1. Create a new project (optional)
A project forms the basis for creating, enabling and using all GCP services, managing APIs, enabling billing, adding and removing collaborators, and managing permissions. You would need browse to the GCP cloud resource manager and click on create project to get started. You can follow these instructions to create a new GCP project.
Give the project a suitable name (eg:
yugabyte-gcp) and note the project ID (eg:
yugabyte-gcp). You should see a dialog that looks like the screenshot below.
2. Set up a new service account
YugaWare admin console requires a service account with the appropriate permissions to provision and manage compute instances. Go to the
IAM & admin ->
Service accounts and click on
Create Service Account. You can follow these instructions to create a service account.
Fill the form with the following values:
- Service account name is
yugaware(you can customize the name if needed).
- Set role to
- Check the box for
Furnish a new private key, choose
Here is a screenshot with the above values in the form, click create once the values are filled in.
NOTE: Your browser would have downloaded the respective JSON format key. It is important to store it safely. This JSON key is needed to configure the YugaWare Admin Console.
3. Give permissions to the service account
- Find the email address associated with the service account by going to
IAM & admin->
Service accounts. Copy this value. The screen should look as shown below.
- Next, browse to
IAM & admin->
IAMand click on
ADD. Add the compute admin role for this service account. A screenshot is shown below.
4. Creating a firewall rule
In order to access YugaWare from outside the GCP environment, you would need to enable firewall rules. You will at minimum need to:
- Access the YugaWare instance over ssh (port tcp:22)
- Check, manage and upgrade YugaWare (port tcp:8800)
- View the YugaWare console ui (port tcp:80)
Let us create a firewall entry enabling all of that!
VPC network ->
Firewall rules tab:
NOTE: If this is a new project, you might see a message saying
Compute Engine is getting ready. If so, you would need to wait for a while. Once complete, you should see the default set of firewall rules for your default network, as shown below.
Click on the
CREATE FIREWALL RULE button and fill in the following.
yugaware-firewall-ruleas the name (you can change the name if you want).
- Add a description (eg:
Firewall setup for YugaWare Admin Console).
- Add a tag
Target tagsfield. This will be used later when creating instances.
- Add the appropriate ip addresses to the
Source IP rangesfield. To allow access from any machine, add
0.0.0.0/0but note that this is not very secure.
- Add the ports
Protocol and portsfield.
You should see something like the screenshot below, click
5. Provision instance for YugaWare
Create an instance to run YugaWare. In order to do so, go to
Compute Engine ->
VM instances and click on
Create. Fill in the following values.
yugaware-1as the name.
- Pick a region/zone (eg:
n1-standard-4) as the machine type.
- Change the boot disk image to
Ubuntu 16.04and increase the boot disk size to
- Open the
Management, disks, networking, SSH keys->
yugaware-serveras the network tag (or the custom name you chose when setting up the firewall rules).
- Switch to the
SSH Keystab and add a custom public key and login user to this instance. First create a key-pair.
You can do this as shown below.
$ ssh-keygen -t rsa -f ~/.ssh/yugaware-1-gcp -C centos
Set the appropriate credentials for the ssh key.
$ chmod 400 ~/.ssh/yugaware-1-gcp
Now enter the contents of
yugaware-1-gcp.pub as the value for this field.
Here are the detailed instructions to create a new SSH key pair, as well as the expected format for this field (eg:
ssh-rsa [KEY_VALUE] [USERNAME]). This is important to enable
ssh access to this machine.
Note on boot disk customization:
Note on networking customization:
Create to launch the YugaWare server.
6. Connect to the YugaWare machine
From the GCP web management console, find the public ip address of the instance we just launched.
You can connect to this machine by running the following command (remember to replace
XX.XX.XX.XX below with the ip address, and also to enter the appropriate ssh key instead of
$ ssh -i ~/.ssh/yugaware-1-gcp [email protected]