[ About | Licence | Contacts ]
Written by Oleksandr Gavenko (AKA gavenkoa), compiled on 2024-04-01 from rev 052223c22317.

Google Cloud

Essential documentation

https://cloud.google.com/iam/docs/understanding-roles
List of Predefined roles with Permissions.

gcloud filter syntax

All gcloud sub-commands list support --filter flag to select desired items. Read the docs:

gcloud topic filters

or:

https://cloud.google.com/sdk/gcloud/reference/topic/filters
gcloud topic filters

Examples:

gcloud compute instances list --filter='name~^stage-' --format='get(name)'
gcloud scheduler jobs list --filter='name~/stage-' --format='get(name)'

Load balancer

https://cloud.google.com/load-balancing/docs/https/traffic-management
Traffic management overview for external HTTP(S) load balancers.
https://cloud.google.com/compute/docs/reference/rest/v1/urlMaps
URL map API.
https://cloud.google.com/compute/docs/reference/rest/v1/regionUrlMaps
URL map API.
https://cloud.google.com/load-balancing/docs/l7-internal/traffic-management
Traffic management overview for internal HTTP(S) load balancers.

Health check

List health checks:

gcloud compute health-checks list --format=yaml

In order for LB to function you need to define health checks. They run outside of intranet so firewall rules have to be applied to VMs for checks to succeed:

gcloud compute firewall-rules create fw-allow-health-check \
  --network=default \
  --action=allow \
  --direction=ingress \
  --source-ranges=130.211.0.0/22,35.191.0.0/16 \
  --target-tags=allow-health-check \
  --rules=tcp:80
https://cloud.google.com/load-balancing/docs/health-checks
Creating health checks & magical subnets for FW rules.

SSL certificates

To view status and error details run:

gcloud beta compute ssl-certificates describe $NAME
gcloud beta compute ssl-certificates list --format=yaml

and check codes against:

https://cloud.google.com/load-balancing/docs/ssl-certificates/troubleshooting
Troubleshooting SSL certificates. Error codes description.

To set manages sertificate follow instructions:

https://cloud.google.com/load-balancing/docs/ssl-certificates/self-managed-certs
Using self-managed SSL certificates.