星期一, 4月 27, 2020

GCP gcloud 切換多帳號小記

GCP gcloud 切換多帳號小記

有時候因為專案的關係, 或是要分開私人帳號與公司帳號, GCP 可能會需要以不同的帳號來操作.
今天就來整理 gcloud 如何切換不同的帳號


gcloud 相關設定位置
  • ~/.config/gcloud/

gcloud 設定檔位置
  • ~/.config/gcloud/configurations/


首先來觀察, 目前有多少 configuration ?
列出所有 configuration 設定
  • gcloud config configurations list - lists existing named configurations

> gcloud  config  configurations list

NAME     IS_ACTIVE  ACCOUNT              PROJECT                DEFAULT_ZONE  DEFAULT_REGION
default  True       YOUR_NAME@gmail.com  steadfast-task-238409  asia-east1-a  asia-east1

  • 這邊可以觀察到只有1個設定檔


接下來列出目前 active configuration 設定
  • gcloud  config  list - list Cloud SDK properties for the currently active configuration

$ gcloud  config  list

[compute]
region = asia-east1
zone = asia-east1-a
[core]
account = YOUR_NAME@gmail.com
disable_usage_reporting = True
project = steadfast-task-238409

Your active configuration is: [default]

  • 這邊可以觀察到目前啟用的設定檔
    • 預設 region / zone
    • account email
    • 預設的專案
    • 設定檔名稱


最後列出所有 account 設定
  • gcloud  auth  list  -  lists credentialed accounts

$ gcloud  auth  list

   Credentialed Accounts
ACTIVE  ACCOUNT
*       YOUR_NAME@gmail.com

  • 目前也是只有一個 account


接下來進入多帳號的設定, 想法如下
  • 建立另外一個設定檔, 使用不同的 account ( e-mail )
  • 不同專案就不另外建立設定檔, 而是採用在 gcloud 指令的選項中, 透過 --project 來指定專案

透過 gcloud  init 來新增另外一個設定檔

> gcloud  init

Welcome! This command will take you through the configuration of gcloud.

Settings from your current configuration [default] are:
compute:
  region: asia-east1
  zone: asia-east1-a
core:
  account: YOUR_NAME@gmail.com
  disable_usage_reporting: 'True'
  project: steadfast-task-238409

Pick configuration to use:
 [1] Re-initialize this configuration [default] with new settings 
 [2] Create a new configuration
Please enter your numeric choice:  2 (輸入 2, 新增設定 )

Enter configuration name. Names start with a lower case letter and 
contain only lower case letters a-z, digits 0-9, and hyphens '-':  lab (輸入設定檔名稱)
Your current configuration has been set to: [lab]

You can skip diagnostics next time by using the following flag:
  gcloud init --skip-diagnostics

Network diagnostic detects and fixes local network connection issues.
Checking network connection...done.                                                                                
Reachability Check passed.
Network diagnostic passed (1/1 checks passed).

Choose the account you would like to use to perform operations for 
this configuration:
 [1] YOUR_NAME@gmail.com
 [2] Log in with a new account
Please enter your numeric choice:  2 ( 登入新的 account )

Your browser has been opened to visit: (瀏覽器會開啟, 執行登入動作)

    https://accounts.google.com/o/oauth2/auth?code_challenge=0-smYcBiF296tCbNO_F-2sXFlAb8sN8fehvCa934QHc&prompt=select_account&code_challenge_method=S256&access_type=offline&redirect_uri=http%3A%2F%2Flocalhost%3A8085%2F&response_type=code&client_id=32553940559.apps.googleusercontent.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud-platform+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fappengine.admin+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcompute+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Faccounts.reauth


正於現有瀏覽器工作階段中開啟。
You are logged in as: [YOUR_NAME2@gmail.com].

Pick cloud project to use: 
 [1] amazing-ripple-359511
 [2] fluent-music-263505
 [3] single-howl-271209
 [4] yjhung
 [5] Create a new project
Please enter numeric choice or text value (must exactly match list 
item):  3 ( 選取要成為預設的專案 )
Your current project has been set to: [single-howl-271209].

Do you want to configure a default Compute Region and Zone? (Y/n)?  Y ( 設定預設的 Region 與 Zone )

Which Google Compute Engine zone would you like to use as project 
default?
If you do not specify a zone via a command line flag while working 
with Compute Engine resources, the default is assumed.
 [1] us-east1-b
 [2] us-east1-c
 [3] us-east1-d
 [4] us-east4-c
 [5] us-east4-b
 [6] us-east4-a
 [7] us-central1-c
 [8] us-central1-a
 [9] us-central1-f
 [10] us-central1-b
 [11] us-west1-b
 [12] us-west1-c
 [13] us-west1-a
 [14] europe-west4-a
 [15] europe-west4-b
 [16] europe-west4-c
 [17] europe-west1-b
 [18] europe-west1-d
 [19] europe-west1-c
 [20] europe-west3-c
 [21] europe-west3-a
 [22] europe-west3-b
 [23] europe-west2-c
 [24] europe-west2-b
 [25] europe-west2-a
 [26] asia-east1-b
 [27] asia-east1-a
 [28] asia-east1-c
 [29] asia-southeast1-b
 [30] asia-southeast1-a
 [31] asia-southeast1-c
 [32] asia-northeast1-b
 [33] asia-northeast1-c
 [34] asia-northeast1-a
 [35] asia-south1-c
 [36] asia-south1-b
 [37] asia-south1-a
 [38] australia-southeast1-b
 [39] australia-southeast1-c
 [40] australia-southeast1-a
 [41] southamerica-east1-b
 [42] southamerica-east1-c
 [43] southamerica-east1-a
 [44] asia-east2-a
 [45] asia-east2-b
 [46] asia-east2-c
 [47] asia-northeast2-a
 [48] asia-northeast2-b
 [49] asia-northeast2-c
 [50] asia-northeast3-a
Did not print [21] options.
Too many options [71]. Enter "list" at prompt to print choices fully.
Please enter numeric choice or text value (must exactly match list 
item): 27 (我選臺灣)
Your project default Compute Engine zone has been set to [asia-east1-a].
You can change it by running [gcloud config set compute/zone NAME].

Your project default Compute Engine region has been set to [asia-east1].
You can change it by running [gcloud config set compute/region NAME].

Your Google Cloud SDK is configured and ready to use!

* Commands that require authentication will use YOUR_NAME2@gmail.com by default
* Commands will reference project `single-howl-271209` by default
* Compute Engine commands will use region `asia-east1` by default
* Compute Engine commands will use zone `asia-east1-a` by default

這樣就設定成功了

按照剛剛的指令來進行觀察

> gcloud  config  configurations list

NAME     IS_ACTIVE  ACCOUNT                PROJECT                DEFAULT_ZONE  DEFAULT_REGION
default  False      YOUR_NAME@gmail.com   steadfast-task-238409  asia-east1-a  asia-east1
lab      True       YOUR_NAME2@gmail.com  single-howl-271209     asia-east1-a  asia-east1

  • 這邊可以觀察到有兩個設定檔, 兩個 account
  • 目前啟用的是剛剛建立的 lab

觀察目前啟用的設定檔
> gcloud  config  list

[compute]
region = asia-east1
zone = asia-east1-a
[core]
account =  YOUR_NAME2@gmail.com
disable_usage_reporting = True
project = single-howl-271209

Your active configuration is: [lab]

觀察帳號

> gcloud  auth  list

    Credentialed Accounts
ACTIVE  ACCOUNT
*       YOUR_NAME2@gmail.com
        YOUR_NAME@gmail.com

  • 這邊可以觀察到 啟用的是 YOUR_NAME2@gmail.com


進行簡單的指令測試

> gcloud  projects  list

PROJECT_ID             NAME              PROJECT_NUMBER
single-howl-271209     maxtest           64278264160


接下來進行設定檔切換

觀察目前的設定檔

> gcloud  config  configurations list

NAME     IS_ACTIVE  ACCOUNT                PROJECT                DEFAULT_ZONE  DEFAULT_REGION
default  False      YOUR_NAME@gmail.com   steadfast-task-238409  asia-east1-a  asia-east1
lab      True       YOUR_NAME2@gmail.com  single-howl-271209     asia-east1-a  asia-east1


> gcloud  config  configurations activate  default

Activated [default].

  • 切換到 default

再次觀察
> gcloud  config  configurations list

NAME     IS_ACTIVE  ACCOUNT                PROJECT                DEFAULT_ZONE  DEFAULT_REGION
default  True       YOUR_NAME@gmail.com   steadfast-task-238409  asia-east1-a  asia-east1
lab      False      YOUR_NAME2@gmail.com  single-howl-271209     asia-east1-a  asia-east1

> gcloud  auth  list

    Credentialed Accounts
ACTIVE  ACCOUNT
        YOUR_NAME2@gmail.com
*        YOUR_NAME@gmail.com


使用簡單的指令觀察

> gcloud  projects  list

PROJECT_ID             NAME                      PROJECT_NUMBER
sakanatest             sakanatest                905434913606


這樣就達成我們的目的了
以後可以簡單的 
  • 觀察目前的 account
    • gcloud  auth  list 
  • 切換設定檔
    • gcloud  config  configurations activate 設定檔名稱 

~ enjoy it


Reference: