New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Gcloud Cloud Run - SSH Access
Found a sneaky trick where you can implement a WebSSH client with an SSH client in the same docker image on Cloud Run and SSH into the container itself.
The opportunities are now endless..... Or so I thought. Turns out the containers exit every so often randomly. Fun trick though.
Comments
If i'm correct, google cloud run automatically scales the container up/down based on the amount of requests.
Correct, but you can set it to 1 request maximum (ie you using terminal) and then pay for the CPU hours actually used. As they're not dedicated CPU hours, it's a lot cheaper than an actual VPS for low load things.
Only issue is you have no ports available except one
Side note, don't forget it's free for 3 months
pip install webssh
Then install any SSH server, though it needs to be preconfigured in the docker image prior to deployment.
I should really get a credit card
Wise app, unlimited debit cards
for an 8 core one that kinda sucks... But it may be cost effective for someone
Aws, azure, GC accept wiseapp?
Outbound port with tunnel should work.
AWS, Azure no from memory. GCloud recently did, have only done it once though.
I'm thinking of trying cloudflared on it
Edit: A no-go, won't show up as a connector after installation. Could play around with firewall rules maybe but I doubt Google would allow it
Successfully installed docker (in docker), so I could add services that are fired up via app engine pinging (GET) the main URL, THEN accessing the service via a reverse proxy... In theory
outbound should be allowed, as people connect to databases like PG, mysql, Brokers like RabbitMQ, Kafka from containers and serverless. But the apps must able to use this connection for communication, not an easy though.
It didn't work out of the box with cloudflared, I'm sure there's a way though.
Speed test was over 500Mbps so it's a decent box
Firing up zurg & rclone (real-debrid) for proof of concept only (all legal files)
I think I can nginx this and cname the actual host if I either rebuild with nginx on a port pointing to 8080, or hijack 8080
Lots of random disconnects, use screen to maintain where you are and just screen -r back in after disconnect.
Success, can mount zurg (real debrid), so in theory could fire up Plex and hijack 8080 for a plex box for almost nothing (ingress is free)
Sleep time, WIP on how to utilise this to my advantage....
I think I can private network the SSH terminal and have other boxes running utilising its rclone files as NFS mounts
What about revolut cards?
You can try wireguard client from docker container to wireguard server running outside, then run tcp lister inside docker container over wireguard ip, then you can hit any services run inside container over any client. This will be easier than tcp socket pairing or bridge, as some apps needs published IP, port , ssl etc. This would work 100 percent, give you free run. If not let me know.
I am trying to set up home lab , will be available on off here. I am willing to join hand with you on this, just for a curious hack.
Edit: pricing is for amount of time container run, memory hours, cpu hours, is it not? Also containers will have time out settings?
And health status before it got killed due to unresponsiveness? I didn't check the pricing, if it is cheap, this can be worked for worker nodes for distributed computing and parallel computing and task based workload, in case container pull out, akin to spot instances, you still have many other worker nodes to continue failed tasks.
Containers are cheap for sure.
If you guys done some sort of cards, that works for get trial access, that will be great not just for me, including students from poor background. I do teach data relatee stuff on the cloud, while these cloud companies must provide free to nill platform for people to learn and make sustenance or provider open source alternative for people tintey out. Now only able and affordable can attend these training and practice, it cost a ton to learn all these before those young students get job. I wish not misuse the platform, whatever these big capitalist companies claim, they must have alternative learning platform.
No ports are usable except for internally. You can only access the server via the http website it serves.
The main solution would be an nginx server, then each application is a separate directory.
I looked at costing and it's used around $7 of my credits thus far so no use case unless abusing sign up bonuses (which I'm not currently - I'm doing this to practice deployments and building docker images)
A card is the only barrier - any debit card works. You don't setup a billing account on the trial so once it ends all services stop, unless you opt in to a billing account. It's only for verification.
(Accurate for GCloud, unsure about others)
It may be abusable as a plex_debrid solution, I managed to get zurg mounted and working.
Next step would be add in nginx so directories are different applications, ie /plex, /ssh, /zurg, etc all proxying to internal ports. It would be a mission to build a docker container with a preexisting Nginx config that routes the SSH access to a directory though
Yes only for the trial account for learning purpose for students to get start with.
Is there providers who offer prepaid cards, some said wise app, not sure it is USA or can be used in Asian countries too.
Forgot Wise isn't global yet, there's other options but they might not allow them. Wise worked for me, it's my main business card
Cool let me know how your hack with containers go. Try wireguard once to allow incoming traffic. But in my calculation, container runtime for cpu and memory must cost more than VPS cost, a spot vm must be cheaper than both containers and vm
Damn, the WebSSH doesn't function through NGINX
Ssh needs ssl/encryption, nginx is another entity, trust may not be formed, not forwarded?
Got it working.
It's HTTPS > Server > SSH 127.0.0.1 effectively. So the SSH side of things is local (the WebSSH server SSHing into the localhost), which WebSSH converts to HTTP, which NGINX converts and proxies with HTTP, which google then proxies with HTTPS.
Also got Plex to run using NGINX on a separate subdirectory, manually claimed the server, though then failed to connect at the settings stage.