All geek questions in one place

Copy files between two instances of Google Cloud

I have two projects in Google Cloud, and I need to copy files from an instance in one project to an instance in another project. I tried to use the command "gcloud compute copy-files", but I get this error:

gcloud compute copy-files test.tgz --project stack-complete-343 instance-IP:/home/ubuntu --zone us-central1-a ERROR: (gcloud.compute.copy-files) Could not fetch instance: - Insufficient Permission
+10
source share
6 answers

I was able to repeat your problem with a new instance of the virtual machine, getting the same error. Here are some steps I took to fix the problem:

Make sure that you are authenticated and have rights to both projects with the same account!

$ gcloud config list (if you see the @ developer.gserviceaccount.com service account, you need to switch to the account included in both projects, you can check this from the Devlopers Console> Permissions)

$ gcloud auth login (copy the link to a new window, log in, copy the code and paste it back into the invitation)

$ gcloud compute copy-files test.tgz --project stack-complete-343 instance-IP:/home/ubuntu --zone us-central1-a (I would also use the instance name instead of IP)

This last command should also generate your ssh keys. You should see something like this, but don't worry about entering a passphrase:

WARNING: [/ usr / bin / ssh-keygen] will be executed to generate the key.

Creating a public / private rsa key pair

Enter a passphrase (blank for passphrase):

+11
source

Go to the "Permissions" tab of the remote instance (i.e. the instance in which you will NOT run gcloud compute copy-files on). Then go to the service accounts and create a new one, give it a name and check the box to get the key file for it, and leave the JSON selected. Download this key file from your personal machine using gcloud compute copy-files and your personal account to the local instance (that is, on the machine on which you connect and run the gcloud compute copy-files command.) Then run it from the local instance via Ssh. gcloud auth activate-service-account ACCOUNT --key-file KEY-FILE replacing ACCOUNT email address that was generated and KEY-FILE with the path to the key file that you downloaded from your personal machine before. You can then access the instance that sets up the account. These steps must be repeated in each instance that you want to copy files between. If these instructions were not clear, let me know and I will try to help.

+1
source

It is not recommended that you verify the account on instances of the Compute Engine, as this can provide your credentials to anyone who has access to the machine.

Instead, you can allow your service accounts to use the Compute Engine API. First, stop the instance. After stopping, you can edit the Cloud API Access Areas from the console. Change the Compute engine area from Disabled to Read-only .

Now you can simply use the copy-files command. This allows your service account to access the calculated engine API.

0
source

The easiest way to do this is to use the scp command and the .pem file. Here is an example

 sudo scp -r -i your/path_to/.pem your_username@ip _address_of_instance:path/to/copy/file
0
source

If both of them are in the same project, this is the easiest way.

 gcloud compute copy-files yourFileName --project yourProjectName instance-name:~/folderInInstance --zone europe-west1-b

Obviously, you should edit the zone according to your examples.

0
source

One approach to getting permissions is to enable the Cloud API access scopes . You can install them on Allow full access to all Cloud APIs .

In console click on instance and use the EDIT button above. Scroll down and change the Cloud API access scopes . See also this answer .

0
source

Source: https://habr.com/ru/post/1208072/

More articles:


All Articles