Zum Inhalt

Google Cloud CLI (gcloud)

generieren

Umfassende Google Cloud CLI Befehle und Workflows für die Verwaltung von Google Cloud Platform Services, einschließlich Compute Engine, Cloud Storage und Kubernetes Engine.

Installation & Authentication

| | Command | Description | | | --- | --- | | | gcloud auth login | Login to Google Cloud | | | | gcloud auth application-default login | Login for application default credentials | | | | gcloud auth list | List authenticated accounts | | | | gcloud auth revoke | Revoke authentication | | | | gcloud config list | Show current configuration | | | | gcloud config set project PROJECT_ID | Set default project | | | | gcloud config set compute/region us-central1 | Set default region | | | | gcloud config set compute/zone us-central1-a | Set default zone | |

Projektleitung

| | Command | Description | | | --- | --- | | | gcloud projects list | List all projects | | | | gcloud projects create PROJECT_ID | Create new project | | | | gcloud projects delete PROJECT_ID | Delete project | | | | gcloud projects describe PROJECT_ID | Show project details | | | | gcloud config get-value project | Get current project | | | | gcloud config configurations list | List configurations | | | | gcloud config configurations create CONFIG_NAME | Create configuration | | | | gcloud config configurations activate CONFIG_NAME | Activate configuration | |

Motor berechnen

Verwaltung

| | Command | Description | | | --- | --- | | | gcloud compute instances list | List all instances | | | | gcloud compute instances create INSTANCE_NAME --machine-type=e2-medium --image-family=ubuntu-2004-lts --image-project=ubuntu-os-cloud | Create instance | | | | gcloud compute instances start INSTANCE_NAME | Start instance | | | | gcloud compute instances stop INSTANCE_NAME | Stop instance | | | | gcloud compute instances delete INSTANCE_NAME | Delete instance | | | | gcloud compute instances reset INSTANCE_NAME | Reset instance | | | | gcloud compute instances describe INSTANCE_NAME | Show instance details | |

SSH und Remote Access

| | Command | Description | | | --- | --- | | | gcloud compute ssh INSTANCE_NAME | SSH into instance | | | | gcloud compute ssh INSTANCE_NAME --zone=ZONE | SSH with specific zone | | | | gcloud compute scp LOCAL_FILE INSTANCE_NAME:REMOTE_PATH | Copy file to instance | | | | gcloud compute scp INSTANCE_NAME:REMOTE_PATH LOCAL_FILE | Copy file from instance | | | | gcloud compute os-login ssh-keys add --key-file=KEY_FILE | Add SSH key | |

Maschinentypen und Bilder

| | Command | Description | | | --- | --- | | | gcloud compute machine-types list | List machine types | | | | gcloud compute machine-types list --filter="zone:us-central1-a" | List machine types by zone | | | | gcloud compute images list | List all images | | | | gcloud compute images list --filter="family:ubuntu-2004-lts" | List images by family | | | | gcloud compute images create IMAGE_NAME --source-disk=DISK_NAME | Create custom image | |

Scheiben

| | Command | Description | | | --- | --- | | | gcloud compute disks list | List all disks | | | | gcloud compute disks create DISK_NAME --size=100GB | Create disk | | | | gcloud compute disks delete DISK_NAME | Delete disk | | | | gcloud compute disks snapshot DISK_NAME --snapshot-names=SNAPSHOT_NAME | Create snapshot | | | | gcloud compute instances attach-disk INSTANCE_NAME --disk=DISK_NAME | Attach disk | | | | gcloud compute instances detach-disk INSTANCE_NAME --disk=DISK_NAME | Detach disk | |

Cloud-Speicher

Bucking Operationen

| | Command | Description | | | --- | --- | | | gsutil ls | List all buckets | | | | gsutil mb gs://BUCKET_NAME | Create bucket | | | | gsutil rb gs://BUCKET_NAME | Remove empty bucket | | | | gsutil rm -r gs://BUCKET_NAME | Remove bucket and contents | | | | gsutil ls gs://BUCKET_NAME | List objects in bucket | | | | gsutil ls -l gs://BUCKET_NAME | List objects with details | |

Dateioperationen

| | Command | Description | | | --- | --- | | | gsutil cp FILE gs://BUCKET_NAME/ | Upload file | | | | gsutil cp gs://BUCKET_NAME/FILE . | Download file | | | | gsutil cp -r DIRECTORY gs://BUCKET_NAME/ | Upload directory | | | | gsutil rsync -r LOCAL_DIR gs://BUCKET_NAME/ | Sync directory | | | | gsutil rm gs://BUCKET_NAME/FILE | Delete file | | | | gsutil rm -r gs://BUCKET_NAME/DIRECTORY | Delete directory | |

Bucket Konfiguration

| | Command | Description | | | --- | --- | | | gsutil versioning set on gs://BUCKET_NAME | Enable versioning | | | | gsutil versioning get gs://BUCKET_NAME | Check versioning status | | | | gsutil lifecycle set LIFECYCLE_CONFIG gs://BUCKET_NAME | Set lifecycle policy | | | | gsutil cors set CORS_CONFIG gs://BUCKET_NAME | Set CORS policy | | | | gsutil iam get gs://BUCKET_NAME | Get bucket IAM policy | | | | gsutil iam set POLICY_FILE gs://BUCKET_NAME | Set bucket IAM policy | |

Google Kubernetes Engine (GKE)

Cluster Management

| | Command | Description | | | --- | --- | | | gcloud container clusters list | List all clusters | | | | gcloud container clusters create CLUSTER_NAME --num-nodes=3 | Create cluster | | | | gcloud container clusters delete CLUSTER_NAME | Delete cluster | | | | gcloud container clusters get-credentials CLUSTER_NAME | Get cluster credentials | | | | gcloud container clusters resize CLUSTER_NAME --num-nodes=5 | Resize cluster | | | | gcloud container clusters upgrade CLUSTER_NAME | Upgrade cluster | |

Node Pools

| | Command | Description | | | --- | --- | | | gcloud container node-pools list --cluster=CLUSTER_NAME | List node pools | | | | gcloud container node-pools create POOL_NAME --cluster=CLUSTER_NAME --num-nodes=2 | Create node pool | | | | gcloud container node-pools delete POOL_NAME --cluster=CLUSTER_NAME | Delete node pool | | | | gcloud container node-pools describe POOL_NAME --cluster=CLUSTER_NAME | Describe node pool | |

Cluster Operationen

| | Command | Description | | | --- | --- | | | kubectl get nodes | List cluster nodes | | | | kubectl get pods --all-namespaces | List all pods | | | | kubectl apply -f MANIFEST_FILE | Apply Kubernetes manifest | | | | kubectl delete -f MANIFEST_FILE | Delete resources from manifest | |

Cloud Funktionen

Funktionsmanagement

| | Command | Description | | | --- | --- | | | gcloud functions list | List all functions | | | | gcloud functions deploy FUNCTION_NAME --runtime=python39 --trigger-http | Deploy HTTP function | | | | gcloud functions deploy FUNCTION_NAME --runtime=nodejs14 --trigger-topic=TOPIC_NAME | Deploy Pub/Sub function | | | | gcloud functions delete FUNCTION_NAME | Delete function | | | | gcloud functions describe FUNCTION_NAME | Show function details | | | | gcloud functions call FUNCTION_NAME | Call function | |

Funktion Logs

| | Command | Description | | | --- | --- | | | gcloud functions logs read FUNCTION_NAME | Read function logs | | | | gcloud functions logs read FUNCTION_NAME --limit=50 | Read recent logs | | | | gcloud functions logs read FUNCTION_NAME --start-time=2023-01-01 | Read logs from date | |

Cloud SQL

Verwaltung

| | Command | Description | | | --- | --- | | | gcloud sql instances list | List SQL instances | | | | gcloud sql instances create INSTANCE_NAME --database-version=MYSQL_8_0 --tier=db-f1-micro | Create MySQL instance | | | | gcloud sql instances create INSTANCE_NAME --database-version=POSTGRES_13 --tier=db-f1-micro | Create PostgreSQL instance | | | | gcloud sql instances delete INSTANCE_NAME | Delete instance | | | | gcloud sql instances describe INSTANCE_NAME | Show instance details | | | | gcloud sql instances restart INSTANCE_NAME | Restart instance | |

Datenbanken

| | Command | Description | | | --- | --- | | | gcloud sql databases list --instance=INSTANCE_NAME | List databases | | | | gcloud sql databases create DATABASE_NAME --instance=INSTANCE_NAME | Create database | | | | gcloud sql databases delete DATABASE_NAME --instance=INSTANCE_NAME | Delete database | |

Benutzermanagement

| | Command | Description | | | --- | --- | | | gcloud sql users list --instance=INSTANCE_NAME | List users | | | | gcloud sql users create USERNAME --instance=INSTANCE_NAME --password=PASSWORD | Create user | | | | gcloud sql users delete USERNAME --instance=INSTANCE_NAME | Delete user | | | | gcloud sql users set-password USERNAME --instance=INSTANCE_NAME --password=NEW_PASSWORD | Change password | |

Backups

| | Command | Description | | | --- | --- | | | gcloud sql backups list --instance=INSTANCE_NAME | List backups | | | | gcloud sql backups create --instance=INSTANCE_NAME | Create backup | | | | gcloud sql backups restore BACKUP_ID --restore-instance=INSTANCE_NAME | Restore backup | |

App Motor

Anwendungsmanagement

| | Command | Description | | | --- | --- | | | gcloud app deploy | Deploy application | | | | gcloud app deploy --version=VERSION_NAME | Deploy specific version | | | | gcloud app browse | Open application in browser | | | | gcloud app describe | Show application details | | | | gcloud app versions list | List application versions | | | | gcloud app versions delete VERSION_NAME | Delete version | |

Verkehrsmanagement

| | Command | Description | | | --- | --- | | | gcloud app services list | List services | | | | gcloud app versions migrate VERSION_NAME | Migrate traffic to version | | | | gcloud app services set-traffic --splits=VERSION1=0.5,VERSION2=0.5 | Split traffic | |

Logs

| | Command | Description | | | --- | --- | | | gcloud app logs tail | Stream application logs | | | | gcloud app logs read | Read application logs | | | | gcloud app logs read --service=SERVICE_NAME | Read service logs | |

Cloud Pub/Sub

Themen

| | Command | Description | | | --- | --- | | | gcloud pubsub topics list | List topics | | | | gcloud pubsub topics create TOPIC_NAME | Create topic | | | | gcloud pubsub topics delete TOPIC_NAME | Delete topic | | | | gcloud pubsub topics describe TOPIC_NAME | Show topic details | | | | gcloud pubsub topics publish TOPIC_NAME --message="Hello World" | Publish message | |

Abonnements

| | Command | Description | | | --- | --- | | | gcloud pubsub subscriptions list | List subscriptions | | | | gcloud pubsub subscriptions create SUBSCRIPTION_NAME --topic=TOPIC_NAME | Create subscription | | | | gcloud pubsub subscriptions delete SUBSCRIPTION_NAME | Delete subscription | | | | gcloud pubsub subscriptions pull SUBSCRIPTION_NAME | Pull messages | | | | gcloud pubsub subscriptions pull SUBSCRIPTION_NAME --auto-ack | Pull and acknowledge | |

IAM (Identity and Access Management)

Service Accounts

| | Command | Description | | | --- | --- | | | gcloud iam service-accounts list | List service accounts | | | | gcloud iam service-accounts create SERVICE_ACCOUNT_NAME | Create service account | | | | gcloud iam service-accounts delete SERVICE_ACCOUNT_EMAIL | Delete service account | | | | gcloud iam service-accounts keys create KEY_FILE --iam-account=SERVICE_ACCOUNT_EMAIL | Create service account key | | | | gcloud iam service-accounts keys list --iam-account=SERVICE_ACCOUNT_EMAIL | List service account keys | |

IAM-Politik

| | Command | Description | | | --- | --- | | | gcloud projects get-iam-policy PROJECT_ID | Get project IAM policy | | | | gcloud projects add-iam-policy-binding PROJECT_ID --member=user:EMAIL --role=ROLE | Add IAM binding | | | | gcloud projects remove-iam-policy-binding PROJECT_ID --member=user:EMAIL --role=ROLE | Remove IAM binding | | | | gcloud iam roles list | List predefined roles | | | | gcloud iam roles create ROLE_NAME --project=PROJECT_ID --file=ROLE_DEFINITION | Create custom role | |

Cloud-Konfiguration

Verwaltung

| | Command | Description | | | --- | --- | | | gcloud builds list | List builds | | | | gcloud builds submit --tag gcr.io/PROJECT_ID/IMAGE_NAME | Build and push image | | | | gcloud builds submit --config=cloudbuild.yaml | Build with config file | | | | gcloud builds describe BUILD_ID | Show build details | | | | gcloud builds cancel BUILD_ID | Cancel build | |

Auslöser

| | Command | Description | | | --- | --- | | | gcloud builds triggers list | List build triggers | | | | gcloud builds triggers create github --repo-name=REPO_NAME --repo-owner=OWNER --branch-pattern=main | Create GitHub trigger | | | | gcloud builds triggers delete TRIGGER_ID | Delete trigger | | | | gcloud builds triggers run TRIGGER_NAME | Run trigger manually | |

Vernetzung

VPC Netzwerke

| | Command | Description | | | --- | --- | | | gcloud compute networks list | List VPC networks | | | | gcloud compute networks create NETWORK_NAME --subnet-mode=custom | Create custom VPC | | | | gcloud compute networks delete NETWORK_NAME | Delete VPC network | | | | gcloud compute networks subnets list | List subnets | | | | gcloud compute networks subnets create SUBNET_NAME --network=NETWORK_NAME --range=10.0.0.0/24 | Create subnet | |

Firewall Regeln

| | Command | Description | | | --- | --- | | | gcloud compute firewall-rules list | List firewall rules | | | | gcloud compute firewall-rules create RULE_NAME --allow tcp:80,tcp:443 --source-ranges 0.0.0.0/0 | Create firewall rule | | | | gcloud compute firewall-rules delete RULE_NAME | Delete firewall rule | | | | gcloud compute firewall-rules describe RULE_NAME | Show firewall rule details | |

Last Balances

| | Command | Description | | | --- | --- | | | gcloud compute url-maps list | List URL maps | | | | gcloud compute backend-services list | List backend services | | | | gcloud compute target-http-proxies list | List HTTP proxies | | | | gcloud compute forwarding-rules list | List forwarding rules | |

Überwachung und Protokollierung

Cloud Logging

| | Command | Description | | | --- | --- | | | gcloud logging logs list | List available logs | | | | gcloud logging read "resource.type=gce_instance" | Read logs by resource | | | | gcloud logging read "timestamp>=2023-01-01T00:00:00Z" | Read logs by time | | | | gcloud logging sinks list | List log sinks | | | | gcloud logging sinks create SINK_NAME DESTINATION --log-filter=FILTER | Create log sink | |

Cloud Monitoring

| | Command | Description | | | --- | --- | | | gcloud alpha monitoring policies list | List alerting policies | | | | gcloud alpha monitoring channels list | List notification channels | |

Best Practices

Sicherheit

  1. Servicekonten: Servicekonten für Anwendungen verwenden
  2. *IAM Prinzipien: Prinzip der Mindestberechtigung
  3. *VPC Sicherheit: Verwenden Sie private Subnetze und Firewall-Regeln
  4. Secret Management: Secret Manager für sensible Daten verwenden

Kostenoptimierung

  1. *Resource Labels: Label-Ressourcen für die Kostenverfolgung
  2. ** Präemptible Instanzen*: Verwenden Sie vorzugsfähige VMs für Batch-Workloads
  3. Mitteilung Verwenden Sie: Bestimmte Nutzungsrabatte für vorhersehbare Workloads verwenden
  4. ** Auto-Skalierung*: Auto-Skalierung für dynamische Workloads konfigurieren

Automatisierung

  1. Infrastruktur als Code: Einsatzmanager oder Terraform verwenden
  2. *CI/CD: Cloud Build zur kontinuierlichen Integration
  3. Monitoring: Einrichtung umfassender Überwachung und Alarmierung
  4. Backup-Strategie: Implementierung automatisierter Backup-Strategien