Create VM

1. Create a VM

Get the latest Debian image, here for version 12:

gcloud compute images list --project debian-cloud --filter="family:debian" --sort-by=~creationTimestamp --limit=1 --format="value(name)"

Result is the IMAGE_NAME.

Create a VM named “logistics_dev_01” with the selected parameter:

gcloud compute instances create logistics-develop-01 \
    --image-project debian-cloud \
    --image IMAGE_NAME \
    --machine-type e2-small \
    --zone us-west1-b \
    --boot-disk-size 20GB \
    --boot-disk-type pd-ssd

2. Describe a VM

Describe the VM “logistics_dev_01”:

gcloud compute instances describe logistics-develop-01 --zone=us-west1-b

3. Firewall Rules

Create a firewall rule per terminal using `gcloud compute:

gcloud compute firewall-rules create twisted-allow-http-7080 \
  --direction=INGRESS \
  --action=allow \
  --rules=tcp:7080 \
  --source-ranges=0.0.0.0/0

The parameter:

  • firewall-rules create rule-name: This part creates a firewall rule with the specified name (rule-name).

  • --direction=INGRESS: Specifies that the firewall rule applies to incoming traffic.

  • --action=allow: Specifies that the rule allows traffic.

  • --rules=tcp:7080: Specifies the protocol and port number. In this case, it allows TCP traffic on port 7080.

  • --source-ranges=0.0.0.0/0: Specifies that the rule applies to traffic from all source IP addresses (0.0.0.0/0). This allows traffic from any IP address.

Replace rule-name with a meaningful name for the firewall rule.

List the firewall rules:

gcloud compute firewall-rules list

All individual firewall rules:

  • calibre-allow-http-8081

  • django-allow-http-8000

  • fastapi-allow-http-8001

  • django-smtp-allow-http-1025

  • http-allow-http-80

  • http-allow-https-443

  • odoo-allow-http-8069

  • postgres-allow-http-5432

  • twisted-allow-http-7080

  • twisted-allow-https-7443


4. Activate Cloud Translation API

Activate the Cloud Translation API with gcloud command-line tool:

gcloud services enable translate.googleapis.com

5. Activate Cloud Vision API

Activate Cloud Vision API with gcloud command-line tool:

gcloud services enable vision.googleapis.com

6. Activate Google Drive API

The Google Drive API is part of the Google Workspace (formerly G Suite) suite of APIs. Enable it by enabling the “Drive API” service with gcloud command-line tool:

gcloud services enable drive.googleapis.com

7. Activate Compute Engine API

Activate Compute Engine API using the gcloud command-line tool:

gcloud services enable compute.googleapis.com

8. Create Service Account Key

Create and download a new Service Accounts Key for the project perfect-crow-461912-s6:

gcloud iam service-accounts keys create ~/key.json \
   --iam-account=my-service-account@perfect-crow-461912-s6.iam.gserviceaccount.com

9. Logon with SSH

Create a new SSH key pair, without a passphrase

sudo ssh-keygen -t rsa -f ~/.ssh/google_compute_engine -C Friedrich -b 2048

Add the SSH private key to the ssh-agent and store the passphrase in the macOS keychain

ssh-add --apple-use-keychain ~/.ssh/google_compute_engine

Create config-ssh key

gcloud compute config-ssh

Use ssh/scp with the corresponding instances, for example:

ssh logistics-develop-01.us-west1-b.logistics-418508

The Apple Script Script VM SSH keys does these steps automatically.