.. create_vm: Create VM ========= 1. Create a VM -------------- Get the latest Debian image, here for version 12: .. code:: gcloud compute images list --project debian-cloud --filter="family:debian" --sort-by=~creationTimestamp --limit=1 --format="value(name)" Result is the `IMAGE_NAME`. Create a VM named "logistics_dev_01" with the selected parameter: .. code:: gcloud compute instances create logistics-develop-01 \ --image-project debian-cloud \ --image IMAGE_NAME \ --machine-type e2-small \ --zone us-west1-b \ --boot-disk-size 20GB \ --boot-disk-type pd-ssd | 2. Describe a VM ---------------- Describe the VM "logistics_dev_01": .. code:: gcloud compute instances describe logistics-develop-01 --zone=us-west1-b | 3. Firewall Rules ----------------- Create a firewall rule per terminal using \`gcloud compute: .. code:: gcloud compute firewall-rules create twisted-allow-http-7080 \ --direction=INGRESS \ --action=allow \ --rules=tcp:7080 \ --source-ranges=0.0.0.0/0 The parameter: - ``firewall-rules create rule-name``: This part creates a firewall rule with the specified name (``rule-name``). - ``--direction=INGRESS``: Specifies that the firewall rule applies to incoming traffic. - ``--action=allow``: Specifies that the rule allows traffic. - ``--rules=tcp:7080``: Specifies the protocol and port number. In this case, it allows TCP traffic on port 7080. - ``--source-ranges=0.0.0.0/0``: Specifies that the rule applies to traffic from all source IP addresses (``0.0.0.0/0``). This allows traffic from any IP address. Replace ``rule-name`` with a meaningful name for the firewall rule. List the firewall rules: .. code:: gcloud compute firewall-rules list All individual firewall rules: - calibre-allow-http-8081 - django-allow-http-8000 - fastapi-allow-http-8001 - django-smtp-allow-http-1025 - http-allow-http-80 - http-allow-https-443 - odoo-allow-http-8069 - postgres-allow-http-5432 - twisted-allow-http-7080 - twisted-allow-https-7443 | .. _chapter_activate_cloud_translation_api: 4. Activate Cloud Translation API --------------------------------- Activate the Cloud Translation API with ``gcloud`` command-line tool: .. code:: gcloud services enable translate.googleapis.com | .. _chapter_activate_cloud_vision_api: 5. Activate Cloud Vision API ---------------------------- Activate Cloud Vision API with ``gcloud`` command-line tool: .. code:: gcloud services enable vision.googleapis.com | .. _chapter_activate_google_drive_api: 6. Activate Google Drive API ---------------------------- The Google Drive API is part of the Google Workspace (formerly G Suite) suite of APIs. Enable it by enabling the "Drive API" service with ``gcloud`` command-line tool: .. code:: gcloud services enable drive.googleapis.com | 7. Activate Compute Engine API ------------------------------ Activate Compute Engine API using the ``gcloud`` command-line tool: .. code:: gcloud services enable compute.googleapis.com | 8. Create Service Account Key ----------------------------- Create and download a new Service Accounts Key for the project ``perfect-crow-461912-s6``: .. code:: gcloud iam service-accounts keys create ~/key.json \ --iam-account=my-service-account@perfect-crow-461912-s6.iam.gserviceaccount.com | 9. Logon with SSH ----------------- Create a new SSH key pair, without a passphrase .. code:: sudo ssh-keygen -t rsa -f ~/.ssh/google_compute_engine -C Friedrich -b 2048 Add the SSH private key to the ssh-agent and store the passphrase in the ``macOS`` keychain .. code:: ssh-add --apple-use-keychain ~/.ssh/google_compute_engine Create config-ssh key .. code:: gcloud compute config-ssh Use ``ssh/scp`` with the corresponding instances, for example: .. code:: ssh logistics-develop-01.us-west1-b.logistics-418508 The Apple Script `Script VM SSH keys `_ does these steps automatically.