Craigiebabe

My feedback

  1. 115 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe commented  · 

    So I noticed in AWS CloudFormation, you describe a launch configuration (roughly equivalent to instance templates), without actually specifying a name or id for it.

    This means the launch configuration is more or less anonymous in the CloudFormation YAML You can still reference the launch configuration from within other parts of the YAML by its logical name.

    This means that when you change the image id in the launch config, CloudFormation will "under the hood" delete the Launch Configuration object, then create a new Launch Configuration referencing the new sourceImage.

    You should be able to do something similar when declaring instance templates in deployment manager configuration files.

    Craigiebabe commented  · 

    Even if you only allow the sourceImage in unbound instance templates (i.e. not associated with any instance groups) to be updated, that would allow us to define a pair of instance templates in our Deployment Manager scripts, and toggle between them to perform updates via Deployment Manager.

    Craigiebabe commented  · 

    If I update the sourceImage in my instance-template, I get NO_METHOD_TO_UPDATE_FIELD. This means I cannot use deployment manager to trigger an update to my instance group.

    Either (a) allow instance templates to be updated, or (b) make the deletion and recreation of instance templates happen in a way transparent to the user (under the hood, as it were).

    The benefit of this include:
    * Avoid configuration drift
    * Avoid DM inconsistency whereby sourceImage can be updated on an instance, but not on an instance group
    * Allows DM to be used to roll out application (sourceImage) changes - a very common DevOps use-case

    Craigiebabe supported this idea  · 
  2. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for your comments, they’ve been passed to the networking team. If you have more specific feedback on the UI or on how to preserve mental health, please let us know in the comments so we can address your exact feedback.

    Craigiebabe commented  · 

    I would tend to agree that creation of a load balancer does seem unnecessarily complex in GCP.

    The whole setup is (I think) something like the following:

    Global Forwarding Rule -> Target HTTPS Proxy (SSL offload) -> URL Map -> Backend Service -> Instance Group

    The problems with this are I think:
    * There is no load balancer construct, and instead we have a series of obscure entities that must be cobbled together to create one
    * Things that I would think of as attributes of a load balancer are entities in their own right, and I don't think it's clear why that needs to be the case, as it seems quite counter-intuitive, which makes it frustrating and difficult to comprehend - not just for people coming from AWS backgrounds

    Perhaps a simpler construct called a "load balancer" as a front-end, that links to an instance group as a back-end. And all the other constructs such as healthchecks, url maps, target http proxies and global forwarding rules become mere properties of the load balancer rather than standalone entities.

  3. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe supported this idea  · 
  4. 5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe commented  · 

    I'd like to see the same. Here's a usecase. I have a staging / pre-production version of my website for testing purposes. I want it to work just like my production / live site, and I want to access it from a cloud-based 3rd party browser testing software, and I want it visible in Google Analytics in order to test my GA scripting changes, so it must be internet accessible.

    But I don't want Google to crawl my staging site as it will dilute the ranking of my live site. I need to therefore (a) have a robots.txt file that says don't crawl, and, to be doubly sure, (b) put the whole site behind basic auth.

    Currently the load-balancer healthchecks don't support basic auth. So I can't have this setup.

    Craigiebabe supported this idea  · 
  5. 13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks, we’ll look into this. In the meantime, it seems like you could accomplish something like this by having the first successful run of your script create a “touch file” (“touch ~/.ran-startup-script”) and then have your script check for that file as the first thing it does, and if it exists on the disk, then just exit.

    Craigiebabe commented  · 

    Not sure if this helps, but you can do that via Google Deployment Manager https://cloud.google.com/deployment-manager/docs/step-by-step-guide/setting-metadata-and-startup-scripts - kind of similar to AWS UserData scripting via CloudFormation.

  6. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe commented  · 

    Not sure if it's what you're after, but there's https://cloud.google.com/sdk/gcloud/reference/beta/compute/ssl-certificates/create and https://cloud.google.com/load-balancing/docs/ssl-certificates. Also, although not documented, I was able to create a certificate using Deployment Manager and reference it in my load balancer

    - type: compute.beta.sslCertificate
    name: my-cert
    properties:
    name: 'my-cert'
    certificate: '{{ properties["certificate-file"] }}'
    privateKey: '{{ properties["private-key-file"] }}'

    - type: gcp-types/compute-v1:targetHttpsProxies
    name: target-https-proxy-{{ env["deployment"] }}
    properties:
    urlMap: '$(ref.url-map-{{ env["deployment"] }}.selfLink)'
    sslCertificates: [ 'https://www.googleapis.com/compute/v1/projects/my-project/global/sslCertificates/my-cert'; ]

    Apologies if this is poorly formatted - blame uservoice.com for not supporting structured text...

  7. 24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the feedback, this is definitely planned to be available. I don’t have an exact timeframe currently, but we wouldn’t GA the feature without this. Note, it’s possible to add labels to a template through the API itself through instanceTemplates.insert(), but of course that’s not very easy to use if you’re working with gcloud.

    Craigiebabe supported this idea  · 
  8. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Cloud SQL  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe commented  · 

    Isn't this already possible? According to https://cloud.google.com/sql/docs/mysql/admin-api/v1beta4/instances there is a privateNetwork property which is "the resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, /projects/myProject/global/networks/default. This setting can be updated, but it cannot be removed after it is set".

  9. 23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe supported this idea  · 
  10. 30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compute Engine  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe supported this idea  · 
  11. 64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    27 comments  ·  Cloud SQL  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe supported this idea  · 
    Craigiebabe commented  · 

    This is ridiculous. Let the customer be responsible for deciding whether to backup before deleting a db. If they're dumb enough to accidentally delete a production DB, they don't deserve to be in business.

    If DB deletion is a 2 stage process, why not rename the DB (e.g. "<old-db-name>.pending-deletion-YYMMDDHHmmss") at the beginning of this 2 month wait so that the original name can be reused.

  12. 2,028 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    106 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →

    We appreciate all of your feedback on how critical the HTTPHTTPS redirect feature is to your GCP apps. Our networking team has further increased the priority of this feature in our backlog based on your feedback and are aiming to deliver an Alpha in Q4, 2019.

    Craigiebabe supported this idea  · 
  13. 32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Cloud Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe shared this idea  · 
  14. 6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Cloud Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
    Craigiebabe supported this idea  · 
    Craigiebabe commented  · 

    Yep agreed. I got a rather obscure error "Source url of disk must point to resource of type disk", which made me think the custom image I created was broken.

    Had to delete and re-create the entire deployment to upgrade the base image - til I saw your suggestion to remove the vm from the deployment then re-add it.

Feedback and Knowledge Base