Google Cloud Platform VM Creation and Management Tutorial

Creating a virtual machine (VM) in Google Cloud Platform (GCP) is a straightforward process. You can create a VM from the GCP console or using the gcloud command-line tool.

To create a VM from the console, navigate to the VM instances page and click on the "Create" button. This will take you to the creation wizard where you can select the machine type, configure the boot disk, and set up network interfaces.

You can choose from a variety of machine types, including n1-standard-1 and n1-standard-8, each with different CPU and memory configurations. For example, the n1-standard-1 machine type has 1 CPU and 3.75 GB of memory.

Once you've selected the machine type, you can configure the boot disk, which is the primary hard drive for your VM. You can choose from a variety of operating systems, including Ubuntu and Windows Server 2019.

To set up Compute Engine in GCP, you need to choose the project where you want to create the VM and enable the Compute Engine API. This can be done by going to the GCP console, selecting the project, and enabling the Compute Engine API.

To enable the Compute Engine API, go to the GCP console, choose API and services, select Library, then Compute, and finally enable the Compute Engine API. Alternatively, you can enable it by going to the project settings and selecting the API and services tab.

Before creating your VM, make sure to enable the Compute Engine API on your specified project in GCP.

To enable Compute Engine in GCP, you need to choose the project where you want to create the VM.

First, select the project where you want to create your VM in GCP. This is the project where your VM will be hosted and managed.

Next, enable the compute engine API on your GCP console. You can do this by going to API and services → Library → Compute → Compute Engine API → Enable API. Alternatively, you can enable this API by following the screenshot shown below.

To set up Compute Engine, you need to have a Google Cloud account. You can create one by visiting https://console.cloud.google.com/. Also, you should have enough permission to create a virtual machine and work with it on the GCP console as the system administrator or DevOps administrator.

To use Google Compute Engine, you need to have an existing project or create a new one. Google Compute Engine requires billing to be enabled for the project you use. You need to set up a new billing account and set up your billing profile by setting up your company profile, payment method, and enabling the billing profile.

You should also be aware that by default, all incoming traffic from outside a network is blocked. You can enable or disable HTTP or HTTPS traffic depending on your policy or requirement. This is important to consider when setting up your firewall rules.

Here is a list of prerequisites to create a VM on GCP:

Creating an instance on Google Cloud Platform is a straightforward process. You can choose to create a new instance from scratch or use an existing template.

To create a new instance, you can follow the steps outlined in the Compute Engine section of the GCP Console. This will take you to a VM instance creation page where you have four options: New VM Instance, New VM Instance from template, New VM Instance from machine image, and New VM Instance from the Marketplace.

Here are the four options:

For this example, we will choose the option New VM Instance. On expanding the New VM Instance page, you will be asked to provide details such as Name, Machine Configuration, CPU configuration, Firewall, Security, Disk, and Storage configuration.

One important service to consider is Confidential VM, which adds protection to your data in use by keeping the memory of this VM encrypted with keys that Google doesn’t have access to. This service is bound to a particular series of machine types, regions, and zones.

To connect to your newly created VM, you can use the Remote access section, where you can see various methods to connect your VM. Since the created machine is a Linux-based VM, you can select the option “Open in a browser window” to open a new browser window.

You can also connect to your VM instance using the SSH key, which can be found on the VM instance details page.

Networking and Security is a crucial aspect of Google Cloud Platform VMs. Each network interface of a Compute Engine instance is associated with a subnet of a unique VPC network.

You can create multiple networks in a project, but most users only need one. Each network can have multiple instances attached to it, and a network allows you to define a gateway IP and the network range for the instances attached to that network.

Firewall rules are essential to allow external access to ports 443 (HTTPS), 8888 (DIGITS), and any other ports that may be needed. You can set up firewall rules before launching an instance to avoid having to stop the instance later.

To set up firewall rules, log in to the Google Cloud Console, verify you are in the correct project, and click on VPC Network -> Firewall Rules. You can then create a new firewall rule and specify the ports you want to allow access to.

Here are some popular CDN providers that can help protect against DDoS attacks and provide performance and security features:

Setting up an SSH key is crucial for accessing your VM instance and the NGC container registry. You can either generate your own SSH keys or let Google Compute Engine generate one for you.

If you choose to generate your own SSH keys, you'll need to follow these steps: generate your own SSH keys and add them to the metadata for your project.

To add your SSH keys to the metadata, you'll need to follow the instructions in the Google Cloud documentation on Adding or Removing Project-Wide Public SSH Keys.

If you don't prepare your SSH keys before launching and connecting to your VM instance, you can still access the NGC container registry by adding yourself to the docker group after connecting to the instance.

To do this, you'll need to run the command `sudo usermod -aG docker $USER` and then restart the session.

Here are the steps to prepare your SSH keys:

If you don't have time to prepare your SSH keys before launching your VM instance, you can still access the NGC container registry, but you'll need to add yourself to the docker group after connecting to the instance.

A network defines the address range and gateway address of all instances connected to it, allowing instances to communicate with each other, other networks, and the outside world.

Each instance belongs to a single network, and any communication between instances in different networks must be through a public IP address. A Cloud Platform Console project can contain multiple networks, and each network can have multiple instances attached to it.

By default, every project is provided with a default network with preset configurations and firewall rules. Users can choose to customize the default network by adding or removing rules, or they can create new networks in that project. Generally, most users only need one network, although there can be up to five networks per project by default.

A network belongs to only one project, and each instance can only belong to one network. All Compute Engine networks use the IPv4 protocol, and Compute Engine currently does not support IPv6.

Here are some key facts about networks:

An ephemeral external IP address is automatically assigned to an instance by default. This address is attached to the instance for its entire life and is released once the instance has been terminated.

GCE provides a mechanism to reserve and attach static IPs to VMs. This allows for more control and flexibility in managing IP addresses.

An ephemeral IP address can be promoted to a static IP address. This is a useful feature for instances that need a permanent IP address.

Google Compute Engine offers a routing table to manage how traffic destined for a certain IP range should be routed.

This routing table is similar to a physical router in the local area network, comparing all outbound traffic to the routes table and forwarding the packet if it matches any rules.

All outbound traffic is compared to the routes table, ensuring that traffic is routed correctly based on the rules set in the table.

This helps prevent traffic from being misrouted or lost, keeping your network running smoothly and efficiently.

When working with Google Cloud resources, it's essential to understand their scope. Resources in GCE can be global, regional, or zonal, and each has its own set of implications.

Global resources are accessible from all regions and zones, making them incredibly convenient. For instance, images are a global resource, allowing users to launch a VM in any region based on a global image.

Some resources are inherently global, such as images, snapshots, networks, firewalls, and routes. These resources are implicitly available across all regions and zones, eliminating the need for exporting and importing between regions.

Here's a summary of the scope of GCE resources:

Understanding the scope of resources can help you plan and manage your infrastructure more efficiently.

Google Cloud Platform VMs offer a range of storage options to suit different needs. Persistent SSD Disks are recommended for Compute Engine storage, and a minimum of 1 TB of storage is recommended for storing deep learning datasets.

Persistent disks are independent of the virtual machines and outlive an instance's lifespan. Each persistent disk can be up to 10 TB in size, and Google Compute Engine encrypts the persistent disks with AES-128-CB encryption.

You can attach up to 16 independent persistent disks to most instances, but be mindful of the total persistent disk space limit, which is up to 64 TB on most instances. Here's a summary of the storage options:

Virtual data storage is a crucial aspect of Google Cloud Platform (GCP) services. You can store data on persistent disks, which are independent of virtual machines and outlive an instance's lifespan.

Persistent disks can be used as raw block devices and provide straightforward, consistent, and reliable storage at a consistent price. This removes the need for a separate local ephemeral disk. Each persistent disk can be up to 10 TB in size.

GCP recommends using Persistent SSD Disks for Compute Engine storage, especially for storing deep learning datasets. A minimum of 1 TB of storage is recommended, but a larger disk or software RAID can be used for maximum performance.

You can attach multiple persistent disks to an instance, but each instance can only attach a limited amount of total persistent disk space, up to 64 TB on most instances. Additionally, you can replicate regional persistent disks between two zones in a region for higher availability.

Here's a breakdown of the pricing for persistent disks:

Encryption is always enabled and transparent to GCP users, with AES-128-CB encryption applied before data leaves the virtual machine monitor and hits the disk.

Images play a crucial role in Google Compute Engine, and understanding them is essential for efficient storage and performance.

You can select an image while creating an instance or during the creation of a root persistent disk. This image contains the operating system and root file system necessary for starting an instance.

Google Compute Engine provides CentOS and Debian images as standard Linux images, making it easy to get started with Linux-based instances.

Red Hat Enterprise Linux (RHEL) and Microsoft Windows Server 2008 R2 images are also available, but they come at an additional fee, which might be worth it for specific use cases.

Container Linux, a lightweight Linux OS based on ChromiumOS, is also supported on Google Compute Engine, offering a unique option for developers.

Here are some standard Linux images provided by Google Compute Engine:

Note that images and disk snapshots belong to the global scope, making them implicitly available across all regions and zones of Google Cloud Platform. This eliminates the need for exporting and importing images and snapshots between regions.

Google Cloud Platform VMs have a unique billing and pricing model that's worth understanding.

You'll be charged for a minimum of 10 minutes, and then instances are billed in 1-minute increments, rounded up to the nearest minute.

The sustained usage based pricing model is a game-changer, as it credits discounts to customers based on their monthly utilization.

If you use an instance for 50% of the month, you'll get a 10% discount over the on-demand prices.

If you're running an instance for 75% of the month, you'll get a 20% discount over the on-demand prices.

And if you're using an instance for the entire month, you'll get a 30% discount over the on-demand prices.

Here's a breakdown of the sustained use discounts:

Google Cloud Platform VMs can be deployed in various regions, which are essentially geographic locations of Google's infrastructure facilities. As of June 1, 2014, Google Compute Engine was available in central US, Western Europe, and Asia East regions.

You can choose to deploy your resources in one of these regions based on your specific requirements. Google recommends deploying applications across multiple zones in a region for high availability.

A zone is an isolated location within a region, with high-bandwidth, low-latency network connections to other zones in the same region. This allows for fault-tolerant applications that can withstand unexpected failures.

Google recommends deploying applications across multiple zones in a region to protect against unexpected failures. As of August 5, 2014, there are eight zones, with three each in central US and Asia East regions, and two zones in Western Europe region.

By deploying across multiple zones, you can ensure high availability and minimize the impact of a single zone failure.

To create and manage instances, you can use a variety of tools, including the Google Cloud console, the gcloud command-line tool, and the REST API.

The Google Cloud console is a great place to start, as it provides a user-friendly interface for creating and managing instances. You can use it to configure applications on your instances.

A disk resource functions as data storage for the virtual machine, similar to a physical hard drive, and a network resource helps regulate traffic to and from the instances. This is especially important when managing instances, as it ensures that your data is safe and secure.

Resources play a crucial role in Compute Engine, connecting various entities that will be part of the deployment. Each resource performs a different function.

A virtual machine instance launches an instance resource that uses other resources, such as disk resources, network resources, and image resources. For example, a disk resource functions as data storage for the virtual machine, similar to a physical hard drive.

Network resources help regulate traffic to and from the instances. This is especially important for instances launched in a specific zone that requires the zone specification as a part of all requests made to that instance.

The scope of resources in GCE is categorized into three planes: global, regional, and zonal. This is essential to understand when deploying resources.

Here's a summary of the scope of GCE resources:

Understanding the scope of resources is vital to ensure that resources are accessible and usable as expected. For instance, images are a global resource, making them accessible from all regions and zones.

You have a few options to manage your instances. You can use the Google Cloud console, the gcloud command-line tool, or the REST API to create and manage them.

The Google Cloud console is a web-based interface that provides a user-friendly way to manage your instances. I've found it to be a great starting point for beginners.

You can also use the gcloud command-line tool to manage your instances from the command line. This is a great option if you prefer working from the command line or need to automate tasks.

To configure applications on your instances, you'll need to connect to the instance using Secure Shell (SSH) for Linux instances or Remote Desktop Protocol (RDP) for Windows Server instances.

Here are some tools you can use to manage your instances:

Create an account to evaluate how Google Cloud performs in real-world scenarios, especially if you're new to the platform. New customers get $300 in free credits to run, test, and deploy workloads.

You can use these free credits to test Compute Engine in real-world scenarios. This will give you a chance to see how it performs in actual use.

Sign up for an account to get started and take advantage of the free credits.