GSP-302 : Configure a Firewall and a Startup Script with Deployment Manager
Overview
Do the following steps:
1mkdir deployment_manager
2cd deployment_manager
3gsutil cp gs://spls/gsp302/* .
4
5nano qwiklabs.jinja
Delete all the content of qwiklabs.jinja and paste
1resources:
2- type: compute.v1.instance
3 name: vm-test
4 properties:
5 zone: {{ properties["zone"] }}
6 machineType: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/zones/{{ properties["zone"] }}/machineTypes/f1-micro
7 # For examples on how to use startup scripts on an instance, see:
8 # https://cloud.google.com/compute/docs/startupscript
9 disks:
10 - deviceName: boot
11 type: PERSISTENT
12 boot: true
13 autoDelete: true
14 initializeParams:
15 diskName: disk-{{ env["deployment"] }}
16 sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
17 networkInterfaces:
18 - network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
19 # Access Config required to give the instance a public IP address
20 accessConfigs:
21 - name: External NAT
22 type: ONE_TO_ONE_NAT
23 tags:
24 items:
25 - http
26 metadata:
27 items:
28 - key: startup-script
29 value: |
30 #!/bin/bash
31 apt-get update
32 apt-get install -y apache2
33- type: compute.v1.firewall
34 name: default-allow-http
35 properties:
36 network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
37 targetTags:
38 - http
39 allowed:
40 - IPProtocol: tcp
41 ports:
42 - '80'
43 sourceRanges:
44 - 0.0.0.0/0
To save press, ctrl + o -> Enter -> ctrl + x
1nano qwiklabs.yaml
Delete the content of qwiklabs.yaml and paste
1imports:
2- path: qwiklabs.jinja
3
4resources:
5- name: qwiklabs
6 type: qwiklabs.jinja
7 properties:
8 zone: us-central1-a
1gcloud deployment-manager deployments create test --config=qwiklabs.yaml
Congratulations, you're all done with the lab 😄