Google Cloud CLI (gcloud)
Copier toutes les commandes
Générer PDF
Commandes et flux de travail complets de Google Cloud CLI pour la gestion des services Google Cloud Platform, y compris Compute Engine, Cloud Storage et Kubernetes Engine.
Installation & Authentification
| Command |
Description |
gcloud auth login |
Login to Google Cloud |
gcloud auth application-default login |
Login for application default credentials |
gcloud auth list |
List authenticated accounts |
gcloud auth revoke |
Revoke authentication |
gcloud config list |
Show current configuration |
gcloud config set project PROJECT_ID |
Set default project |
gcloud config set compute/region us-central1 |
Set default region |
gcloud config set compute/zone us-central1-a |
Set default zone |
Gestion de projet
| Command |
Description |
gcloud projects list |
List all projects |
gcloud projects create PROJECT_ID |
Create new project |
gcloud projects delete PROJECT_ID |
Delete project |
gcloud projects describe PROJECT_ID |
Show project details |
gcloud config get-value project |
Get current project |
gcloud config configurations list |
List configurations |
gcloud config configurations create CONFIG_NAME |
Create configuration |
gcloud config configurations activate CONFIG_NAME |
Activate configuration |
Moteur de calcul
Gestion des instances
| Command |
Description |
gcloud compute instances list |
List all instances |
gcloud compute instances create INSTANCE_NAME --machine-type=e2-medium --image-family=ubuntu-2004-lts --image-project=ubuntu-os-cloud |
Create instance |
gcloud compute instances start INSTANCE_NAME |
Start instance |
gcloud compute instances stop INSTANCE_NAME |
Stop instance |
gcloud compute instances delete INSTANCE_NAME |
Delete instance |
gcloud compute instances reset INSTANCE_NAME |
Reset instance |
gcloud compute instances describe INSTANCE_NAME |
Show instance details |
SSH et accès à distance
| Command |
Description |
gcloud compute ssh INSTANCE_NAME |
SSH into instance |
gcloud compute ssh INSTANCE_NAME --zone=ZONE |
SSH with specific zone |
gcloud compute scp LOCAL_FILE INSTANCE_NAME:REMOTE_PATH |
Copy file to instance |
gcloud compute scp INSTANCE_NAME:REMOTE_PATH LOCAL_FILE |
Copy file from instance |
gcloud compute os-login ssh-keys add --key-file=KEY_FILE |
Add SSH key |
Types de machines et images
| Command |
Description |
gcloud compute machine-types list |
List machine types |
gcloud compute machine-types list --filter="zone:us-central1-a" |
List machine types by zone |
gcloud compute images list |
List all images |
gcloud compute images list --filter="family:ubuntu-2004-lts" |
List images by family |
gcloud compute images create IMAGE_NAME --source-disk=DISK_NAME |
Create custom image |
Disques
| Command |
Description |
gcloud compute disks list |
List all disks |
gcloud compute disks create DISK_NAME --size=100GB |
Create disk |
gcloud compute disks delete DISK_NAME |
Delete disk |
gcloud compute disks snapshot DISK_NAME --snapshot-names=SNAPSHOT_NAME |
Create snapshot |
gcloud compute instances attach-disk INSTANCE_NAME --disk=DISK_NAME |
Attach disk |
gcloud compute instances detach-disk INSTANCE_NAME --disk=DISK_NAME |
Detach disk |
Stockage en nuage
Opérations de seau
| Command |
Description |
gsutil ls |
List all buckets |
gsutil mb gs://BUCKET_NAME |
Create bucket |
gsutil rb gs://BUCKET_NAME |
Remove empty bucket |
gsutil rm -r gs://BUCKET_NAME |
Remove bucket and contents |
gsutil ls gs://BUCKET_NAME |
List objects in bucket |
gsutil ls -l gs://BUCKET_NAME |
List objects with details |
Opérations de fichiers
| Command |
Description |
gsutil cp FILE gs://BUCKET_NAME/ |
Upload file |
gsutil cp gs://BUCKET_NAME/FILE . |
Download file |
gsutil cp -r DIRECTORY gs://BUCKET_NAME/ |
Upload directory |
gsutil rsync -r LOCAL_DIR gs://BUCKET_NAME/ |
Sync directory |
gsutil rm gs://BUCKET_NAME/FILE |
Delete file |
gsutil rm -r gs://BUCKET_NAME/DIRECTORY |
Delete directory |
Configuration du seau
| Command |
Description |
gsutil versioning set on gs://BUCKET_NAME |
Enable versioning |
gsutil versioning get gs://BUCKET_NAME |
Check versioning status |
gsutil lifecycle set LIFECYCLE_CONFIG gs://BUCKET_NAME |
Set lifecycle policy |
gsutil cors set CORS_CONFIG gs://BUCKET_NAME |
Set CORS policy |
gsutil iam get gs://BUCKET_NAME |
Get bucket IAM policy |
gsutil iam set POLICY_FILE gs://BUCKET_NAME |
Set bucket IAM policy |
Moteur Google Kubernetes (GKE)
Gestion des grappes
| Command |
Description |
gcloud container clusters list |
List all clusters |
gcloud container clusters create CLUSTER_NAME --num-nodes=3 |
Create cluster |
gcloud container clusters delete CLUSTER_NAME |
Delete cluster |
gcloud container clusters get-credentials CLUSTER_NAME |
Get cluster credentials |
gcloud container clusters resize CLUSTER_NAME --num-nodes=5 |
Resize cluster |
gcloud container clusters upgrade CLUSTER_NAME |
Upgrade cluster |
Pools de nœuds
| Command |
Description |
gcloud container node-pools list --cluster=CLUSTER_NAME |
List node pools |
gcloud container node-pools create POOL_NAME --cluster=CLUSTER_NAME --num-nodes=2 |
Create node pool |
gcloud container node-pools delete POOL_NAME --cluster=CLUSTER_NAME |
Delete node pool |
gcloud container node-pools describe POOL_NAME --cluster=CLUSTER_NAME |
Describe node pool |
Opérations des groupes thématiques
| Command |
Description |
kubectl get nodes |
List cluster nodes |
kubectl get pods --all-namespaces |
List all pods |
kubectl apply -f MANIFEST_FILE |
Apply Kubernetes manifest |
kubectl delete -f MANIFEST_FILE |
Delete resources from manifest |
Fonctions Cloud
Gestion des fonctions
| Command |
Description |
gcloud functions list |
List all functions |
gcloud functions deploy FUNCTION_NAME --runtime=python39 --trigger-http |
Deploy HTTP function |
gcloud functions deploy FUNCTION_NAME --runtime=nodejs14 --trigger-topic=TOPIC_NAME |
Deploy Pub/Sub function |
gcloud functions delete FUNCTION_NAME |
Delete function |
gcloud functions describe FUNCTION_NAME |
Show function details |
gcloud functions call FUNCTION_NAME |
Call function |
Journaux de fonctions
| Command |
Description |
gcloud functions logs read FUNCTION_NAME |
Read function logs |
gcloud functions logs read FUNCTION_NAME --limit=50 |
Read recent logs |
gcloud functions logs read FUNCTION_NAME --start-time=2023-01-01 |
Read logs from date |
Nuage SQL
Gestion des instances
| Command |
Description |
gcloud sql instances list |
List SQL instances |
gcloud sql instances create INSTANCE_NAME --database-version=MYSQL_8_0 --tier=db-f1-micro |
Create MySQL instance |
gcloud sql instances create INSTANCE_NAME --database-version=POSTGRES_13 --tier=db-f1-micro |
Create PostgreSQL instance |
gcloud sql instances delete INSTANCE_NAME |
Delete instance |
gcloud sql instances describe INSTANCE_NAME |
Show instance details |
gcloud sql instances restart INSTANCE_NAME |
Restart instance |
Opérations de bases de données
| Command |
Description |
gcloud sql databases list --instance=INSTANCE_NAME |
List databases |
gcloud sql databases create DATABASE_NAME --instance=INSTANCE_NAME |
Create database |
gcloud sql databases delete DATABASE_NAME --instance=INSTANCE_NAME |
Delete database |
Gestion des utilisateurs
| Command |
Description |
gcloud sql users list --instance=INSTANCE_NAME |
List users |
gcloud sql users create USERNAME --instance=INSTANCE_NAME --password=PASSWORD |
Create user |
gcloud sql users delete USERNAME --instance=INSTANCE_NAME |
Delete user |
gcloud sql users set-password USERNAME --instance=INSTANCE_NAME --password=NEW_PASSWORD |
Change password |
Sauvegardes
| Command |
Description |
gcloud sql backups list --instance=INSTANCE_NAME |
List backups |
gcloud sql backups create --instance=INSTANCE_NAME |
Create backup |
gcloud sql backups restore BACKUP_ID --restore-instance=INSTANCE_NAME |
Restore backup |
Moteur App
Gestion des demandes
| Command |
Description |
gcloud app deploy |
Deploy application |
gcloud app deploy --version=VERSION_NAME |
Deploy specific version |
gcloud app browse |
Open application in browser |
gcloud app describe |
Show application details |
gcloud app versions list |
List application versions |
gcloud app versions delete VERSION_NAME |
Delete version |
Gestion du trafic
| Command |
Description |
gcloud app services list |
List services |
gcloud app versions migrate VERSION_NAME |
Migrate traffic to version |
gcloud app services set-traffic --splits=VERSION1=0.5,VERSION2=0.5 |
Split traffic |
Registres
| Command |
Description |
gcloud app logs tail |
Stream application logs |
gcloud app logs read |
Read application logs |
gcloud app logs read --service=SERVICE_NAME |
Read service logs |
Nuage Pub/Sub
Thèmes
| Command |
Description |
gcloud pubsub topics list |
List topics |
gcloud pubsub topics create TOPIC_NAME |
Create topic |
gcloud pubsub topics delete TOPIC_NAME |
Delete topic |
gcloud pubsub topics describe TOPIC_NAME |
Show topic details |
gcloud pubsub topics publish TOPIC_NAME --message="Hello World" |
Publish message |
Abonnements
| Command |
Description |
gcloud pubsub subscriptions list |
List subscriptions |
gcloud pubsub subscriptions create SUBSCRIPTION_NAME --topic=TOPIC_NAME |
Create subscription |
gcloud pubsub subscriptions delete SUBSCRIPTION_NAME |
Delete subscription |
gcloud pubsub subscriptions pull SUBSCRIPTION_NAME |
Pull messages |
gcloud pubsub subscriptions pull SUBSCRIPTION_NAME --auto-ack |
Pull and acknowledge |
IAM (Gestion de l'identité et de l'accès)
Comptes de services
| Command |
Description |
gcloud iam service-accounts list |
List service accounts |
gcloud iam service-accounts create SERVICE_ACCOUNT_NAME |
Create service account |
gcloud iam service-accounts delete SERVICE_ACCOUNT_EMAIL |
Delete service account |
gcloud iam service-accounts keys create KEY_FILE --iam-account=SERVICE_ACCOUNT_EMAIL |
Create service account key |
gcloud iam service-accounts keys list --iam-account=SERVICE_ACCOUNT_EMAIL |
List service account keys |
Politiques de l'IAM
| Command |
Description |
gcloud projects get-iam-policy PROJECT_ID |
Get project IAM policy |
gcloud projects add-iam-policy-binding PROJECT_ID --member=user:EMAIL --role=ROLE |
Add IAM binding |
gcloud projects remove-iam-policy-binding PROJECT_ID --member=user:EMAIL --role=ROLE |
Remove IAM binding |
gcloud iam roles list |
List predefined roles |
gcloud iam roles create ROLE_NAME --project=PROJECT_ID --file=ROLE_DEFINITION |
Create custom role |
Construction de nuages
Gestion de construction
| Command |
Description |
gcloud builds list |
List builds |
gcloud builds submit --tag gcr.io/PROJECT_ID/IMAGE_NAME |
Build and push image |
gcloud builds submit --config=cloudbuild.yaml |
Build with config file |
gcloud builds describe BUILD_ID |
Show build details |
gcloud builds cancel BUILD_ID |
Cancel build |
Déclencheurs
| Command |
Description |
gcloud builds triggers list |
List build triggers |
gcloud builds triggers create github --repo-name=REPO_NAME --repo-owner=OWNER --branch-pattern=main |
Create GitHub trigger |
gcloud builds triggers delete TRIGGER_ID |
Delete trigger |
gcloud builds triggers run TRIGGER_NAME |
Run trigger manually |
Réseautage
VPC Réseaux
| Command |
Description |
gcloud compute networks list |
List VPC networks |
gcloud compute networks create NETWORK_NAME --subnet-mode=custom |
Create custom VPC |
gcloud compute networks delete NETWORK_NAME |
Delete VPC network |
gcloud compute networks subnets list |
List subnets |
gcloud compute networks subnets create SUBNET_NAME --network=NETWORK_NAME --range=10.0.0.0/24 |
Create subnet |
Règles de pare-feu
| Command |
Description |
gcloud compute firewall-rules list |
List firewall rules |
gcloud compute firewall-rules create RULE_NAME --allow tcp:80,tcp:443 --source-ranges 0.0.0.0/0 |
Create firewall rule |
gcloud compute firewall-rules delete RULE_NAME |
Delete firewall rule |
gcloud compute firewall-rules describe RULE_NAME |
Show firewall rule details |
Balanceurs de charge
| Command |
Description |
gcloud compute url-maps list |
List URL maps |
gcloud compute backend-services list |
List backend services |
gcloud compute target-http-proxies list |
List HTTP proxies |
gcloud compute forwarding-rules list |
List forwarding rules |
Surveillance et exploitation forestière
Exploitation en nuage
| Command |
Description |
gcloud logging logs list |
List available logs |
gcloud logging read "resource.type=gce_instance" |
Read logs by resource |
gcloud logging read "timestamp>=2023-01-01T00:00:00Z" |
Read logs by time |
gcloud logging sinks list |
List log sinks |
gcloud logging sinks create SINK_NAME DESTINATION --log-filter=FILTER |
Create log sink |
Surveillance des nuages
| Command |
Description |
gcloud alpha monitoring policies list |
List alerting policies |
gcloud alpha monitoring channels list |
List notification channels |
Meilleures pratiques
Sécurité
- Comptes de services: Utiliser les comptes de services pour les applications
- ** Principes de l'IAM** : Suivre le principe du moindre privilège
- VPC Sécurité: Utiliser des sous-réseaux privés et des règles de pare-feu
- Secret Management: Utilisez Secret Manager pour les données sensibles
Optimisation des coûts
- Labels de ressources: Ressources d'étiquettes pour le suivi des coûts
- ** instances préemptables** : utiliser des MV préemptables pour les charges de travail des lots
- Engagés Utilisation: Utiliser des rabais d'utilisation engagés pour des charges de travail prévisibles
- Échelle automatique: Configurer l'échelle automatique pour les charges de travail dynamiques
Automatisation
- Infrastructure en tant que code : Utiliser le gestionnaire de déploiement ou Terraform
- CI/CD: Utilisez Cloud Build pour une intégration continue
- Surveillance: Mettre en place un suivi et une alerte complets
- Stratégie de sauvegarde: Mettre en œuvre des stratégies de sauvegarde automatisées