252 lines
7.6 KiB
Markdown
252 lines
7.6 KiB
Markdown
---
|
|
title: "[GSP313] Create and Manage Cloud Resources: Challenge Lab"
|
|
description: ""
|
|
summary: "Quest: Create and Manage Cloud Resources"
|
|
date: 2023-05-22T08:13:03+07:00
|
|
draft: false
|
|
author: "Hiiruki" # ["Me", "You"] # multiple authors
|
|
tags: ["writeups", "challenge", "google-cloudskillsboost", "gsp313", "google-cloud", "cloudskillsboost", "juaragcp", "google-cloud-platform", "gcp", "kubernetes", "load-balancer", "cloud-computing"]
|
|
canonicalURL: ""
|
|
showToc: true
|
|
TocOpen: false
|
|
TocSide: 'right' # or 'left'
|
|
weight: 7
|
|
# aliases: ["/first"]
|
|
hidemeta: false
|
|
comments: false
|
|
disableHLJS: true # to disable highlightjs
|
|
disableShare: true
|
|
hideSummary: false
|
|
searchHidden: false
|
|
ShowReadingTime: true
|
|
ShowBreadCrumbs: true
|
|
ShowPostNavLinks: true
|
|
ShowWordCount: true
|
|
ShowRssButtonInSectionTermList: true
|
|
# UseHugoToc: true
|
|
cover:
|
|
image: "<image path/url>" # image path/url
|
|
alt: "<alt text>" # alt text
|
|
caption: "<text>" # display caption under cover
|
|
relative: false # when using page bundles set this to true
|
|
hidden: true # only hide on current single page
|
|
# editPost:
|
|
# URL: "https://github.com/hiiruki/hiiruki.dev/blob/main/content/writeups/google-cloudskillsboost/GSP313/index.md"
|
|
# Text: "Suggest Changes" # edit text
|
|
# appendFilePath: true # to append file path to Edit link
|
|
---
|
|
|
|
### GSP313
|
|
|
|
![Lab Banner](https://cdn.qwiklabs.com/GMOHykaqmlTHiqEeQXTySaMXYPHeIvaqa2qHEzw6Occ%3D#center)
|
|
|
|
- Time: 1 hour<br>
|
|
- Difficulty: Introductory<br>
|
|
- Price: 1 Credit
|
|
|
|
Lab: [GSP313](https://www.cloudskillsboost.google/focuses/10258?parent=catalog)<br>
|
|
Quest: [Create and Manage Cloud Resources](https://www.cloudskillsboost.google/quests/120)<br>
|
|
|
|
## Challenge scenario
|
|
|
|
You have started a new role as a Junior Cloud Engineer for Jooli, Inc. You are expected to help manage the infrastructure at Jooli. Common tasks include provisioning resources for projects.
|
|
|
|
You are expected to have the skills and knowledge for these tasks, so step-by-step guides are not provided.
|
|
|
|
Some Jooli, Inc. standards you should follow:
|
|
|
|
Create all resources in the default region or zone, unless otherwise directed.
|
|
|
|
Naming normally uses the format _team-resource_; for example, an instance could be named **nucleus-webserver1**.
|
|
|
|
Allocate cost-effective resource sizes. Projects are monitored, and excessive resource use will result in the containing project's termination (and possibly yours), so plan carefully. This is the guidance the monitoring team is willing to share: unless directed, use **f1-micro** for small Linux VMs, and use **n1-standard-1** for Windows or other applications, such as Kubernetes nodes.
|
|
|
|
## Your challenge
|
|
|
|
As soon as you sit down at your desk and open your new laptop, you receive several requests from the Nucleus team. Read through each description, and then create the resources.
|
|
|
|
## Setup
|
|
|
|
Export the following environment variables using the values specific to your labs instruction.
|
|
|
|
```bash
|
|
export INSTANCE_NAME=
|
|
export ZONE=
|
|
export REGION=
|
|
export PORT=
|
|
export FIREWALL_NAME=
|
|
```
|
|
|
|
![labs variable](./images/labs_variable.webp#center)
|
|
|
|
You can find the zone in Task 2 description.
|
|
|
|
![zone_variable_task2](./images/zone_variable_task2.webp#center)
|
|
|
|
Region is just the first part of the zone. For example, if the zone is `us-east1-b`, then the region is `us-east1`.
|
|
|
|
Example:
|
|
|
|
```bash
|
|
export INSTANCE_NAME=nucleus-jumphost-295
|
|
export ZONE=us-central1-b
|
|
export REGION=us-central1
|
|
export PORT=8080
|
|
export FIREWALL_NAME=accept-tcp-rule-633
|
|
```
|
|
|
|
### Task 1. Create a project jumphost instance
|
|
|
|
**_Beware with machine-type, maybe have different with me, dont forget to change_**<br>
|
|
![machine-type](./images/machine-type.webp#center)
|
|
|
|
Go to cloud shell and run the following command:
|
|
|
|
```bash
|
|
gcloud compute instances create $INSTANCE_NAME \
|
|
--network nucleus-vpc \
|
|
--zone $ZONE \
|
|
--machine-type e2-micro \
|
|
--image-family debian-10 \
|
|
--image-project debian-cloud
|
|
```
|
|
|
|
### Task 2. Create a Kubernetes service cluster
|
|
|
|
Go to cloud shell and run the following command:
|
|
|
|
```bash
|
|
gcloud container clusters create nucleus-backend \
|
|
--num-nodes 1 \
|
|
--network nucleus-vpc \
|
|
--zone $ZONE
|
|
|
|
gcloud container clusters get-credentials nucleus-backend \
|
|
--zone $ZONE
|
|
```
|
|
|
|
- Use the Docker container hello-app (`gcr.io/google-samples/hello-app:2.0`) as place holder.
|
|
|
|
```bash
|
|
kubectl create deployment hello-server \
|
|
--image=gcr.io/google-samples/hello-app:2.0
|
|
```
|
|
|
|
- Expose the app on port `APP_PORT_NUMBER`.
|
|
|
|
```bash
|
|
kubectl expose deployment hello-server \
|
|
--type=LoadBalancer \
|
|
--port $PORT
|
|
```
|
|
|
|
### Task 3. Set up an HTTP load balancer
|
|
|
|
1. Create startup-script.
|
|
|
|
```bash
|
|
cat << EOF > startup.sh
|
|
#! /bin/bash
|
|
apt-get update
|
|
apt-get install -y nginx
|
|
service nginx start
|
|
sed -i -- 's/nginx/Google Cloud Platform - '"\$HOSTNAME"'/' /var/www/html/index.nginx-debian.html
|
|
EOF
|
|
```
|
|
|
|
2. Create instance template.
|
|
|
|
```bash
|
|
gcloud compute instance-templates create web-server-template \
|
|
--metadata-from-file startup-script=startup.sh \
|
|
--network nucleus-vpc \
|
|
--machine-type g1-small \
|
|
--region $ZONE
|
|
```
|
|
|
|
3. Create target pool.
|
|
|
|
```bash
|
|
gcloud compute target-pools create nginx-pool --region=$REGION
|
|
```
|
|
|
|
4. Create managed instance group.
|
|
|
|
```bash
|
|
gcloud compute instance-groups managed create web-server-group \
|
|
--base-instance-name web-server \
|
|
--size 2 \
|
|
--template web-server-template \
|
|
--region $REGION
|
|
```
|
|
|
|
5. Create firewall rule named as `FIREWALL_RULE` to allow traffic (80/tcp).
|
|
|
|
```bash
|
|
gcloud compute firewall-rules create $FIREWALL_NAME \
|
|
--allow tcp:80 \
|
|
--network nucleus-vpc
|
|
```
|
|
|
|
6. Create health check.
|
|
|
|
```bash
|
|
gcloud compute http-health-checks create http-basic-check
|
|
gcloud compute instance-groups managed \
|
|
set-named-ports web-server-group \
|
|
--named-ports http:80 \
|
|
--region $REGION
|
|
```
|
|
|
|
7. Create backend service, and attach the managed instance group with named port (http:80).
|
|
|
|
```bash
|
|
gcloud compute backend-services create web-server-backend \
|
|
--protocol HTTP \
|
|
--http-health-checks http-basic-check \
|
|
--global
|
|
|
|
gcloud compute backend-services add-backend web-server-backend \
|
|
--instance-group web-server-group \
|
|
--instance-group-region $REGION \
|
|
--global
|
|
```
|
|
|
|
8. Create URL map and target the HTTP proxy to route requests to your URL map.
|
|
|
|
```bash
|
|
gcloud compute url-maps create web-server-map \
|
|
--default-service web-server-backend
|
|
|
|
gcloud compute target-http-proxies create http-lb-proxy \
|
|
--url-map web-server-map
|
|
```
|
|
|
|
9. Create forwarding rule.
|
|
|
|
```bash
|
|
gcloud compute forwarding-rules create http-content-rule \
|
|
--global \
|
|
--target-http-proxy http-lb-proxy \
|
|
--ports 80
|
|
|
|
gcloud compute forwarding-rules create $FIREWALL_NAME \
|
|
--global \
|
|
--target-http-proxy http-lb-proxy \
|
|
--ports 80
|
|
gcloud compute forwarding-rules list
|
|
```
|
|
|
|
> **Note**: Just wait for the load balancer to finish setting up. It may take a few minutes. If you get an error checkmark, wait a few moments and try again.
|
|
|
|
10. Testing traffic sent to your instances. (**Optional**)
|
|
|
|
- In the **Cloud Console**, click the **Navigation menu** > **Network services** > **Load balancing**.
|
|
- Click on the load balancer that you just created (`web-server-map`).
|
|
- In the **Backend** section, click on the name of the backend and confirm that the VMs are **Healthy**. If they are not healthy, wait a few moments and try reloading the page.
|
|
- When the VMs are healthy, test the load balancer using a web browser, going to `http://IP_ADDRESS/`, replacing `IP_ADDRESS` with the load balancer's IP address.
|
|
|
|
## Congratulations!
|
|
|
|
![Congratulations Badge](https://cdn.qwiklabs.com/%2FaI3EMiHeGZc46u89ueTTAEgmRSGj5krSwhpzllr88w%3D#center)
|