Slalom DIGITAL X 2023 (#2)

* slalom

* sa and key fix

* own image

* branch fix

* slalom logo

* pub temp

* os-login fix

* paper update

* remove favicon

* debian 12

* wifi help

* text update

* limit duration

* add quota

* test message without button

* 4min

* short url

* timeout

* more timeout

* e2-micro

* e2-micro costs

* nano removed

* digital x 2023

* new name

* python fix

Author: Cyclenerd

.gitignore

@@ -40,7 +40,10 @@ terraform.rc
 
 *.zip
 
+*.db
+
 sourcerepo-url.sh
 variables.sh
 dns-name-servers.txt
-pi-private-key.json
+pi-private-key.json
+copy.sh

QUOTA.md

@@ -9,8 +9,8 @@ The following quotas can affect scaling.
 | Identity and Access Management (IAM) API | Service Account Count    |            | 100   | ✔️ We use one service account for all VMs.                      |
 | Cloud Build API                          | Concurrent builds        |            | 30    | ✔️ All jobs are queued. 30 in parallel, then jobs have to wait. |
 | Compute Engine API                       | Static IP addresses      | Region     | 700   | ⚠️ Seems to be the limiting factor.                             |
-| Compute Engine API                       | In-use IP addresses      | Region     | 2300  | > 700 * g1-small                                                |
-| Compute Engine API                       | CPUs                     | Region     | 2400  | > 700 * g1-small                                                |
+| Compute Engine API                       | In-use IP addresses      | Region     | 2300  | > 700 * e2-micro                                                |
+| Compute Engine API                       | CPUs                     | Region     | 2400  | > 700 * e2-micro                                                |
 | Compute Engine API                       | Persistent Disk SSD (GB) | Region     | 82 TB | > 700 * 25 GB                                                   |
 | Cloud Scheduler API                      | Jobs                     | Region     | 5000  | > 700 VMs                                                       |
 

README.md

@@ -1,8 +1,10 @@
-# Shells on Demand Appliance (Google Compute Engine)
+# Server on Demand Appliance (Google Compute Engine)
 
 **Get your own Google Compute Engine virtual machine (VM) with the simple push of a button.**
 
-[![Image: Shells on Demand Appliance (Google Compute Engine)](./img/soda-gce-photo.jpg)](./img/README.md)
+![Image: Server on Demand Appliance (Google Compute Engine)](./img/soda-gce-photo.jpg)
+
+![Image: Server on Demand Appliance at DIGITAL X 2023](./img/soda-gce-digitalx-2023.jpg)
 
 This project is intended to show how quickly and easily virtual machines can be configured and set up using Google Cloud and Infrastructure as Code (IaC) tools.
 You have the choice between four Linux based operating systems.
@@ -17,11 +19,11 @@ This project also shows you how well the Google Cloud can scale.
 Tested with over 100 VMs. [700 VMs](./QUOTA.md) is the default limit.
 
 ## 🤔 Why
-I saw the Shells On Demand Appliance "SODA" from National Upcycled Computing Collective (NUCC) at the DEF CON 30 conference in Las Vegas. Unfortunately not in person but in this [YouTube video](https://www.youtube.com/watch?v=e69zcwISo3Y).
+I saw the Server on Demand Appliance "SODA" from National Upcycled Computing Collective (NUCC) at the DEF CON 30 conference in Las Vegas. Unfortunately not in person but in this [YouTube video](https://www.youtube.com/watch?v=e69zcwISo3Y).
 
 TL;DR: It's a vending machine. You pay, press a button and get your own virtual machine (VM).
 
-![Image: Shells on Demand Appliance at DEF CON 30](./img/soda-las_vegas.jpg)
+![Image: Server on Demand Appliance at DEF CON 30](./img/soda-las_vegas.jpg)
 
 *Image Source: [@strangepartscom](https://twitter.com/strangepartscom/status/1558566808205987840/), [@Zhoratrope](https://twitter.com/Zhoratrope/status/1558160122957799424)*
 
@@ -94,7 +96,7 @@ The following technologies are used:
 </details>
 
 
-All components put together correctly result in the Shells on Demand Appliance Google Cloud version.
+All components put together correctly result in the Server on Demand Appliance Google Cloud version.
 
 ## 🪄 Process of creating a VM
 
@@ -146,25 +148,25 @@ further steps are executed in the cloud.
 
 The following configuration is used by default:
 
-* Machine type: [`g1-small`](https://gcloud-compute.com/g1-small.html)
-	* vCPU: 1 shared Intel (x86/64)
-	* Memory: 1.7 GB
+* Machine type: [`e2-micro`](https://gcloud-compute.com/e2-micro.html)
+	* vCPU: 2 shared Intel (x86/64)
+	* Memory: 1 GB
 * Disk:
 	* Type: [Balanced persistent disk](https://cloud.google.com/compute/docs/disks#disk-types) (SSD)
 	* Size: 25 GB
 * External IP address: Premium
-* Region: [`europe-west1`](https://gcloud-compute.com/europe-west1/g1-small.html) (Belgium) 
+* Region: [`europe-west1`](https://gcloud-compute.com/europe-west1/e2-micro.html) (Belgium) 
 
 **Costs:**
 
-Estimated cost per `g1-small` VM, without guarantee:
+Estimated cost per `e2-micro` VM, without guarantee:
 
 |                  | $ 1h     | $ 3h   |
 |------------------|----------|--------|
-| CPU and memory   | `0.0285` | `0.09` |
+| CPU and memory   | `0.0092` | `0.03` |
 | Disk (25GB)¹     | `0.0034` | `0.01` |
 | Static public IP | `0.0034` | `0.01` |
-| **Total**        | `0.0353` | `0.11` |
+| **Total**        | `0.0160` | `0.05` |
 
 ¹ Disk: 0.1 USD per 1 GB and month,
 25 GB per month = 2.50 USD,
@@ -180,7 +182,7 @@ There are other small costs for:
 * Cloud DNS managed zone
 * Network Internet egress traffic
 
-Source: [Google Cloud Pricing Calculator](https://cloud.google.com/products/calculator/#id=4ca15321-259b-46b4-9cf5-1f48b8536ec7)
+Source: [Google Cloud Pricing Calculator](https://cloud.google.com/products/calculator/#id=7b564b38-e2c4-43bc-8e50-9a21b71d0c48)
 
 ## 🚀 Setup
 

cloudbuild/create.yml

@@ -1,6 +1,6 @@
 # Create VM
 steps:
-  - name: cyclenerd/google-cloud-gcp-tools-container:latest
+  - name: europe-west1-docker.pkg.dev/tor-p-a-nils-snd-soda/cointainer/google-cloud-gcp-tools-container:latest
     entrypoint: "bash"
     args:
       - "-c"
@@ -25,7 +25,7 @@ steps:
         # Exit if SHA512 hash is less than 100 chars
         if [ $(jq -er '.password' < "/workspace/data.json" | wc -c) -lt "100" ]; then echo "SHA512 password hash too short!"; exit 9; fi
 
-  - name: cyclenerd/google-cloud-gcp-tools-container:latest
+  - name: europe-west1-docker.pkg.dev/tor-p-a-nils-snd-soda/cointainer/google-cloud-gcp-tools-container:latest
     entrypoint: "bash"
     args:
       - "-c"
@@ -37,7 +37,7 @@ steps:
         echo "Public Key :"
         cat "/workspace/ssh.key.pub" || exit 9
 
-  - name: cyclenerd/google-cloud-gcp-tools-container:latest
+  - name: europe-west1-docker.pkg.dev/tor-p-a-nils-snd-soda/cointainer/google-cloud-gcp-tools-container:latest
     entrypoint: "bash"
     args:
       - "-c"
@@ -75,7 +75,7 @@ steps:
           -var="image=$(jq -er '.image' < "/workspace/data.json")" \
           -auto-approve || exit 9
 
-  - name: cyclenerd/google-cloud-gcp-tools-container:latest
+  - name: europe-west1-docker.pkg.dev/tor-p-a-nils-snd-soda/cointainer/google-cloud-gcp-tools-container:latest
     entrypoint: "bash"
     args:
       - "-c"
@@ -87,7 +87,7 @@ steps:
         echo "'"
         bash "/workspace/cloudbuild/wait-for-ssh.sh" || exit 9
 
-  - name: cyclenerd/google-cloud-gcp-tools-container:latest
+  - name: europe-west1-docker.pkg.dev/tor-p-a-nils-snd-soda/cointainer/google-cloud-gcp-tools-container:latest
     entrypoint: "bash"
     args:
       - "-c"

cloudbuild/destroy.yml

@@ -1,6 +1,6 @@
 # Destroy VM
 steps:
-  - name: cyclenerd/google-cloud-gcp-tools-container:latest
+  - name: europe-west1-docker.pkg.dev/tor-p-a-nils-snd-soda/cointainer/google-cloud-gcp-tools-container:latest
     entrypoint: "bash"
     args:
       - "-c"
@@ -13,7 +13,7 @@ steps:
         echo 'Project Nr             : $PROJECT_NUMBER'
         echo 'Region                 : $LOCATION'
 
-  - name: cyclenerd/google-cloud-gcp-tools-container:latest
+  - name: europe-west1-docker.pkg.dev/tor-p-a-nils-snd-soda/cointainer/google-cloud-gcp-tools-container:latest
     entrypoint: "bash"
     args:
       - "-c"

cloudbuild/gce-vm-ansible.yml

@@ -34,7 +34,7 @@
         append: true
 
     #############################################
-    # Debian 11 / Ubuntu 22.04 LTS
+    # Debian 12 / Ubuntu 22.04 LTS
     # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html
     #############################################
     - name: Install Lighttpd on Debian
@@ -79,17 +79,12 @@
     # Rock Linux 9
     # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/dnf_module.html
     #############################################
-    - name: Install GNU nano on Rocky Linux
-      when: ansible_distribution == "Rocky"
-      ansible.builtin.dnf:
-        name: nano
-        state: present
-        update_cache: true
     - name: Install Nginx on Rocky Linux
       when: ansible_distribution == "Rocky"
       ansible.builtin.dnf:
         name: nginx
         state: present
+        update_cache: true
     - name: Install PHP on Rocky Linux
       when: ansible_distribution == "Rocky"
       ansible.builtin.dnf:
@@ -114,17 +109,12 @@
     # openSUSE Leap (15)
     # https://docs.ansible.com/ansible/latest/collections/community/general/zypper_module.html
     #############################################
-    - name: Install GNU nano on openSUSE
-      when: ansible_distribution == "openSUSE Leap"
-      community.general.zypper:
-        name: nano
-        state: present
-        update_cache: true
     - name: Install Apache on openSUSE
       when: ansible_distribution == "openSUSE Leap"
       community.general.zypper:
         name: apache2
         state: present
+        update_cache: true
     - name: Install PHP on openSUSE
       when: ansible_distribution == "openSUSE Leap"
       community.general.zypper:

cloudbuild/gce-vm-terraform.tf

@@ -1,5 +1,5 @@
 /*
- * Copyright 2022 Nils Knieling
+ * Copyright 2022-2023 Nils Knieling
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -101,14 +101,14 @@ variable "machine_type" {
   type        = string
   nullable    = false
   description = "Google Compute Engine machine type"
-  default     = "g1-small"
+  default     = "e2-micro"
 }
 
 variable "image" {
   type        = string
   nullable    = false
   description = "Google Compute Engine operating system image"
-  default     = "debian-cloud/debian-11"
+  default     = "debian-cloud/debian-12"
 }
 
 variable "ansible_ssh_pub_key" {
@@ -273,10 +273,10 @@ resource "local_file" "php" {
     <head>
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
-    <title>Hello from the Google Cloud</title>
+    <title>Hello from Slalom and Google</title>
     <style>
     body {
-      background-color: #000000;
+      background-color: #0C62FB;
       color: #FFFFFF;
       font-family: "Lucida Console", "Courier New", monospace;
     }

cloudbuild/on-again.yml

@@ -1,6 +1,6 @@
 # Turn VM back on
 steps:
-  - name: cyclenerd/google-cloud-gcp-tools-container:latest
+  - name: europe-west1-docker.pkg.dev/tor-p-a-nils-snd-soda/cointainer/google-cloud-gcp-tools-container:latest
     entrypoint: "bash"
     args:
       - "-c"

gcp/README.md

@@ -37,6 +37,12 @@ Please verify the ownership of the domain (or a parent) at <http://www.google.co
 	gcloud auth application-default login
 	```
 
+1. Set quota project
+
+	```bash
+	gcloud auth application-default set-quota-project [EXISTING-GOOGLE-PROJECT]
+	``````
+
 1. Initialize
 
 	```bash

gcp/output-local-files.tf

@@ -20,6 +20,7 @@ resource "local_file" "variables" {
     export MY_PUBSUB_TOPIC_CREATE='${google_pubsub_topic.create.name}'
     export MY_DNS_DOMAIN='${google_dns_managed_zone.dns.dns_name}'
     export MY_EXPIRES='${var.expires}'
+    export MY_MAX_VMS='${var.max-vms}'
   EOF
   filename = "variables.sh"
 }