init commit

.gitignore

@@ -0,0 +1,124 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+pip-wheel-metadata/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+.hypothesis/
+.pytest_cache/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+.python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# celery beat schedule file
+celerybeat-schedule
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/

README.md

@@ -0,0 +1,9 @@
+## Objective
+I am interested to build labs for GCP so that I can dive deeper, share the experience with others. 
+
+While Terraform works well to declare infrastructure state in HCL, the bash script with `gcloud` from SDK is great and indenspenable to learn natively.  
+
+## Format
+Ideally each lab should have at least:
+* `create.sh` to create all the resources
+* `cleanup.sh` to clean up all the resources

cloudrun/Dockerfile

@@ -0,0 +1,24 @@
+# Use the offical Golang image to create a build artifact.
+# This is based on Debian and sets the GOPATH to /go.
+# https://hub.docker.com/_/golang
+FROM golang:1.12 as builder
+
+# Copy local code to the container image.
+WORKDIR /go/src/github.com/knative/docs/helloworld
+COPY . .
+
+# Build the command inside the container.
+# (You may fetch or manage dependencies here,
+# either manually or with a tool like "godep".)
+RUN CGO_ENABLED=0 GOOS=linux go build -v -o helloworld
+
+# Use a Docker multi-stage build to create a lean production image.
+# https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds
+FROM alpine
+RUN apk add --no-cache ca-certificates
+
+# Copy the binary to the production image from the builder stage.
+COPY --from=builder /go/src/github.com/knative/docs/helloworld/helloworld /helloworld
+
+# Run the web service on container startup.
+CMD ["/helloworld"]

cloudrun/deploy.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+gcloud builds submit --tag gcr.io/${GCLOUD_PROJECT}/helloworld
+gcloud beta run deploy --image gcr.io/${GCLOUD_PROJECT}/helloworld --platform managed

cloudrun/helloworld.go

@@ -0,0 +1,30 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"net/http"
+	"os"
+)
+
+func handler(w http.ResponseWriter, r *http.Request) {
+	log.Print("Hello world received a request.")
+	target := os.Getenv("TARGET")
+	if target == "" {
+		target = "World"
+	}
+	fmt.Fprintf(w, "Hello %s!\n", target)
+}
+
+func main() {
+	log.Print("Hello world sample started.")
+
+	http.HandleFunc("/", handler)
+
+	port := os.Getenv("PORT")
+	if port == "" {
+		port = "8080"
+	}
+
+	log.Fatal(http.ListenAndServe(fmt.Sprintf(":%s", port), nil))
+}

common/functions.sh

@@ -0,0 +1,37 @@
+# Check if all required variables are non-null
+# Globals:
+#   None
+# Arguments:
+#   VAR - The variable to check
+# Returns:
+#   None
+variable_is_set() {
+  if [[ -z "${VAR}" ]]; then
+    echo "Variable is not set. Please check your istio.env file."
+    return 1
+  fi
+  return 0
+}
+
+# Check if required binaries exist
+# Globals:
+#   None
+# Arguments:
+#   DEPENDENCY - The command to verify is installed.
+# Returns:
+#   None
+dependency_installed () {
+  command -v "${1}" >/dev/null 2>&1 || exit 1
+}
+
+# Helper function to enable a given service for a given project
+# Globals:
+#   None
+# Arguments:
+#   PROJECT - ID of the project in which to enable the API
+#   API     - Name of the API to enable, e.g. compute.googleapis.com
+# Returns:
+#   None
+enable_project_api() {
+  gcloud services enable "${2}" --project "${1}"
+}

mig/README.md

@@ -0,0 +1,6 @@
+This lab is used to get family with MIG (Managed Instance Group). 
+Container is easier to use. 
+
+* https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances
+* https://cloud.google.com/compute/docs/instance-groups/rolling-out-updates-to-managed-instance-groups
+* https://cloud.google.com/compute/docs/containers/deploying-containers

mig/cleanup.sh

@@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+set -o errexit
+set -o nounset
+set -o pipefail
+set -x
+
+PROJECT_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "$PROJECT_ROOT"/env
+
+
+function dependency_installed () {
+  command -v "${1}" >/dev/null 2>&1
+}
+
+# Ensure the necessary dependencies are installed
+if ! dependency_installed "gcloud"; then
+  echo "I require gcloud but it's not installed. Aborting."
+  exit 1
+fi
+
+
+# Verify the instance template is created for worker
+if ! gcloud compute instance-templates list --filter="name:${INSTANCE_TEMPLATE}"; then
+  echo "Instance Template: ${INSTANCE_TEMPLATE} is not created, Aborting"
+  exit 1
+fi
+
+if ! gcloud compute instance-groups managed list --filter="name:${MIG_NAME}"; then 
+ echo "MIG:${MIG_NAME} is not created, Aborting"
+  exit 2
+fi
+
+
+if ! gcloud compute health-checks list --filter="name:${HC_NAME}"; then 
+ echo "healthcheck:${HC_NAME} is not created, Aborting"
+  exit 3
+fi
+
+if ! gcloud compute firewall-rules list --filter="name:${FW_NAME}"; then 
+ echo "firewall ruls:${FW_NAME} is not created, Aborting"
+  exit 4
+fi
+
+# now, time to delete them
+gcloud compute instance-groups managed delete ${MIG_NAME} --region $REGION
+gcloud compute instance-templates delete ${INSTANCE_TEMPLATE}
+
+gcloud compute health-checks delete ${HC_NAME}
+gcloud compute firewall-rules delete ${FW_NAME}

mig/cleanup_glb.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+set -o errexit
+set -o nounset
+set -o pipefail
+set -x
+
+PROJECT_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "$PROJECT_ROOT"/env
+source "$PROJECT_ROOT/../"/common/functions.sh
+
+
+gcloud compute forwarding-rules delete ${GLB_FW_RULE} --global
+gcloud compute target-http-proxies delete ${TARGET_PROXY}
+gcloud compute url-maps delete ${URL_MAP}
+gcloud compute backend-services delete ${BE_SVC} --global 
+gcloud compute health-checks delete ${GLB_HC}
+gcloud compute addresses delete ${GLB_IP} --global

mig/cleanup_nlb.sh

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+set -o errexit
+set -o nounset
+set -o pipefail
+set -x
+
+PROJECT_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "$PROJECT_ROOT"/env
+source "$PROJECT_ROOT/../"/common/functions.sh
+
+# local vars
+
+# https://cloud.google.com/load-balancing/docs/network/setting-up-network
+
+gcloud compute firewall-rules delete ${NLB_FW_RULE}
+gcloud compute forwarding-rules delete ${NLB_FR_RULE} --region ${REGION} 
+gcloud compute target-pools delete ${TARGET_POOL}
+gcloud compute http-health-checks delete ${NLB_HC}
+gcloud compute addresses delete ${NLB_ADDRESS}

mig/create.sh

@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+set -o errexit
+set -o nounset
+set -o pipefail
+set -x
+
+PROJECT_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "$PROJECT_ROOT"/env
+source "$PROJECT_ROOT/../"/common/functions.sh
+
+
+# create a regional private MIG running nginx container
+# gcloud compute instance-templates create-with-container ${INSTANCE_TEMPLATE} \
+#  --network ${NETWORK} --subnet ${SUBNET} --region ${REGION} \
+#  --container-image ${CONTAINER_IMAGE} \
+#  --machine-type ${MACHINE_TYPE} \
+#  --no-address  \
+#  --tags ${NETWORK_TAG}
+
+# Verify the instance template is created for worker
+if ! gcloud compute instance-templates list --filter="name:${INSTANCE_TEMPLATE}"; then
+  echo "${INSTANCE_TEMPLATE} is not created, Aborting"
+  exit 2
+fi
+
+# creaate a MIG with the template
+# gcloud compute instance-groups managed create ${MIG_NAME} \
+#   --region $REGION --template ${INSTANCE_TEMPLATE} \
+#   --size $MIG_SIZE
+
+# update MIG with rolling update
+# gcloud compute instance-groups managed rolling-action start-update nginx1-mig --version template=${INSTANCE_TEMPLATE} --region ${REGION}
+
+# create health check and firewall rules for auto healing
+# gcloud compute health-checks create http ${HC_NAME} --port 80 \
+#    --check-interval 30s \
+#    --healthy-threshold 1 \
+#    --timeout 10s \
+#    --unhealthy-threshold 3
+
+gcloud compute firewall-rules create ${FW_NAME}  \
+   --allow tcp:80 \
+   --source-ranges 130.211.0.0/22,35.191.0.0/16 \
+   --target-tags ${NETWORK_TAG} \
+   --network $NETWORK
+
+# update the MIG with the health check policy
+gcloud compute instance-groups managed update ${MIG_NAME}  \
+    --health-check ${HC_NAME} \
+    --initial-delay 300 \
+    --region ${REGION}