ClawSkills logoClawSkills

Google Cloud Platform

通过 gcloud CLI 管理 Google Cloud Platform 资源。用于 Compute Engine 虚拟机、Cloud Run 服务、Firebase 托管、Cloud Storage 和项目管理。

访问网站

介绍

# Google Cloud Platform Skill

使用 `gcloud`、`gsutil` 和 `firebase` 命令行界面管理 GCP 资源。

## 安装

### gcloud CLI(一次性设置)

```bash # Download and extract cd ~ && curl -O https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-linux-x86_64.tar.gz tar -xzf google-cloud-cli-linux-x86_64.tar.gz

# Install (adds to PATH via .bashrc) ./google-cloud-sdk/install.sh --quiet --path-update true

# Reload shell or source source ~/.bashrc

# Authenticate gcloud auth login ```

### Firebase CLI

```bash npm install -g firebase-tools firebase login ```

## 快速参考

### 身份验证和配置

```bash # List authenticated accounts gcloud auth list

# Switch active account gcloud config set account EMAIL

# List projects gcloud projects list

# Set default project gcloud config set project PROJECT_ID

# View current config gcloud config list ```

---

## Compute Engine (虚拟机)

### 列出实例

```bash # All instances across projects gcloud compute instances list --project PROJECT_ID

# With specific fields gcloud compute instances list --project PROJECT_ID \ --format="table(name,zone,status,networkInterfaces[0].accessConfigs[0].natIP)" ```

### 启动/停止/重启

```bash gcloud compute instances start INSTANCE_NAME --zone ZONE --project PROJECT_ID gcloud compute instances stop INSTANCE_NAME --zone ZONE --project PROJECT_ID gcloud compute instances reset INSTANCE_NAME --zone ZONE --project PROJECT_ID ```

### SSH 访问

```bash # Interactive SSH gcloud compute ssh INSTANCE_NAME --zone ZONE --project PROJECT_ID

# Run command remotely gcloud compute ssh INSTANCE_NAME --zone ZONE --project PROJECT_ID --command "uptime"

# With tunneling (e.g., for local port forwarding) gcloud compute ssh INSTANCE_NAME --zone ZONE --project PROJECT_ID -- -L 8080:localhost:8080 ```

### 查看日志

```bash # Serial port output (boot logs) gcloud compute instances get-serial-port-output INSTANCE_NAME --zone ZONE --project PROJECT_ID

# Tail logs via SSH gcloud compute ssh INSTANCE_NAME --zone ZONE --project PROJECT_ID --command "journalctl -f" ```

---

## Cloud Run

### 列出服务

```bash # List all services in a region gcloud run services list --region REGION --project PROJECT_ID

# All regions gcloud run services list --project PROJECT_ID ```

### 部署

```bash # Deploy from source (builds container automatically) gcloud run deploy SERVICE_NAME \ --source . \ --region REGION \ --project PROJECT_ID \ --allow-unauthenticated

# Deploy existing container image gcloud run deploy SERVICE_NAME \ --image gcr.io/PROJECT_ID/IMAGE:TAG \ --region REGION \ --project PROJECT_ID ```

### 查看服务详情

```bash gcloud run services describe SERVICE_NAME --region REGION --project PROJECT_ID ```

### 查看日志

```bash # Stream logs gcloud run services logs read SERVICE_NAME --region REGION --project PROJECT_ID --limit 50

# Or use Cloud Logging gcloud logging read "resource.type=cloud_run_revision AND resource.labels.service_name=SERVICE_NAME" \ --project PROJECT_ID --limit 20 --format="table(timestamp,textPayload)" ```

### 更新环境变量

```bash gcloud run services update SERVICE_NAME \ --region REGION \ --project PROJECT_ID \ --set-env-vars "KEY1=value1,KEY2=value2" ```

### 流量管理

```bash # Route 100% traffic to latest gcloud run services update-traffic SERVICE_NAME --to-latest --region REGION --project PROJECT_ID

# Split traffic (canary) gcloud run services update-traffic SERVICE_NAME \ --to-revisions=REVISION1=90,REVISION2=10 \ --region REGION --project PROJECT_ID ```

---

## Firebase Hosting

### 列出项目

```bash firebase projects:list ```

### 部署

```bash # Deploy everything (hosting + functions + rules) firebase deploy --project PROJECT_ID

# Hosting only firebase deploy --only hosting --project PROJECT_ID

# Specific site (multi-site setup) firebase deploy --only hosting:SITE_NAME --project PROJECT_ID ```

### 预览频道

```bash # Create preview channel firebase hosting:channel:deploy CHANNEL_NAME --project PROJECT_ID

# List channels firebase hosting:channel:list --project PROJECT_ID

# Delete channel firebase hosting:channel:delete CHANNEL_NAME --project PROJECT_ID ```

### 回滚

```bash # List recent deploys firebase hosting:releases:list --project PROJECT_ID

# Rollback to specific version firebase hosting:rollback --project PROJECT_ID ```

---

## Cloud Storage (gsutil)

```bash # List buckets gsutil ls

# List contents gsutil ls gs://BUCKET_NAME/

# Copy file gsutil cp LOCAL_FILE gs://BUCKET_NAME/path/ gsutil cp gs://BUCKET_NAME/path/file LOCAL_PATH

# Sync directory gsutil -m rsync -r LOCAL_DIR gs://BUCKET_NAME/path/

# Make public gsutil iam ch allUsers:objectViewer gs://BUCKET_NAME ```

---

## 日志和监控

### Cloud Logging

```bash # Read recent logs gcloud logging read "resource.type=gce_instance" --project PROJECT_ID --limit 20

# Filter by severity gcloud logging read "severity>=ERROR" --project PROJECT_ID --limit 20

# Specific resource gcloud logging read "resource.type=cloud_run_revision AND resource.labels.service_name=my-service" \ --project PROJECT_ID --limit 20 ```

### 监控指标

```bash # List available metrics gcloud monitoring metrics list --project PROJECT_ID | head -50

# Describe metric gcloud monitoring metrics-scopes describe projects/PROJECT_ID ```

---

## 账单和成本监控

### 查看当前成本

```bash # List billing accounts gcloud billing accounts list

# Get billing account linked to project gcloud billing projects describe PROJECT_ID

# View cost breakdown (requires billing export to BigQuery or use console) # Quick estimate via APIs enabled: gcloud services list --enabled --project PROJECT_ID ```

### 设置预算提醒

```bash # Create budget (via gcloud beta) gcloud billing budgets create \ --billing-account=BILLING_ACCOUNT_ID \ --display-name="Monthly Budget" \ --budget-amount=50EUR \ --threshold-rule=percent=50 \ --threshold-rule=percent=90 \ --threshold-rule=percent=100

# List budgets gcloud billing budgets list --billing-account=BILLING_ACCOUNT_ID

# Describe budget gcloud billing budgets describe BUDGET_ID --billing-account=BILLING_ACCOUNT_ID ```

### 省钱技巧

```bash # Stop unused VMs (saves $$) gcloud compute instances stop INSTANCE_NAME --zone ZONE --project PROJECT_ID

# Schedule auto-start/stop (use Cloud Scheduler + Cloud Functions or cron)

# Check for idle resources gcloud recommender recommendations list \ --project=PROJECT_ID \ --location=global \ --recommender=google.compute.instance.IdleResourceRecommender ```

---

## Secret Manager

### 创建和管理密钥

```bash # Enable API gcloud services enable secretmanager.googleapis.com --project PROJECT_ID

# Create a secret echo -n "my-secret-value" | gcloud secrets create SECRET_NAME \ --data-file=- \ --project PROJECT_ID

# Or from file gcloud secrets create SECRET_NAME --data-file=./secret.txt --project PROJECT_ID ```

### 访问密钥

```bash # Get latest version gcloud secrets versions access latest --secret=SECRET_NAME --project PROJECT_ID

# Get specific version gcloud secrets versions access 1 --secret=SECRET_NAME --project PROJECT_ID

# List all secrets gcloud secrets list --project PROJECT_ID

# List versions of a secret gcloud secrets versions list SECRET_NAME --project PROJECT_ID ```

### 更新密钥

```bash # Add new version echo -n "new-value" | gcloud secrets versions add SECRET_NAME --data-file=- --project PROJECT_ID

# Disable old version gcloud secrets versions disable VERSION_ID --secret=SECRET_NAME --project PROJECT_ID

# Delete version (permanent!) gcloud secrets versions destroy VERSION_ID --secret=SECRET_NAME --project PROJECT_ID ```

### 在 Cloud Run 中使用

```bash # Deploy with secret as env var gcloud run deploy SERVICE_NAME \ --image IMAGE \ --region REGION \ --project PROJECT_ID \ --set-secrets="ENV_VAR_NAME=SECRET_NAME:latest"

# Mount as file gcloud run deploy SERVICE_NAME \ --image IMAGE \ --region REGION \ --project PROJECT_ID \ --set-secrets="/path/to/secret=SECRET_NAME:latest" ```

---

## Artifact Registry(容器镜像)

### 设置

```bash # Enable API gcloud services enable artifactregistry.googleapis.com --project PROJECT_ID

# Create Docker repository gcloud artifacts repositories create REPO_NAME \ --repository-format=docker \ --location=REGION \ --project PROJECT_ID \ --description="Docker images" ```

### 配置 Docker 身份验证

```bash # Configure Docker to use gcloud credentials gcloud auth configure-docker REGION-docker.pkg.dev ```

### 构建和推送镜像

```bash # Build with Cloud Build (no local Docker needed) gcloud builds submit --tag REGION-docker.pkg.dev/PROJECT_ID/REPO_NAME/IMAGE:TAG

# Or with local Docker docker build -t REGION-docker.pkg.dev/PROJECT_ID/REPO_NAME/IMAGE:TAG . docker push REGION-docker.pkg.dev/PROJECT_ID/REPO_NAME/IMAGE:TAG ```

### 列出和管理镜像

```bash # List images gcloud artifacts docker images list REGION-docker.pkg.dev/PROJECT_ID/REPO_NAME

# List tags for an image gcloud artifacts docker tags list REGION-docker.pkg.dev/PROJECT_ID/REPO_NAME/IMAGE

# Delete image gcloud artifacts docker images delete REGION-docker.pkg.dev/PROJECT_ID/REPO_NAME/IMAGE:TAG ```

---

## Cloud SQL(数据库)

### 创建实例

```bash # Enable API gcloud services enable sqladmin.googleapis.com --project PROJECT_ID

# Create PostgreSQL instance gcloud sql instances create INSTANCE_NAME \ --database-version=POSTGRES_15 \ --tier=db-f1-micro \ --region=REGION \ --project PROJECT_ID

# Create MySQL instance gcloud sql instances create INSTANCE_NAME \ --database-version=MYSQL_8_0 \ --tier=db-f1-micro \ --region=REGION \ --project PROJECT_ID ```

### 管理数据库和用户

```bash # Create database gcloud sql databases create DB_NAME --instance=INSTANCE_NAME --project PROJECT_ID

# List databases gcloud sql databases list --instance=INSTANCE_NAME --project PROJECT_ID

# Create user gcloud sql users create USERNAME \ --instance=INSTANCE_NAME \ --password=PASSWORD \ --project PROJECT_ID

# List users gcloud sql users list --instance=INSTANCE_NAME --project PROJECT_ID ```

### 连接

```bash # Connect via Cloud SQL Proxy (recommended) # First, download proxy: https://cloud.google.com/sql/docs/mysql/sql-proxy

# Direct connection (requires public IP & authorized networks) gcloud sql connect INSTANCE_NAME --user=USERNAME --project PROJECT_ID

# Get connection info gcloud sql instances describe INSTANCE_NAME --project PROJECT_ID \ --format="value(connectionName)" ```

### 备份

```bash # Create on-demand backup gcloud sql backups create --instance=INSTANCE_NAME --project PROJECT_ID

# List backups gcloud sql backups list --instance=INSTANCE_NAME --project PROJECT_ID

# Restore from backup gcloud sql backups restore BACKUP_ID --restore-instance=INSTANCE_NAME --project PROJECT_ID ```

### 从 Cloud Run 连接

```bash # Deploy with Cloud SQL connection gcloud run deploy SERVICE_NAME \ --image IMAGE \ --region REGION \ --project PROJECT_ID \ --add-cloudsql-instances=PROJECT_ID:REGION:INSTANCE_NAME \ --set-env-vars="DB_HOST=/cloudsql/PROJECT_ID:REGION:INSTANCE_NAME" ```

---

## 故障排除

### "API not enabled" ```bash # Enable an API gcloud services enable run.googleapis.com --project PROJECT_ID gcloud services enable compute.googleapis.com --project PROJECT_ID ```

### "Permission denied" ```bash # Check IAM roles gcloud projects get-iam-policy PROJECT_ID --flatten="bindings[].members" \ --format="table(bindings.role)" --filter="bindings.members:EMAIL" ```

### "Not authenticated" ```bash gcloud auth login gcloud auth application-default login # For ADC (used by libraries) ```

### 刷新凭据 ```bash gcloud auth login --force ```

返回

更多产品

self-improving-agent

效率与任务管理

捕获经验、错误和修正以实现持续改进。适用于以下情况:(1) 命令或操作意外失败,(2) 用户更正 Claude

26.4K

Find Skills

效率与任务管理

当用户询问诸如“我该如何执行 X”、“寻找用于 X 的技能”、“是否存在可以……的技能”等问题,或表达意图时,帮助用户发现并安装代理技能。

22.1K

Sonoscli

效率与任务管理

控制 Sonos 扬声器(发现/状态/播放/音量/分组)。

18.5K