How do I create an instance template that would create empty disks in the instances? It seems the source attribute is required for the disks while creating instance template.
- name: {{ TEMPLATE_NAME }}
type: compute.v1.instanceTemplate
properties:
properties:
machineType: {{ properties["machine_type"] }}
canIpForward: False
networkInterfaces:
- network: "projects/mapreng-1/global/networks/{{ VPC }}"
#No internet access if this is not specified
accessConfigs:
- name: External NAT
type: ONE_TO_ONE_NAT
disks:
- deviceName: boot
type: PERSISTENT
boot: true
autoDelete: true
initializeParams:
sourceImage: https://www.googleapis.com/compute/v1/projects/{{ PROJECT }}/global/images/{{ IMAGE }}
- deviceName: dev1
type: SCRATCH
autoDelete: true
initializeParams:
diskType: pd-ssd
diskSizeGb: 20
This fails at runtime with " Source image must be specified"
I think the point of instance templates is that they allow you to easily create many machines that all look the same when they boot by using disk images. How are you thinking of using instances that don't actually boot because they don't have an OS on disk?
Related
I'm carrying out the lab of the GCP platform "Configure a Firewall and a Startup Script with Deployment Manager", i changed the qwicklabs.jinja for this code:
resources:
- name: default-allow-http
type: compute.v1.firewall
properties:
targetTags: ["http"]
sourceRanges: ["0.0.0.0/0"]
allowed:
- IPProtocol: TCP
ports: ["80"]
- type: compute.v1.instance
name: vm-test
properties:
zone: {{ properties["zone"] }}
machineType: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/zones/{{ properties["zone"] }}/machineTypes/f1-micro
# For examples on how to use startup scripts on an instance, see:
# https://cloud.google.com/compute/docs/startupscript
tags:
items: ["http"]
metadata:
items:
- key: startup-script
value: "apt-get update \n apt-get install -y apache2"
disks:
- deviceName: boot
type: PERSISTENT
boot: true
autoDelete: true
initializeParams:
diskName: disk-{{ env["deployment"] }}
sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
networkInterfaces:
- network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
# Access Config required to give the instance a public IP address
accessConfigs:
- name: External NAT
type: ONE_TO_ONE_NAT
The VM and Disk are made succesfully but i can't complete the last task "Check that Deployment manager includes startup script and firewall resource" because i have problems making the firewall rule an this appear:
ERROR: (gcloud.deployment-manager.deployments.create) Error in Operation [operation-1598852175371-5a
e25c7f61bda-1c55c951-22ca1242]: errors:
- code: RESOURCE_ERROR
location: /deployments/deployment-templates/resources/http-firewall-rule
message: '{"ResourceType":"compute.v1.firewall","ResourceErrorCode":"400","ResourceErrorMessage":{
"code":400,"message":"Request
contains an invalid argument.","status":"INVALID_ARGUMENT","statusMessage":"Bad
Request","requestPath":"https://compute.googleapis.com/compute/v1/projects/qwiklabs-gcp-01-888e7
df2843f/global/firewalls","httpMethod":"POST"}}'
Could someone help me pls? I have to finish this lab!
Your file was giving me for some reason "invalid format" error so I created a new Deployment Manager config file; took VM template from here, added your external IP configuration and also firewall rule part (without any changes).
My yaml file looks like this (I didn't use any variables though).
resources:
- name: vm-created-by-deployment-manager
type: compute.v1.instance
properties:
zone: us-central1-a
machineType: zones/us-central1-a/machineTypes/n1-standard-1
tags:
items: ["http"]
metadata:
items:
- key: startup-script
value: "apt-get update \n apt-get install -y apache2"
disks:
- deviceName: boot
type: PERSISTENT
boot: true
autoDelete: true
initializeParams:
sourceImage: projects/debian-cloud/global/images/family/debian-9
networkInterfaces:
- network: global/networks/default
accessConfigs:
- name: External NAT
type: ONE_TO_ONE_NAT
- name: default-allow-http3
type: compute.v1.firewall
properties:
targetTags: ["http"]
sourceRanges: ["0.0.0.0/0"]
allowed:
- IPProtocol: TCP
ports: ["80"]
When I ran the file everything worked as intended:
wbogacz#cloudshell:~/fire (wojtek)$ gcloud deployment-manager deployments create test1 --config dm1.yaml
The fingerprint of the deployment is b'n63E-AtErTCKtWOvktfUsA=='
Waiting for create [operation-1599036146720-5ae5-----99-2a45880e-addbce89]...done.
Create operation operation-1599036146720-5ae-----99-2a45880e-addbce89 completed successfully.
NAME TYPE STATE ERRORS INTENT
default-allow-http3 compute.v1.firewall COMPLETED []
vm-created-by-deployment-manager compute.v1.instance COMPLETED []
At the end I logged in via SSH to the VM and verified that the startup script was executed - and again success.
I have tried creating a firewall rule with sourceTags and have my VM tagged with http. But it still does not allow HTTP traffic. Why is that?
resources:
- type: compute.v1.instance
name: vm-test
properties:
zone: {{ properties["zone"] }}
machineType: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/zones/{{ properties["zone"] }}/machineTypes/f1-micro
# For examples on how to use startup scripts on an instance, see:
# https://cloud.google.com/compute/docs/startupscript
disks:
- deviceName: boot
type: PERSISTENT
boot: true
autoDelete: true
initializeParams:
diskName: disk-{{ env["deployment"] }}
sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
networkInterfaces:
- network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
# Access Config required to give the instance a public IP address
accessConfigs:
- name: External NAT
type: ONE_TO_ONE_NAT
metadata:
items:
- key: startup-script
value: |
#!/bin/bash
apt-get update
apt-get install -y apache2
tags:
items:
- http
Tag has to be the same as the network tag attached. The default ones are "http-server" or "https-server", so the script should have that present like this:
tags
items
- http-server
- https-server
Bear in mind also to properly configure firewall rule and check that http server is running and listening on that port.
You need to add the firewall section there as well. Here is the one which is working for me:
resources:
- type: compute.v1.firewall
name: tcp-firewall-rule
properties:
network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
sourceRanges: ["0.0.0.0/0"]
targetTags: ["http","http-server"]
allowed:
- IPProtocol: TCP
ports: ["80"]
- type: compute.v1.instance
name: vm-test
properties:
zone: {{ properties['zone'] }}
machineType: https://www.googleapis.com/compute/v1/projects/{{ env['project'] }}/zones/{{ properties['zone'] }}/machineTypes/f1-micro
tags:
items: ["http","http-server"]
metadata:
items:
# For more ways to use startup scripts on an instance, see:
# https://cloud.google.com/compute/docs/startupscript
- key: startup-script
value: |
#!/bin/bash
apt-get update
apt-get install -y apache2
disks:
- deviceName: boot
type: PERSISTENT
boot: true
autoDelete: true
initializeParams:
diskName: disk-{{ env["deployment"] }}
sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
networkInterfaces:
- network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
# Access Config required to give the instance a public IP address
accessConfigs:
- name: External NAT
type: ONE_TO_ONE_NAT
I am trying to deploy a Linux VM with tag "http" and creating firewall for allowing HTTP Port 80 access as tagged firewall "http". The VM is getting deployed but no external access is working for the VM. Also gave startup script for VM but its not working
resources:
- type: compute.v1.instance
name: vm-test
properties:
metadata:
items:
- key: startup-script-url
value: https://storage.googleapis.com/cf405bucket/install-web.sh
zone: {{ properties["zone"] }}
machineType: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/zones/{{ properties["zone"] }}/machineTypes/n1-standard-2
# For examples on how to use startup scripts on an instance, see:
# https://cloud.google.com/compute/docs/startupscript
tags:
items: ["http"]
disks:
- deviceName: boot
type: PERSISTENT
boot: true
autoDelete: true
initializeParams:
diskName: disk-{{ env["deployment"] }}
sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
networkInterfaces:
- network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
# Access Config required to give the instance a public IP address
accessConfigs:
- name: External NAT
type: ONE_TO_ONE_NAT
- type: compute.v1.firewall
name: default-allow-http
properties:
sourceRanges: ["0.0.0.0/0"]
network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
targetTags: ["http"]
allowed:
- IPProtocol: TCP
ports: ["80"]
Try SSH'ing into the deployment's created VM instance and run the command apache2 --version.
What happens? I assume you'll be told it isn't a recognised command or something...given it looks like the web server hasn't been installed for some reason. If so, perhaps try updating install-web.sh to include sudo before commands, i.e.,
#!/bin/bash
sudo apt-get update
sudo apt-get install -y apache2
Failing that, why not ditch the install-web.sh file altogether and just include the script in the config file directly (as there isn't much to it), e.g., something like:
metadata:
items:
- key: startup-script
value: |
#!/bin/bash
apt-get update
apt-get install -y apache2
"zone" is a required field when I try to create but it says in the documentation that it is "deprecated". This is kinda misleading. Then everytime I include "zone". It is the one followed; Let us say I put "asia-east2-a" then it will be a zonal where the master node is in asia-east2-a.
Below is my jinja template
resources:
- name: practice-gke-clusters
type: container.v1.cluster
properties:
zone: asia-east2-a
cluster:
name: practice-gke-clusters
location: asia-east2
network: $(ref.practice-gke-network.selfLink)
subnetwork: $(ref.practice-gke-network-subnet-1.selfLink)
nodePools:
- name: default-pool
config:
machineType: n1-standard-1
diskSizeGb: 10
diskType: pd-ssd
preemptible: True
oauthScopes:
- https://www.googleapis.com/auth/compute
- https://www.googleapis.com/auth/devstorage.read_only
- https://www.googleapis.com/auth/logging.write
- https://www.googleapis.com/auth/monitoring
initialNodeCount: 1
autoscaling:
enabled: True
minNodeCount: 1
maxNodeCount: 100
management:
autoUpgrade: False
autoRepair: True
loggingService: logging.googleapis.com
monitoringService: monitoring.googleapis.com
Currently v1 API does not support the creation of regional clusters. However you can use v1beta1 API which supports this feature and use the following resource type:
type: gcp-types/container-v1beta1:projects.locations.clusters
Rather than using the 'zone' or 'region' key in the YAML, you would instead use a parent property that includes locations.
So your YAML would look something like this (replace PROJECT_ID and REGION with your own).
resources:
- type: gcp-types/container-v1beta1:projects.locations.clusters # previously container.v1.clusters
name: source-cluster
properties:
parent: projects/PROJECT_ID/locations/REGION
cluster:
name: source
initialNodeCount: 3
I am try to creat a compute instance using Googles deployment manager. It has shall get two disk, one based on a boot image and a second that shall be blank. The blank disk will later on be formated and mounted correctly by salt stack. Deployment manager complains with "Source image must be specified." How do I create a second blank disk for a compute instance using deployment manager?
My compute-instance.jinja:
resources:
- type: compute.v1.instance
name: {{ env["deployment"] }}-{{ env["name"] }}
properties:
zone: europe-west1-c
machineType: zones/europe-west1-c/machineTypes/n1-standard-1
disks:
- deviceName: {{ env["deployment"] }}-{{ env["name"] }}
type: PERSISTENT
boot: true
autoDelete: true
initializeParams:
sourceImage: global/images/XXXXXXX
- deviceName: {{ env["deployment"] }}-{{ env["name"] }}-data
type: PERSISTENT
boot: false
autoDelete: true
initializeParams:
diskSizeGb: {{ properties["size"] }}
networkInterfaces:
- network: global/networks/default
accessConfigs:
- name: External NAT
type: ONE_TO_ONE_NAT
Solved by creating a separate resource for the disk using:
- type: compute.v1.disk
name: {{ env["deployment"] }}-{{ env["name"] }}-1-data
properties:
sizeGb: {{ properties["size"] }}
zone: europe-west1-c
Then refer to it from the compute-instance:
- deviceName: {{ env["deployment"] }}-{{ env["name"] }}-1-data
boot: false
autoDelete: true
source: $(ref.{{ env["deployment"] }}-{{ env["name"] }}-1-data.selfLink)
If you must supply the source image, you can create an image of an empty disk.
The downside of this, is that you will start paying (not much tough) for 10gb of image storage when your actually storing nothing.
gcloud compute disks create emptydisk --size 10GB
gcloud compute images create empty-disk-image --source-disk emptydisk
And then use it as the source image
- deviceName: {{ env["deployment"] }}-{{ env["name"] }}-data
type: PERSISTENT
boot: false
autoDelete: true
initializeParams:
sourceImage: projects/your-project-id/global/images/empty-disk-image
diskSizeGb: {{ properties["size"] }}