This is Docker image for the Google Cloud SDK.
The :latest
tag of this image is Debian-based and includes default command
line tools of Google Cloud SDK (gcloud
, gsutil
, bq
) as well as all
additional components.
google/cloud-sdk:latest
,google/cloud-sdk:VERSION
: (large image with additional components pre-installed, Debian-based)google/cloud-sdk:slim
,google/cloud-sdk:VERSION-slim
: (smaller image with no components pre-installed, Debian-based)google/cloud-sdk:alpine
,google/cloud-sdk:VERSION-alpine
: (smallest image with no additional components installed, Alpine-based)
→ Check out Docker Hub for available tags.
To use this image, pull from Docker Hub, run the following command:
docker pull google/cloud-sdk:latest
Verify the install
docker run -ti google/cloud-sdk:latest gcloud version
Google Cloud SDK 159.0.0
or use a particular version number:
docker run -ti google/cloud-sdk:160.0.0 gcloud version
Then, authenticate by running:
docker run -ti --name gcloud-config google/cloud-sdk gcloud auth login
Once you authenticate successfully, credentials are preserved in the volume of
the gcloud-config
container.
To list compute instances using these credentials, run the container with
--volumes-from
:
docker run --rm -ti --volumes-from gcloud-config google/cloud-sdk gcloud compute instances list --project your_project
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
instance-1 us-central1-a n1-standard-1 10.240.0.2 8.34.219.29 RUNNING
⚠️ Warning: Thegcloud-config
container now has a volume containing your Google Cloud credentials. Do not usegcloud-config
volume in other containers.
Alternatively, you can use use auth/credential_file_override
property to set a path to a mounted service account
and then the config to read that using CLOUDSDK_CONFIG
environment variable.
for example, mycloud
configuration below has the auth/credential_file_override
already set and points towards a certificate file
that will be present within the container as a separate volume mount.
See issue#152
$ docker run -ti -e CLOUDSDK_CONFIG=/config/mygcloud \
-v `pwd`/mygcloud:/config/mygcloud \
-v `pwd`:/certs google/cloud-sdk:alpine /bin/bash
bash-4.4# gcloud config list
[auth]
credential_file_override = /certs/svc_account.json
bash-4.4# head -10 /certs/svc_account.json
{
"type": "service_account",
"project_id": "project_id1",
....
bash-4.4# gcloud projects list
PROJECT_ID NAME PROJECT_NUMBER
project_id1 GCPAppID 1071284184432
By default, all gcloud components
are installed on the default
images (google/cloud-sdk:latest
and google/cloud-sdk:VERSION
).
The google/cloud-sdk:slim
and google/cloud-sdk:alpine
images do not contain
additional components pre-installed. You can extend these images by following
the instructions below:
cd debian_slim/
docker build --build-arg CLOUD_SDK_VERSION=159.0.0 \
--build-arg INSTALL_COMPONENTS="google-cloud-sdk-datastore-emulator" \
-t my-cloud-sdk-docker:slim .
To install additional components for Alpine-based images, create a Dockerfile
that uses the gcloud image as the base image. For example, to add kubectl
and
app-engine-java
components:
FROM google/cloud-sdk:alpine
RUN apk --update add openjdk7-jre
RUN gcloud components install app-engine-java kubectl
and run:
docker build -t my-cloud-sdk-docker:alpine .
Note that in this case, you have to install dependencies of additional components manually.
docker build -t my-cloud-sdk-docker:alpine --build-arg CLOUD_SDK_VERSION=<release_number> .
The original image in this repository was based off of
FROM gcr.io/google_appengine/base
The full Dockerfile for that can be found
here for archival as well as in image tag
google/cloud-sdk-docker:legacy
You can also follow the Cloud SDK Release schedule here