Lately I work primarily with Google Public Cloud (GCP) and in particular with Kubernetes services (GKE). As result my daily routine command line tools are gcloud, kubectl, nomos and other. And when the GCP cloud shell is really amazing environment which doesn’t require any effort to fire up, sometimes it is not possible to use. When it comes to work from your own laptop you have different options. You can install the tools like Google Cloud SDK following several simple steps from the Google website or you can prepare a docker image and run it in a container. I personally prefer the second way. In such case I can periodically update entire environment without too much effort and easily can span a new environment on any laptop fairly quickly. Here I am sharing what I personally use for my day-to-day activity.
The installation is simple, you run the git to clone the repo, build the image, setup your credentials and you are good to go. Let’s go through the steps. You should of course have the git and the docker already installed.
Clone the repository:
gleb_otochkin@tools-box-01:~$ git clone https://github.com/gotochkin/gcpkubetool.git Cloning into 'gcpkubetool'... remote: Enumerating objects: 36, done. remote: Counting objects: 100% (36/36), done. remote: Compressing objects: 100% (27/27), done. remote: Total 36 (delta 19), reused 22 (delta 8), pack-reused 0 Unpacking objects: 100% (36/36), done. gleb_otochkin@tools-box-01:~$
Build the image:
gleb_otochkin@tools-box-01:~/gcpkubetool$ docker build --force-rm --tag gcloud:latest . Sending build context to Docker daemon 161.8kB Step 1/4 : FROM gcr.io/google.com/cloudsdktool/cloud-sdk:latest latest: Pulling from google.com/cloudsdktool/cloud-sdk c4cc477c22ba: Pull complete 109862763030: Pull complete d0961afe0f2c: Pull complete 6c00d9ccc731: Pull complete ... redacted ... uccessfully built dab3fa2d9a8d Successfully tagged gcloud:latest gleb_otochkin@tools-box-01:~/gcpkubetool$
Get the Google Cloud credentials:
leb_otochkin@tools-box-01:~/gcpkubetool$ docker run -ti --name gcloud-config gcr.io/google.com/cloudsdktool/cloud-sdk:latest gcloud auth login You are running on a Google Compute Engine virtual machine. It is recommended that you use service accounts for authentication. You can run: $ gcloud config set account `ACCOUNT` to switch accounts if necessary. Your credentials may be visible to others with access to this virtual machine. Are you sure you want to authenticate with your personal account? Do you want to continue (Y/n)? Y ... redacted ... Your current project is [sandbox]. You can change this setting by running: $ gcloud config set project PROJECT_ID gleb_otochkin@tools-box-01:~/gcpkubetool$
It creates a container with a shared volume which keeps your credentials for Google Cloud. So, it will keep it separately even when you modify or update your container with the tools.
And now we can start our container and work with the cloud. The first step if you work with GKE is to get credentials for you Kubernetes cluster.
gleb_otochkin@tools-box-01:~/gcpkubetool$ docker run -ti --rm --volumes-from gcloud-config gcloud:latest /bin/bash root@a2e04f8d930d:/# gcloud container clusters get-credentials us-sandbox-cluster --region us-central1 --project sandbox Fetching cluster endpoint and auth data. kubeconfig entry generated for us-sandbox-cluster.
Now you have all credentials saved and don’t need to retrieve it when you fire your container again. You probably have noticed I am using “–rm” option when I start the container. It is going to be destroyed when I disconnect.
gleb_otochkin@tools-box-01:~/gcpkubetool$ docker run -ti --rm --volumes-from gcloud-config gcloud:latest /bin/bash root@f05f4d6c485f:/# k get ns NAME STATUS AGE anthos-gcp Active 52d cnrm-system Active 52d config-management-monitoring Active 52d config-management-system Active 52d configconnector-operator-system Active 52d default Active 52d gke-mcs Active 33d kms-management Active 52d kube-node-lease Active 52d kube-public Active 52d kube-system Active 52d resource-group-system Active 52d root@f05f4d6c485f:/#
The image includes the GCP SDK with gcloud, gsutil and other tools to work with GCP resources. Apart from that it has some tools I use more or less frequently. Let me list those.
- Vim and telnet client don’t need introduction and I use them all the time.
- Google Cloud SDK installed following the instruction from the Google website
- kubectl with “k” alias and command completion.
- kubectx – if you are tired to type namespace overtime when you run kubectl.
- Great tool k9s from https://k9scli.io/ which provides tons of options and help with troubleshooting and digging deep to to the problems.
- mssql-cli from by https://www.dbcli.com/ to support “gcloud sql connect” and to test connections and work with SQL Server in Cloud SQL service.
- The nomos tool is not installed by default since it requires to be authorized by Google. You can easily install it running “gsutil cp gs://config-management-release/released/latest/linux_amd64/nomos /usr/bin/nomos; chmod +x /usr/bin/nomos” in your container.
I hope it could be useful for some people and if you think you can improve the image and share some other useful tools please let me know.