# git clone https://github.com/hali-linux/azure_set.git
# terraform init
# terraform plan
# terraform apply
# terraform output -raw tls_private_key > azure-key.pem
# terraform output public_ip_address
# ssh -i azure-key.pem azureuser@
GCP
# mkdir gcp_cli && cd $_
# tee -a /etc/yum.repos.d/google-cloud-sdk.repo << EOM
[google-cloud-cli]
name=Google Cloud CLI
baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el8-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOM
# yum install -y google-cloud-cli
# gcloud --version
# gcloud init --console-only
Created [https://www.googleapis.com/compute/v1/projects/gcp-hyejin2022/global/networks/new-vpc].
NAME SUBNET_MODE BGP_ROUTING_MODE IPV4_RANGE GATEWAY_IPV4
new-vpc AUTO REGIONAL
Instances on this network will not be reachable until firewall rules
are created. As an example, you can allow all internal traffic between
instances as well as SSH, RDP, and ICMP by running:
$ gcloud compute firewall-rules create <FIREWALL_NAME> --network new-vpc --allow tcp,udp,icmp --source-ranges <IP_RANGE>
$ gcloud compute firewall-rules create <FIREWALL_NAME> --network new-vpc --allow tcp:22,tcp:3389,icmp
[root@localhost gcp_cli]# gcloud compute networks list
NAME SUBNET_MODE BGP_ROUTING_MODE IPV4_RANGE GATEWAY_IPV4
default AUTO REGIONAL
my-vpc CUSTOM REGIONAL
new-vpc AUTO REGIONAL
# gcloud compute firewall-rules create new-vpc-allow-ssh --allow=tcp:22 --description="Allow incoming traffic on TCP port 22" --direction=INGRESS --network=new-vpc --source-ranges 112.221.225.165/32
# gcloud compute firewall-rules create new-vpc-allow-http --allow=tcp:80 --description="Allow incoming traffic on TCP port 80" --direction=INGRESS --network=new-vpc --source-ranges 0.0.0.0/0
# gcloud compute images list
# gcloud compute images describe centos-7-v20220621 \
--project=centos-cloud
# gcloud compute machine-types list --filter="zone:( asia-northeast3-a )"
# vi httpd-gcp.txt
#!/bin/bash
yum install -y httpd
systemctl enable --now httpd
echo "Hello GCP CLI" > /var/www/html/index.html
# gcloud compute instances create web01 \
--image=centos-7-v20220621 \
--image-project=centos-cloud \
--machine-type=e2-micro \
--network=new-vpc \
--subnet=new-subnet \
--tags http-server,https-server \
--zone=asia-northeast3-a \
--metadata-from-file=startup-script=httpd-gcp.txt
Created [https://www.googleapis.com/compute/v1/projects/gcp-hyejin2022/zones/asia-northeast3-a/instances/web01].
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
web01 asia-northeast3-a e2-micro 192.168.0.2 34.64.239.69 RUNNING
[root@localhost gcp_cli]# curl 34.64.239.69
Hello GCP CLI
# ssh-keygen -t rsa -f /root/.ssh/hyejin -C hyejin -b 2048
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/hyejin.
Your public key has been saved in /root/.ssh/hyejin.pub.
The key fingerprint is:
SHA256:6/h8x/lq3JsItKv7rFkWeZNUT3o9ME2qFJkTI2E1Eyg hyejin
The key's randomart image is:
+---[RSA 2048]----+
| ++O=o+..|
| E...+=.+=.|
| . .o...+|
| .o.. ..|
| S +.+ |
| o + . |
| . =o o |
| + =.o*... |
| ..O*+ooo+. |
+----[SHA256]-----+
[root@localhost gcp_cli]# ssh -i /root/.ssh/hyejin hyejin@34.64.239.69
key_load_public: invalid format
The authenticity of host '34.64.239.69 (34.64.239.69)' can't be established.
ECDSA key fingerprint is SHA256:PPw1yOFdXYwqlWhaw5cy3ZD1KfMgKnc/IA9ABupL3fw.
ECDSA key fingerprint is MD5:72:b6:67:d4:11:5f:ed:49:f0:c9:57:eb:ff:ae:75:d1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '34.64.239.69' (ECDSA) to the list of known hosts.
[hyejin@web01 ~]$
# gcloud compute instances describe web01
# curl 34.64.239.69
# ssh -i /root/.ssh/hyejin hyejin@34.64.239.69
# gcloud compute instances delete web01
# gcloud compute firewall-rules list
# gcloud compute firewall-rules delete new-vpc-allow-http
# gcloud compute firewall-rules delete new-vpc-allow-ssh
# gcloud compute networks subnets delete new-subnet
# gcloud compute networks delete new-vpc
