I like the idea of having a control tower, on the Cloud, which I can use as my workstation without dependency on my actual laptop. Think of it like a Cloudtop but more! On AWS, I used Cloud9 for this purpose. Following has instructions for setting up a GCE instance on GCP for this purpose:
- Create a project.
- Create a GCE instance, select CentOS 7, and increase the disk to 100GB. Note the internal DNS name of the GCE instance (note: you don’t have to set a fixed public IP to the GCE instance).
- If there is a way you can SSH to the GCE through local shell (e.g. on a Mac)
- Install VSCode on your local machine.
- Install extension “Remote SSH” on VSCode. Then find the local DNS name of the GCE instance and connect to the host.
- Else (e.g. on Chromebook) SSH to the GCE instance using the Secure Shell App.
- Run ‘sudo yum update’ # to ensure all packages are up to date.
- Install code-server Ref. Getting ‘systemctl’ to work with CentOS 7 (through sudo - Ref), but there were issues with user and ability to install extensions, etc, so I just run ‘code-server’ once I ssh-ed to it. I need ssh-forwarding anyway.
- The basic ports to foward are 8080 (code-server) and 1313 (for local hugo).
-L 8080:localhost:8080 -L 1313:localhost:1313
- Once you create a connection to the GCE instance using Secure Shell App, run
localhost:8080 on your laptop’s chrome browser. Optionally, you can create a shortcut (checked the option to open as a window). Voila!
- After this, you can install all packages, softwares on the GCE instance and access it from anywhere (through the terminal on VSCode)! For example, this website is built using “hugo” and created on the control tower itself.
Notes:
- If you use either BeyondCorp or Identity-Aware Proxy (IAP), you don’t have to open SSH port to either the public or your client machine public IP. BeyondCorp or IAP will detect the target (e.g. GCE instance DNS), route and authenticate you accordingly (e.g. through security token).