Don't Quit blog

Latihan Cloud Environment in Google Cloud: Challenge Lab - GSP321

oncom's photo
oncom
·

4 min read

Sebelum mengambil Challenge Lab ini sebaiknya sudah mengerjakan 5 pre-Lab yang tersedia walaupun pada bagian bastion host, deploy Wordpress, monitoring dan akses bagi User lain belum diperkenalkan dan ga ada contoh tapi dapet panduan dari sini.

Selalu gunakan region us-east1 atau us-east1-b. Waktunya 1 jam dan itu mepet banget. Get ready!

Task 1: Membuat dev-VPC dengan 2 subnet

Navigation menu > VPC networks > Create VPC Network

  • Name: griffin-dev-vpc
  • Subnet creation mode, click Custom
  • Name subnet: griffin-dev-wp > Region: us-east1 > IP address range: 192.168.16.0/20 > Done
  • Add subnet
  • Name subnet: griffin-dev-mgmt > Region: us-east1 > IP address range: 192.168.32.0/20 > Done
  • CREATE

Task 2: Membuat prod-VPC dengan 2 subnet

Ulangi Task 1 - Create VPC Network

  • Name: griffin-prod-vpc
  • Subnet creation mode, click Custom
  • Name subnet: griffin-prod-wp > IP address range: 192.168.48.0/20 > Done
  • Add subnet
  • Name subnet: griffin-prod-mgmt > IP address range: 192.168.64.0/20 > Done
  • CREATE

Task 3: Membuat bastion host

Navigation Menu > Compute Engine > VM Instance > Create Instance

  • Name: griffin-dev-db > Region: us-east1
  • Expand Networking, Disks, Security, Management, Sole-Tenancy section - klik Networking
  • Network tags ketik bastion
  • Add Network Interfaces, jadi ada 2 vpc dengan 2 mgmt
  • Name: griffin-dev-vpc > Subnetwork: griffin-dev-mgmt > Done
  • Add Network Interfaces
  • Name: griffin-prod-vpc > Subnetwork: griffin-prod-mgmt > Done
  • CREATE

Membuat Firewall Rule

Navigation Menu > VPC Network > Firewall > Create Firewall Rule

  • Name: allow-bastion-dev-ssh
  • Network: griffin-dev-vpc
  • Targets tag: bastion
  • Source IP ranges: 192.168.32.0/20
  • Protocols and ports > klik tcp: 22
  • CREATE

Ulangi langkah diatas untuk prod

  • Name: allow-bastion-prod-ssh
  • Network: griffin-prod-vpc
  • Targets tag: bastion
  • Source IP ranges: 192.168.64.0/20
  • Protocols and ports > klik tcp: 22
  • CREATE

Task 4: Membuat Cloud SQL Instance

Navigation menu > SQL > CREATE INSTANCE > Choose MySQL

  • Instance ID: griffin-dev-db
  • Password: bebas (inget-inget jan lupa)
  • Region: us-east1
  • CREATE INSTANCE

Ketika Instance sudah successfull centang ijo (agak lama) koneksikan SQL Instance melalui gcloud terminal

gcloud sql connect griffin-dev-db --user=root --quiet

Otomatis masuk ke SQL Monitor

Cursor akan stagnan/tidak bergerak ketika mengetik, ketik saja password yang tadi kemudian Enter

Untuk menyiapkan environment wordpress (copy paste perintah dibawah)

CREATE DATABASE wordpress;
GRANT ALL PRIVILEGES ON wordpress.* TO "wp_user"@"%" IDENTIFIED BY "stormwind_rules";
FLUSH PRIVILEGES;

Ketik exit dan Enter untuk keluar dari SQL Monitor

Task 5: Membuat Kubernetes cluster

Navigation Menu > Kubernetes Engine > Clusters > Create GKE Standard

  • Name: griffin-dev
  • Zone: us-east1-b

Liat kolom sebelah kiri klik default-pool > set number of nodes = 2

  • klik Nodes > Series N1 > set Machine type: Series n1-standard-4
  • klik Networking > Network: griffin-dev-vpc > Node subnet: griffin-dev-wp
  • Create - Agak lama sampai centang hijau

Task 6: Menyiapkan Kubernetes cluster

Copy file melalui gcloud terminal

gsutil cp -r gs://cloud-training/gsp321/wp-k8s ~/

cd ~/wp-k8s

edit wp-env.yaml

Akan pindah otomatis ke jendela editor

  • Ubah username jadi wp_user
  • Ubah password jadi stormwind_rules
  • Save otomatis

Klik gcloud terminal, koneksikan kluster via gcloud terminal

gcloud container clusters get-credentials griffin-dev --zone=us-east1-b

Deploy configuration

kubectl apply -f wp-env.yaml

Buat key & kredensial Kubernetes environment

gcloud iam service-accounts keys create key.json \
    --iam-account=cloud-sql-proxy@$GOOGLE_CLOUD_PROJECT.iam.gserviceaccount.com
kubectl create secret generic cloudsql-instance-credentials \
    --from-file key.json

Task 7: Deploy WordPress

cd ~/wp-k8s

edit wp-deployment.yaml

Akan pindah otomatis ke jendela editor

  • Ubah YOUR_SQL_INSTANCE jadi griffin-dev-db
  • Save otomatis

Deployment di gcloud terminal

kubectl create -f wp-deployment.yaml

kubectl create -f wp-service.yaml

Task 8: Enable monitoring

Cari tau Wordpress Endpoint

Navigation Menu > Kubernetes Engine > Services & Ingress > Endpoints ( Thanks )

Navigation Menu > Monitoring > Uptime checks > Create

  • Title: Wordpress Uptime > Next
  • Check Type: HTTP
  • Resource Type: URL
  • Hostname: 34.139.36.146 (Wordpress Endpoint)
  • Path: / > Next
  • Next > Next > Test/Create

Task 9: Membuat akses bagi User lain

Navigation Menu > IAM & Admin > IAM > ADD

  • Copy paste Username 2 (Dibawah Username 1 & Start Lab diawal)
  • Select a Role > Project > Editor
  • Save

Congratulations!

Tested on Sept, 2021

Jangan terjebak pada 'tutorial/learning hell', buatlah project!

Cloudgoogle cloudCloud Computingchallenge