Deploying apps to a Google Cloud Engine VM instance

I'm really new to the world of Google Cloud and I couldn't be more confused. I took advantage of the always free tier to get a Google Cloud Engine VM instance and wanted to use it to do some testing for a couple of things I'm developing.

I've managed Linux servers before with VPS instances, but in this specific case I'm very confused how to actually automatically deploy any of my apps to this GCE VM.

My apps are hosted on Github, so I'm trying to make use of Github Actions, unfortunately most options available require me to create Docker images, push them to Google's Container Registry and then deploy them (like this official one).

Unfortunately the documentation is telling me that I can only run a single image per VM instance, which is fair as I think that's a docker limitation.

Here's the problem, I don't have nearly enough knowledge to set up a docker compose or coordinate pushing images to Google Cloud's container registry. I just have no idea how even start learning that.

Is there absolutely no way for me to run a more traditional web server (Nginx hosting API + Front-end) by just using SSH to log into the VM instance and pulling changes from Github?

I've tried using the ssh command to log into one of the accounts on the server, but I don't think the port is even open to allow me to do that.

The gcloud command doesn't seem to allow me to provide a JSON key for the service accounts to log in either so I'm completely lost on how I could possibly accomplish this.

Any advice on how I could get around these problems?


Solution 1:

I cannot help you regarding your CI/CD question. However, you can configure OS Login to access your VM with your service account:

  1. -Enable OS Login in project-wide metadata so that it applies to all of the instances in your project:
gcloud compute project-info add-metadata --metadata enable-oslogin=TRUE 
  1. Generate Service Account Key file:
gcloud iam service-accounts keys create --iam-account [ACCOUNT] [FILE].json

The [FILE].json file will be downloaded into the path directory where you ran the command.

  1. Activate service account:

gcloud auth activate-service-account --key-file=[FILE].json

  1. Adding SSH keys to a user account

    1. Switch to service account
    gcloud config set account [ACCOUNT]
    
    1. Add SSH key
    gcloud compute os-login ssh-keys add --key-file ~/.ssh/id_rsa.pub
    
    1. Switch back from service account
    gcloud config set account [email protected]
    
  2. Gather service account uniqueId

gcloud iam service-accounts describe [ACCOUNT] --format='value(uniqueId)'

You can now ssh into any instance of the project by using a service account:

ssh -i .ssh/id_rsa [sa_<uniqueId>]@[INSTANCE_IP]

Note that we prefixed the uniqueId with sa_

More info: OS Login