问题
I just created a virtual instance using Google Cloud but I have three projects and it assigned the instance to the wrong project. It really looks like this is a bug but how I can I be sure that the fault lies with Google and not me. Also, someone is inevitably going to advise me to use the cloud console to create instances so let me preempt that advice. I'm trying to get all of my cloud computing down to the click of one button. I plan on regularly creating and destroying instances and I have to be able to do this quickly and efficiently. Hence, all of my cloud computing has to be done with Python. In any case, I have two projects: 'move_files', and '9920' (I didn't make up the names). I used the following python syntax:
import subprocess
str1 = "/users/kylefoley/codes/move.json"
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = str1
def create_instance(name='', machine_type=''):
name = 'kfoley76'
machine_type = 'n1-standard-1'
subprocess.run(['gcloud', 'compute', 'instances', 'create',
name, f'--machine-type={machine_type}',
'--zone=us-west2-a'])
create_instance()
That code resulted in an instance being created on the 'atomic' project rather than the 'move' project and yet my google application credentials clearly stated otherwise. The only thing I can think of is that somehow I named the json file incorrectly. But how would I verify that?
Also, let me provide proof that the wrong project ID houses the instances. I guess I won't be able to keep the names secret but I suppose that they cannot be stolen unless someone has my password. The atomic project is really called 9920:
回答1:
I recommend a different (better) approach than using Python to make gcloud calls. While your current approach will work, it's more complex than necessary, makes error-handling more challenging and -- as you've seen -- can result in unexpected behavior. In this case, because you're calling out to gcloud, you're also inheriting its configuration.
The alternative is to use Google's Python SDK. All Google's services (e.g. Compute Engine) are accessible via Google-provided SDKs. There are 2 primary flavors of SDK. The older, API Client Libraries and the newer (and only for [some] Cloud services [and unfortunately not Compute Engine]) Cloud Client Libraries. Here's Google's explainer.
NB gcloud is itself written in Python and uses the API Client Libraries.
Google's API documentation is excellent. Every service (not just Cloud) and every method is fully (and correctly|automatically) documented. Here's Compute Engine's Instance Insert method: https://cloud.google.com/compute/docs/reference/rest/v1/instances/insert
NB The page also presents Google's APIs Explorer which enables you to make the API call directly to observe the behavior.
If you scroll down this page, you will find example for each of the languages supported by Google: https://cloud.google.com/compute/docs/reference/rest/v1/instances/insert#examples
See this page for the example too: https://cloud.google.com/compute/docs/tutorials/python-guide
NB When you use (any of) the APIs directly, you must explicitly state which project to use. This is because, gcloud permits defaults e.g. gcloud config set project but the APIs themselves are stateless and do not.
NB My personal recommendation is to never use gcloud config set ... as this can result in problems like this. I think it's better to always explicitly reference e.g. the project, with gcloud commands using e.g. gcloud ... --project=${PROJECT} ...
来源:https://stackoverflow.com/questions/59456294/how-can-i-verify-that-im-using-the-correct-project-id-in-google-cloud