labs_solutions's People
Forkers
munnashahare anderson-ferreira-83 ashishshukla09 poissonn mohitpatil602 sayyedaquib abhishek213-alb sourabhkashyap-dev ujwala12327 arastuthakur yash509 sujalsinh12345 nikeshkale slim-shaddy-shades sudhanshusharma99 adyasha-droid pratham02 saikumar1611 hq030302 sivaa1999 ramdassbhanage shivanand4761 jagdeeshh025 aabirdeb truptiwagh13 kelladinesh tirumalajana silvioflorentino 81cuongvn gdsc-au nagendrahiremath sandy2341 nikhilkumbhar0511 gdsc-au ajpl26 syedziaulhasan christopherdongo siddharthhsingh56 aimengimbi yuttytk 786akifsk dia2002 rai8888 harii-123 shubhrangipathak rudrahota-1 nataliehormaza swiz0617 rishabh1911007 sysphcd ramazanatalay nsturko pratik9382 next1981 porameht felipesantos92dev tranhuyhoang2001 nasbeginner aksh-ops ishan-siddiqui sheetaljgowda yesh2307 khalid-kifayat ayushsuryavanshi saty9864 parthivi27 lefos7 manojiksula aslammc avilashbhowmick12 michares tanishjain2002 pragna235 naginenirohith rishabh-sikarwar cl0wder raossach kashifkudalkar saranya-max-ux jainavi-dl opec06 123vasu sujanmidatani7 andreplacido 87abhii sai422004 bashorun97 drpcc d3adb33 anisberto mrsohailahmad srenivasarav raviteja1993niit dayobola alessandrocaetano deep0105-byte akheelk brotheralameen1 zxaman ayushmaan06labs_solutions's Issues
HTTP Load Balancer with Cloud Armor UPDATED CONTENT
#!/bin/bash
Variables
PROJECT_ID=$(gcloud config get-value project)
REGION_1="us-west1"
REGION_2="us-east4"
REGION_3="us-east1"
ZONE_3="us-east1-b"
NETWORK="default"
FIREWALL_RULE_HTTP="default-allow-http"
FIREWALL_RULE_HEALTH="default-allow-health-check"
TEMPLATE_1="us-west1-template"
TEMPLATE_2="us-east4-template"
MIG_1="us-west1-mig"
MIG_2="us-east4-mig"
LB_NAME="http-lb"
BACKEND_SERVICE="http-backend"
HEALTH_CHECK="http-health-check"
SIEGE_VM="siege-vm"
SECURITY_POLICY="denylist-siege"
Task 1: Configure HTTP and health check firewall rules
echo "Task 1: Configuring firewall rules..."
gcloud compute firewall-rules create $FIREWALL_RULE_HTTP
--network=$NETWORK
--allow=tcp:80
--source-ranges=0.0.0.0/0
--target-tags=http-server
gcloud compute firewall-rules create $FIREWALL_RULE_HEALTH
--network=$NETWORK
--allow=tcp
--source-ranges=130.211.0.0/22,35.191.0.0/16
--target-tags=http-server
Task 2: Configure instance templates and create instance groups
echo "Task 2: Configuring instance templates and creating instance groups..."
gcloud compute instance-templates create $TEMPLATE_1
--machine-type=e2-micro
--network=$NETWORK
--subnet=$NETWORK
--region=$REGION_1
--tags=http-server
--metadata=startup-script-url=gs://cloud-training/gcpnet/httplb/startup.sh
gcloud compute instance-templates create $TEMPLATE_2
--machine-type=e2-micro
--network=$NETWORK
--subnet=$NETWORK
--region=$REGION_2
--tags=http-server
--metadata=startup-script-url=gs://cloud-training/gcpnet/httplb/startup.sh
gcloud compute instance-groups managed create $MIG_1
--template=$TEMPLATE_1
--size=1
--region=$REGION_1
gcloud compute instance-groups managed set-autoscaling $MIG_1
--region=$REGION_1
--max-num-replicas=2
--target-cpu-utilization=0.80
--cool-down-period=45
gcloud compute instance-groups managed create $MIG_2
--template=$TEMPLATE_2
--size=1
--region=$REGION_2
gcloud compute instance-groups managed set-autoscaling $MIG_2
--region=$REGION_2
--max-num-replicas=2
--target-cpu-utilization=0.80
--cool-down-period=45
Function to add sleep and echo a message
wait_for_operation() {
local message=$1
local sleep_time=${2:-30} # Default sleep time of 30 seconds if not specified
echo "$message"
sleep $sleep_time
}
Task 3: Configure the HTTP Load Balancer
echo "Task 3: Configuring the HTTP Load Balancer..."
Check if health check exists, create if it doesn't
if ! gcloud compute health-checks describe $HEALTH_CHECK --global &>/dev/null; then
gcloud compute health-checks create tcp $HEALTH_CHECK --port=80
wait_for_operation "Waiting for health check to be fully created..."
else
echo "Health check $HEALTH_CHECK already exists."
fi
Check if backend service exists, create if it doesn't
if ! gcloud compute backend-services describe $BACKEND_SERVICE --global &>/dev/null; then
gcloud compute backend-services create $BACKEND_SERVICE
--protocol=HTTP
--port-name=http
--health-checks=$HEALTH_CHECK
--global
wait_for_operation "Waiting for backend service to be fully created..."
else
echo "Backend service $BACKEND_SERVICE already exists. Updating..."
gcloud compute backend-services update $BACKEND_SERVICE
--health-checks=$HEALTH_CHECK
--global
wait_for_operation "Waiting for backend service to be fully updated..."
fi
Function to add or update backend
add_or_update_backend() {
local backend_service=$1
local instance_group=$2
local instance_group_region=$3
local balancing_mode=$4
local capacity_param=$5
if gcloud compute backend-services get-health $backend_service --global | grep -q $instance_group; then
echo "Backend $instance_group already exists in $backend_service. Updating..."
gcloud compute backend-services update-backend $backend_service \
--instance-group=$instance_group \
--instance-group-region=$instance_group_region \
--balancing-mode=$balancing_mode \
$capacity_param \
--global
else
echo "Adding backend $instance_group to $backend_service..."
gcloud compute backend-services add-backend $backend_service \
--instance-group=$instance_group \
--instance-group-region=$instance_group_region \
--balancing-mode=$balancing_mode \
$capacity_param \
--global
fi
wait_for_operation "Waiting for backend to be fully added/updated..."
}
Add or update backends
add_or_update_backend $BACKEND_SERVICE $MIG_1 $REGION_1 RATE "--max-rate-per-instance=50"
add_or_update_backend $BACKEND_SERVICE $MIG_2 $REGION_2 UTILIZATION "--max-utilization=0.8"
Check if URL map exists, create if it doesn't
if ! gcloud compute url-maps describe $LB_NAME --global &>/dev/null; then
gcloud compute url-maps create $LB_NAME --default-service $BACKEND_SERVICE
wait_for_operation "Waiting for URL map to be fully created..."
else
echo "URL map $LB_NAME already exists. Updating..."
gcloud compute url-maps set-default-service $LB_NAME --default-service $BACKEND_SERVICE
wait_for_operation "Waiting for URL map to be fully updated..."
fi
Check if HTTP proxy exists, create if it doesn't
if ! gcloud compute target-http-proxies describe $LB_NAME-proxy --global &>/dev/null; then
gcloud compute target-http-proxies create $LB_NAME-proxy --url-map=$LB_NAME
wait_for_operation "Waiting for HTTP proxy to be fully created..."
else
echo "HTTP proxy $LB_NAME-proxy already exists. Updating..."
gcloud compute target-http-proxies update $LB_NAME-proxy --url-map=$LB_NAME
wait_for_operation "Waiting for HTTP proxy to be fully updated..."
fi
Check if forwarding rules exist, create if they don't
if ! gcloud compute forwarding-rules describe $LB_NAME-forwarding-rule-ipv4 --global &>/dev/null; then
gcloud compute forwarding-rules create $LB_NAME-forwarding-rule-ipv4
--global
--target-http-proxy=$LB_NAME-proxy
--ports=80
--ip-version=IPV4
wait_for_operation "Waiting for IPv4 forwarding rule to be fully created..."
else
echo "IPv4 forwarding rule $LB_NAME-forwarding-rule-ipv4 already exists."
fi
if ! gcloud compute forwarding-rules describe $LB_NAME-forwarding-rule-ipv6 --global &>/dev/null; then
gcloud compute forwarding-rules create $LB_NAME-forwarding-rule-ipv6
--global
--target-http-proxy=$LB_NAME-proxy
--ports=80
--ip-version=IPV6
wait_for_operation "Waiting for IPv6 forwarding rule to be fully created..."
else
echo "IPv6 forwarding rule $LB_NAME-forwarding-rule-ipv6 already exists."
fi
wait_for_operation "Waiting for all load balancer components to be fully propagated..." 60
echo "HTTP Load Balancer configuration completed."
Task 4: Test the HTTP Load Balancer
echo "Task 4: Testing the HTTP Load Balancer..."
LB_IP_V4=$(gcloud compute forwarding-rules describe $LB_NAME-forwarding-rule-ipv4 --global --format="get(IPAddress)")
LB_IP_V6=$(gcloud compute forwarding-rules describe $LB_NAME-forwarding-rule-ipv6 --global --format="get(IPAddress)")
echo "Load Balancer IPv4: $LB_IP_V4"
echo "Load Balancer IPv6: $LB_IP_V6"
Create siege-vm
gcloud compute instances create $SIEGE_VM
--zone=$ZONE_3
--machine-type=e2-medium
Wait for the instance to be ready
sleep 60
Install siege and run the test
gcloud compute ssh $SIEGE_VM --zone=$ZONE_3 --command="sudo apt-get update && sudo apt-get install -y siege && export LB_IP=$LB_IP_V4 && siege -c 150 -t120s http://$LB_IP"
Task 5: Denylist the siege-vm
echo "Task 5: Denylisting the siege-vm..."
SIEGE_IP=$(gcloud compute instances describe $SIEGE_VM --zone=$ZONE_3 --format="get(networkInterfaces[0].accessConfigs[0].natIP)")
gcloud compute security-policies create $SECURITY_POLICY
--description "Denylist for siege-vm"
gcloud compute security-policies rules create 1000
--security-policy $SECURITY_POLICY
--description "Deny siege-vm"
--src-ip-ranges $SIEGE_IP
--action "deny-403"
gcloud compute backend-services update $BACKEND_SERVICE
--security-policy $SECURITY_POLICY
--global
echo "Script completed. Please check the Google Cloud Console for details and to verify the setup."
Implement DevOps in Google Cloud: Challenge Lab
This solution is incomplete. Can you please update the solution
i think you forget here to set value for REGION variable export REGION=us-central1
Create an Internal Load Balancer UPDATED CONTENT
#!/bin/bash
Variables
PROJECT_ID=$(gcloud config get-value project)
REGION="us-west1"
ZONE_1="${REGION}-c"
ZONE_2="${REGION}-b" # You may need to adjust this if a different zone is specified
NETWORK="my-internal-app"
SUBNET_A="subnet-a"
SUBNET_B="subnet-b"
Function to check if a resource is ready
check_resource() {
local resource_type=$1
local resource_name=$2
local max_attempts=10
local attempt=1
while [ $attempt -le $max_attempts ]; do
if gcloud $resource_type describe $resource_name --quiet >/dev/null 2>&1; then
echo "$resource_type $resource_name is ready."
return 0
fi
echo "Waiting for $resource_type $resource_name to be ready... (Attempt $attempt/$max_attempts)"
sleep 10
((attempt++))
done
echo "Timeout waiting for $resource_type $resource_name to be ready."
return 1
}
Create internal IP address
echo "Creating internal IP address..."
gcloud compute addresses create my-ilb-ip
--region=$REGION
--subnet=$SUBNET_B
--addresses=10.10.30.5
check_resource "compute addresses" "my-ilb-ip --region=$REGION"
Create forwarding rule
echo "Creating forwarding rule..."
gcloud compute forwarding-rules create my-ilb-forwarding-rule
--load-balancing-scheme=internal
--network=$NETWORK
--subnet=$SUBNET_B
--address=my-ilb-ip
--ports=80
--region=$REGION
--backend-service=my-ilb-backend-service
check_resource "compute forwarding-rules" "my-ilb-forwarding-rule --region=$REGION"
sleep 10 # Wait for firewall rule to propagate
Create instance templates
echo "Creating instance template 1..."
gcloud compute instance-templates create instance-template-1
--machine-type=e2-medium
--network=$NETWORK
--subnet=$SUBNET_A
--tags=lb-backend
--metadata=startup-script-url=gs://cloud-training/gcpnet/ilb/startup.sh
--region=$REGION
echo "Creating instance template 2..."
gcloud compute instance-templates create instance-template-2
--machine-type=e2-medium
--network=$NETWORK
--subnet=$SUBNET_B
--tags=lb-backend
--metadata=startup-script-url=gs://cloud-training/gcpnet/ilb/startup.sh
--region=$REGION
sleep 20 # Wait for instance templates to be fully created
Create managed instance groups
echo "Creating managed instance group 1..."
gcloud compute instance-groups managed create instance-group-1
--template=instance-template-1
--size=1
--zone=$ZONE_1
echo "Creating managed instance group 2..."
gcloud compute instance-groups managed create instance-group-2
--template=instance-template-2
--size=1
--zone=$ZONE_2
sleep 60 # Wait for instances to be created and initialized
Configure autoscaling for instance groups
echo "Configuring autoscaling for instance group 1..."
gcloud compute instance-groups managed set-autoscaling instance-group-1
--max-num-replicas=5
--target-cpu-utilization=0.8
--cool-down-period=45
--zone=$ZONE_1
echo "Configuring autoscaling for instance group 2..."
gcloud compute instance-groups managed set-autoscaling instance-group-2
--max-num-replicas=5
--target-cpu-utilization=0.8
--cool-down-period=45
--zone=$ZONE_2
sleep 30 # Wait for autoscaling to be configured
Create utility VM
echo "Creating utility VM..."
gcloud compute instances create utility-vm
--zone=$ZONE_1
--machine-type=e2-micro
--network=$NETWORK
--subnet=$SUBNET_A
--private-network-ip=10.10.20.50
check_resource "compute instances" "utility-vm --zone=$ZONE_1"
Create health check
echo "Creating health check..."
gcloud compute health-checks create tcp my-ilb-health-check
--port=80
--region=$REGION
sleep 10 # Wait for health check to be created
Create backend service
echo "Creating backend service..."
gcloud compute backend-services create my-ilb-backend-service
--load-balancing-scheme=internal
--protocol=tcp
--region=$REGION
--health-checks=my-ilb-health-check
--health-checks-region=$REGION
check_resource "compute backend-services" "my-ilb-backend-service --region=$REGION"
Add instance groups to backend service
echo "Adding instance groups to backend service..."
gcloud compute backend-services add-backend my-ilb-backend-service
--instance-group=instance-group-1
--instance-group-zone=$ZONE_1
--region=$REGION
gcloud compute backend-services add-backend my-ilb-backend-service
--instance-group=instance-group-2
--instance-group-zone=$ZONE_2
--region=$REGION
sleep 30 # Wait for backends to be added
Create internal IP address
echo "Creating internal IP address..."
gcloud compute addresses create my-ilb-ip
--region=$REGION
--subnet=$SUBNET_B
--addresses=10.10.30.5
check_resource "compute addresses" "my-ilb-ip --region=$REGION"
Create forwarding rule
echo "Creating forwarding rule..."
gcloud compute forwarding-rules create my-ilb-forwarding-rule
--load-balancing-scheme=internal
--network=$NETWORK
--subnet=$SUBNET_B
--address=my-ilb-ip
--ports=80
--region=$REGION
--backend-service=my-ilb-backend-service
check_resource "compute forwarding-rules" "my-ilb-forwarding-rule --region=$REGION"
echo "Setup complete!"
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.