Log in to Google Compute Engine instance if ssh port is disabled by firewall

One of our developers forgot to add port 22 into allow list of firewall (Ubuntu Ufw). There are 2 way to resolve this problem:

  1. If you still have user/password of that VM, connect to the VM via Serial Port then login to open ssh port again.  
  2. If you don't have user/password (My case), add a Startup Script to that VM then restart it. Start up script responsible is open port when the VM starts.  
Then ... You have your VM back, Cheer!

[GCP] Why I choose Google Cloud Platform over Aws or Azure

My cloud story began with an EC2 instance of Aws Free Tier five years ago, at the first time, it's cool, it's shining, it's cheap without any infrastructure initial cost, it's easy to manage. Then I go deep dive with more components S3, Route 53, Lambda, Load balancing, Redshift to build my first cloud-based system. These days so beautiful !!!

Then my system gets bigger rapidly, it's slow down and stuck with performance issues. I remember that my EC2 instances were really slow in disk IO (40-60 MB/s) and internal network speed.

I asked myself where to go now? Switch to SSD disk? Increase instance size (burn more thousands dollar)? Migrate back to Digital Ocean? Give other cloud providers a try?

The second try with Azure does not bring any light-at-the-end-of-the-tunnel. Very high price, complicated admin dashboard which still shows everything in one page web app, poor document.

Finally,  I felt in love with GCP, it's simple, good enough, blazing fast and much cheaper, besides some pros including global fiber network, server-less compute framework, terabyte big data processing, ... It's cut off my 40% cost, increase performance (x2 to x3) on internal services.

Disclaimer: From 2016, I am GCP expert qualified by Google. 

[GCP] How to move google compute engine between projects

Question: I have 2 dedicate Google cloud project A and B, one day I want to move instance call "Rolling" from project A to project B, how can I do that?

Prerequisite: My account must have right to access to all projects
1 - Go to project A admin
1 - Create snapshot of Rolling in Compute Engine / Snapshots
2 - Create new Compute Engine instance from Rolling's snapshot
3 - Uncheck "delete boot disk when deleting instance" and delete the new instance
4 - Go to in Compute Engine / Images then create an image from this disk.
5 - Go to project B admin then create new Compute Engine instance with boot disk is image from project A




Add multi IPv4 address in Ubuntu 16.04


  • Check current ip config
    • root@test:~# ifconfig
      ens3      Link encap:Ethernet  HWaddr 56:00:00:47:7f:96
                inet addr:45.76.157.210  Bcast:45.76.157.255  Mask:255.255.254.0
                inet6 addr: fe80::5400:ff:fe47:7f96/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:59627 errors:0 dropped:0 overruns:0 frame:0
                TX packets:57037 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:1000
                RX bytes:7648404 (7.6 MB)  TX bytes:8769103 (8.7 MB)
      
      lo        Link encap:Local Loopback
                inet addr:127.0.0.1  Mask:255.0.0.0
                inet6 addr: ::1/128 Scope:Host
                UP LOOPBACK RUNNING  MTU:65536  Metric:1
                RX packets:0 errors:0 dropped:0 overruns:0 frame:0
                TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:1
                RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

  • Add ip address
    • root@test:~# ip addr add 45.32.106.135/24 dev ens3

  • Ping your server new ip
    • ~ ping 45.32.106.135
      PING 45.32.106.135 (45.32.106.135): 56 data bytes
      64 bytes from 45.32.106.135: icmp_seq=0 ttl=50 time=105.808 ms
      64 bytes from 45.32.106.135: icmp_seq=1 ttl=50 time=112.308 ms
      64 bytes from 45.32.106.135: icmp_seq=2 ttl=50 time=103.794 ms
      ^C
      --- 45.32.106.135 ping statistics ---
      3 packets transmitted, 3 packets received, 0.0% packet loss
      round-trip min/avg/max/stddev = 103.794/107.303/112.308/3.633 ms
      

  • To keep that ip after reboot, add below config at the end of file /etc/network/interface
      auto ens3:0
      iface ens3:0 inet static
        address fff.fff.fff.fff
        netmask 255.255.254.0
      

  • Check ip address of your server
      root@test:~# ip address list
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
          inet 127.0.0.1/8 scope host lo
             valid_lft forever preferred_lft forever
          inet6 ::1/128 scope host
             valid_lft forever preferred_lft forever
      2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
          link/ether 56:00:00:47:7f:96 brd ff:ff:ff:ff:ff:ff
          inet 45.76.157.210/23 brd 45.76.157.255 scope global ens3
             valid_lft forever preferred_lft forever
          inet 45.32.106.135/23 brd 45.32.107.255 scope global ens3:0
             valid_lft forever preferred_lft forever
          inet 45.32.105.93/23 brd 45.32.105.255 scope global ens3:0
             valid_lft forever preferred_lft forever
          inet 45.32.115.164/24 scope global ens3
             valid_lft forever preferred_lft forever
          inet 45.76.150.235/24 scope global ens3
             valid_lft forever preferred_lft forever
          inet 45.76.156.52/23 brd 45.76.157.255 scope global secondary ens3:0
             valid_lft forever preferred_lft forever
          inet6 fe80::5400:ff:fe47:7f96/64 scope link
             valid_lft forever preferred_lft forever
      3: ens7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
          link/ether 5a:00:00:47:7f:96 brd ff:ff:ff:ff:ff:ff
      

About me

I, Tu Pham is a passionate developer who comes from Vietnam, who have multiple responsibilities:

As a CTO of digital agency & marketing SaaS Dyno,  I have responsible for the technical decisions and architecture for the products, which are built on top of Google's Cloud Platform, Amazon Web Service, Window Azure and some others IaaS, PaaS, SaaS services.

As a Google Developer Expert on the Cloud Platform, I help companies and startups choose their technological stack; make sense of their data using Big Data analytics, expose APIs, and build a high available, cost-effective scalable system.

As an open source contributor, public speaker, blog writer, I just want to give back to the community, which gives me and all of you too much good things to learn and develop our self.

AND the last and most importance is as a father of a little boy, I want and trying to raise my son as best as I can do, and love my wife, and keep this small world safe and peaceful.

Ping me at: phamptu [@] gmail [.] com