pubsub.admin' IAM Role to the 'awesome-sa' service account in the
# 'gcp-project' project.
gcloud projects add-iam-policy-binding "project_name" \
--member "serviceAccount:awesome-sa@gcp-project.iam.gserviceaccount.com" \
--role 'roles/pubsub.admin'
# Remove the 'pubsub.subscriber' IAM Role from the 'awesome-sa' service account
# in the 'gcpproject' project.
gcloud projects remove-iam-policy-binding "project_name" \
--member="serviceAccount:awesome-sa@gcp-project.iam.gserviceaccount.com" \
--role='roles/pubsub.subscriber'
# SSH into compute instances.
# Includes GKE clusters' compute instances.
gcloud compute ssh "instance-name" --zone "zone_name"
gcloud … --zone "zone_name" "instance_name" --project "project_name"
# Get all Kubernetes versions available for use in GKE clusters.
gcloud container get-server-config --format 'yaml(validNodeVersions)'
gcloud … --format 'yaml(validMasterVersions)' --zone "compute_zone_name"
gcloud … --flatten='channels' --filter='channels.channel=RAPID' \
--format='yaml(channels.channel,channels.validVersions)'
# Generate 'kubeconfig' entries for GKE clusters.
gcloud container clusters get-credentials "cluster_name"
gcloud … "cluster_name" --region "region_name"
# Show operations.
# Filters are suggested.
gcloud container operations list --filter='NOT status:DONE'
gcloud compute … --filter='region:europe-west4 AND -status:DONE'
gcloud container … \
--filter='name:operation-1513320920760-9c26cff5 AND status:RUNNING'
gcloud compute … \
--filter='region:(europe-west4 us-east2)' \
--filter='status!=DONE'
# Connect to cloud SQL instances.
gcloud sql connect "instance_name" --user="root" --quiet
# Use specific service accounts for an operation.
# The service account must have been already activated.
gcloud config set account "serviceaccount@gcpproject.iam.gserviceaccount.com" \
&& gcloud auth application-default login --no-launch-browser \
&& gcloud compute instances list
```
## Further readings
- [Creating and managing projects]
- [Install kubectl and configure cluster access]
- [`gcloud config configurations`][gcloud config configurations]
## Sources
All the references in the [further readings] section, plus the following:
- [Reference]
- [Cheat-sheet]
- [How to run gcloud command line using a service account]
- [How to change the active configuration profile in gcloud]
<!--
References
-->
<!-- Upstream -->
[cheat-sheet]: https://cloud.google.com/sdk/gcloud/reference/cheat-sheet
[creating and managing projects]: https://cloud.google.com/resource-manager/docs/creating-managing-projects
[gcloud config configurations]: https://cloud.google.com/sdk/gcloud/reference/config/configurations
[install kubectl and configure cluster access]: https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl
[reference]: https://cloud.google.com/sdk/gcloud/reference/
<!-- In-article sections -->
[further readings]: #further-readings
<!-- Others -->
[how to change the active configuration profile in gcloud]: https://stackoverflow.com/questions/35744901/how-to-change-the-active-configuration-profile-in-gcloud#35750001
[how to run gcloud command line using a service account]: https://pnatraj.medium.com/how-to-run-gcloud-command-line-using-a-service-account-f39043d515b9

71
knowledge base/gcp/gcloud.md
View File

@@ -1,71 +0,0 @@
# The `gcloud` utility
CLI for the Google Cloud Platform.
## Table of contents <!-- omit in toc -->
1. [TL;DR](#tldr)
1. [Further readings](#further-readings)
1. [Sources](#sources)
## TL;DR
```sh
# List all project the current user has access to.
gcloud projects list --sort-by=projectId
# Delete projects.
gcloud projects delete 'project-name'
# Undo delete project operations.
# Available for a limited period of time.
gcloud projects undelete 'project-name'
# Add the pubsub admin role to the 'awesome-sa' service account in the
# 'gcp-project' project.
gcloud projects add-iam-policy-binding 'gcp-project' \
--member "serviceAccount:awesome-sa@gcp-project.iam.gserviceaccount.com" \
--role "roles/pubsub.admin"
# Remove the pubsub subscriber role from the 'awesome-sa' service account in the gcpproject project
gcloud projects remove-iam-policy-binding 'gcp-project' \
--member="serviceAccount:awesome-sa@gcp-project.iam.gserviceaccount.com" \
--role="roles/pubsub.subscriber"
# Get all Kubernetes versions available for use in gke clusters.
gcloud container get-server-config --format "yaml(validNodeVersions)"
gcloud container get-server-config --format "yaml(validMasterVersions)" --zone 'compute-zone'
gcloud container get-server-config --flatten="channels" --filter="channels.channel=RAPID" --format="yaml(channels.channel,channels.validVersions)"
# Generate 'kubeconfig' entries for gke clusters.
gcloud container clusters get-credentials 'cluster-name'
gcloud container clusters get-credentials 'cluster-name' --region 'region'
# SSH into compute instances.
# Includes gke clusters' compute instances.
gcloud compute ssh 'instance-name' --zone 'zone'
# Connect to cloud SQL instances.
gcloud sql connect 'instance-name' --user='root' --quiet
```
## Further readings
- [Creating and managing projects]
## Sources
All the references in the [further readings] section, plus the following:
- [`gcloud projects`][gcloud projects]
<!--
References
-->
<!-- Upstream -->
[creating and managing projects]: https://cloud.google.com/resource-manager/docs/creating-managing-projects
[gcloud projects]: https://cloud.google.com/sdk/gcloud/reference/projects
<!-- In-article sections -->
[further readings]: #further-readings