Mon, 16 Mar 2026 03:04:46 GMT

Fri, 13 Mar 2026 01:54:00 GMT

Fri, 13 Mar 2026 01:29:13 GMT

Wed, 11 Mar 2026 12:05:54 GMT

Wed, 11 Mar 2026 06:40:40 GMT

Wed, 11 Mar 2026 06:31:46 GMT

Mon, 09 Mar 2026 01:43:32 GMT

Tue, 03 Mar 2026 06:24:15 GMT

Sat, 28 Feb 2026 06:10:01 GMT

[email protected] Copied! You can also find the Username in the Lab Details pane. Click Next. Copy the Password below and paste it into the Welcome dialog. vGCaxTeSxpgN Copied! You can also find the Password in the Lab Details pane. Click Next. Important: You must use the credentials the lab provides you. Do not use your Google Cloud account credentials. Note: Using your own Google Cloud account for this lab may incur extra charges. Click through the subsequent pages: Accept the terms and conditions. Do not add recovery options or two-factor authentication (because this is a temporary account). Do not sign up for free trials. After a few moments, the Google Cloud console opens in this tab. Note: To access Google Cloud products and services, click the Navigation menu or type the service or product name in the Search field. Activate Cloud Shell Cloud Shell is a virtual machine that is loaded with development tools. It offers a persistent 5GB home directory and runs on the Google Cloud. Cloud Shell provides command-line access to your Google Cloud resources. Click Activate Cloud Shell at the top of the Google Cloud console. Click through the following windows: Continue through the Cloud Shell information window. Authorize Cloud Shell to use your credentials to make Google Cloud API calls. When you are connected, you are already authenticated, and the project is set to your Project_ID, qwiklabs-gcp-00-86734d2ce627. The output contains a line that declares the Project_ID for this session: Your Cloud Platform project in this session is set to qwiklabs-gcp-00-86734d2ce627 gcloud is the command-line tool for Google Cloud. It comes pre-installed on Cloud Shell and supports tab-completion. (Optional) You can list the active account name with this command: gcloud auth list Copied! Click Authorize. Output: ACTIVE: * ACCOUNT: [email protected] To set the active account, run: $ gcloud config set account `ACCOUNT` (Optional) You can list the project ID with this command: gcloud config list project Copied! Output: [core] project = qwiklabs-gcp-00-86734d2ce627 Note: For full documentation of gcloud, in Google Cloud, refer to the gcloud CLI overview guide. Clone demo Clone the resources needed for this lab by running: git clone https://github.com/GoogleCloudPlatform/gke-tracing-demo Copied! Go into the directory for this demo: cd gke-tracing-demo Copied! Set your region and zone Certain Compute Engine resources live in regions and zones. A region is a specific geographical location where you can run your resources. Each region has one or more zones. Note: Learn more about regions and zones and see a complete list in Regions & Zones documentation. Run the following to set a region and zone for your lab (you can use the region/zone that's best for you): gcloud config set compute/region us-central1 gcloud config set compute/zone us-central1-f Copied! Architecture The lab begins by deploying a Kubernetes Engine cluster. To this cluster will be deployed a simple web application fronted by a load balancer. The web app will publish messages provided by the user to a Cloud Pub/Sub topic. The application is instrumented such that HTTP requests to it will result in the creation of a trace whose context will be propagated to the Cloud Pub/Sub publish API request. The correlated telemetry data from these requests will be available in the Cloud Trace Console. Introduction to Terraform Following the principles of infrastructure as code and immutable infrastructure, Terraform supports the writing of declarative descriptions of the desired state of infrastructure. When the descriptor is applied, Terraform uses Google Cloud APIs to provision and update resources to match. Terraform compares the desired state with the current state so incremental changes can be made without deleting everything and starting over. For instance, Terraform can build out Google Cloud projects and compute instances, etc., even set up a Kubernetes Engine cluster and deploy applications to it. When requirements change, the descriptor can be updated and Terraform will adjust the cloud infrastructure accordingly. This example will start up a Kubernetes Engine cluster using Terraform. Then you will use Kubernetes commands to deploy a demo application to the cluster. By default, Kubernetes Engine clusters in Google Cloud are launched with a pre-configured Fluentd-based collector that forwards logging events for the cluster to Cloud Monitoring. Interacting with the demo app will produce trace events that are visible in the Cloud Trace UI. Running Terraform There are three Terraform files provided with this demo, located in the /terraform subdirectory of the project. The first one, main.tf, is the starting point for Terraform. It describes the features that will be used, the resources that will be manipulated, and the outputs that will result. The second file is provider.tf, which indicates which cloud provider and version will be the target of the Terraform commands--in this case Google Cloud. The final file is variables.tf, which contains a list of variables that are used as inputs into Terraform. Any variables referenced in the main.tf that do not have defaults configured in variables.tf will result in prompts to the user at runtime. Task 1. Initialization Given that authentication was configured above, you are now ready to deploy the infrastructure. Run the following command from the root directory of the project: cd terraform Copied! Update the provider.tf file Remove the provider version for the Terraform from the provider.tf script file. Edit the provider.tf script file: nano provider.tf Copied! terraform { required_providers { google = { source = "hashicorp/google" version = "3.84.0" } } } provider "google" { project = var.project } Copied! Then save the file with CTRL + X > Y > Enter. After modification your provider.tf script file should look like: ... provider "google" { project = var.project } From here, initialize Terraform. Enter: terraform init Copied! This will download the dependencies that Terraform requires: the Google Cloud project and the Google Cloud zone to which the demo application should be deployed. Terraform will prompt for these values if it does not know them already. By default, it will look for a file called terraform.tfvars or files with a suffix of .auto.tfvars in the current directory to obtain those values. This demo provides a convenience script to prompt for project and zone and persist them in a terraform.tfvars file. Run: ../scripts/generate-tfvars.sh Copied! Note: If the file already exists you will receive an error. The script uses previously-configured values from the gcloud command. If they have not been configured, the error message will indicate how they should be set. The existing values can be viewed with the following command: gcloud config list Copied! If the displayed values don't correspond to where you intend to run the demo application, change the values in terraform.tfvars to your preferred values. Task 2. Deployment Having initialized Terraform you can see the work that Terraform will perform with the following command: terraform plan Copied! This command can be used to visually verify that settings are correct and Terraform will inform you if it detects any errors. While not necessary, it is a good practice to run it every time prior to changing infrastructure using Terraform. After verification, tell Terraform to set up the necessary infrastructure: terraform apply Copied! The changes that will be made are displayed, and asks you to confirm with yes. Note: If you get deprecation warnings related to the zone variable, please ignore it and move forward in the lab. While you're waiting for your build to complete, set up a Cloud Monitoring workspace to be used later in the lab. Test completed task Click Check my progress to verify your performed task. If you have successfully deployed necessary infrastructure with Terraform, you will see an assessment score. Use Terraform to set up the necessary infrastructure Create a Monitoring Metrics Scope Set up a Monitoring Metrics Scope that's tied to your Google Cloud Project. The following steps create a new account that has a free trial of Monitoring. In the Cloud Console, click Navigation menu ( ) > View All Products > Observability > Monitoring. When the Monitoring Overview page opens, your metrics scope project is ready. Task 3. Deploy demo application Back in Cloud Shell, after you see the Apply complete! message, return to the Console. In the Navigation menu, go to Kubernetes Engine > Clusters to see your cluster. Click on Navigation menu, click on view all products then scroll down to the Analytics section and click on Pub/Sub to see the Topics and Subscriptions. Now, deploy the demo application using Kubernetes's kubectl command: kubectl apply -f tracing-demo-deployment.yaml Copied! Once the app has been deployed, it can be viewed in the Kubernetes Engine > Workloads. You can also see the load balancer that was created for the application in the Gateways, Services & Ingress > Services section of the console. It may take a few minutes for the application to be deployedif your workloads console resembles the following with a status of "Does not have minimum availability": Refresh the page until you see an "OK" in the status bar: Incidentally, the endpoint can be programmatically acquired using the following command: echo http://$(kubectl get svc tracing-demo -n default -o jsonpath='{.status.loadBalancer.ingress[0].ip}') Copied! Test completed task Click Check my progress to verify your performed task. If you have successfully deployed demo application, you will see an assessment score. Deploy demo application Task 4. Validation Generating telemetry data Once the demo application is deployed, you should see a list of your exposed services. Still in the Kubernetes window, under Gateways, Services & Ingress click on Services to view the exposed services. Click on the endpoint listed next to the tracing-demo load balancer to open the demo app web page in a new tab of your browser. Note that your IP address will likely be different from the example above. The page displayed is simple: To the url, add the string: ?string=CustomMessage and see that the message is displayed: As you can see, if a string parameter is not provided it uses a default value of Hello World. The app is used to generate trace telemetry data. Replace "CustomMessage" with your own messages to generate some data to look at. Test completed task Click Check my progress to verify your performed task. If you have successfully generated telemetry data, you will see an assessment score. Generate Telemetry Data Examining traces In the Console, select Navigation menu >View all products > scroll to Observability section and click on Trace > Trace explorer. You should see a chart displaying trace events plotted on a timeline with latency as the vertical metric. If not, click the Auto Run toggle button to see the most up to date data. Click on the dark block in the top graph is a "Heatmap" view, which shows the density of spans occurring at that specific duration and time. The top entry in the list is known as the root span and represents the duration of the HTTP request, from the moment the first byte arrives until the moment the last byte of the response is sent. The bottom entry in the list represents the duration of the request made when sending the message to the Pub/Sub topic. Since the handling of the HTTP request is blocked by the call to the Pub/Sub API it is clear that the vast majority of the time spent within the HTTP request is taken up by the Pub/Sub interaction. This demonstrates that by instrumenting each tier of your application you can easily identify where the bottlenecks are. Pulling Pub/Sub messages As described in the Architecture section of this document, messages from the demo app are published to a Pub/Sub topic. These messages can be consumed from the topic using the gcloud CLI: gcloud pubsub subscriptions pull --auto-ack --limit 10 tracing-demo-cli Copied! Output: DATA: Hello World MESSAGE_ID: 4117341758575424 ORDERING_KEY: ATTRIBUTES: DELIVERY_ATTEMPT: DATA: CustomMessage MESSAGE_ID: 4117243358956897 ORDERING_KEY: ATTRIBUTES: DELIVERY_ATTEMPT: Pulling the messages from the topic has no impact on tracing. This section simply provides a consumer of the messages for verification purposes. Monitoring and logging Cloud monitoring and logging are not the subject of this demo, but it is worth noting that the application you deployed will publish logs to Cloud Logging and metrics to worth noting that the application you deployed will publish logs to Logging and metrics to Cloud Monitoring In the Console, select Navigation menu > Monitoring > Metrics Explorer. In the Select a metric field, select VM Instance > Instance > CPU Usage then click Apply. You should see a chart of this metric plotted for different pods running in the cluster. To see logs, select Navigation menu > View all products scroll to Observability section and click on Logging. In Log fields section, set the following: RESOURCE TYPE: Kubernetes Container CLUSTER NAME: tracing-demo-space NAMESPACE NAME: default Task 5. Troubleshooting in your own environment Several possible errors can be diagnosed using the kubectl command. For instance, a deployment can be shown: kubectl get deployment tracing-demo Copied! Output: NAME READY UP-TO-DATE AVAILABLE AGE tracing-demo 1/1 1 1 21m More details can be shown with describe: kubectl describe deployment tracing-demo Copied! This command will show a list of deployed pods: kubectl get pod Copied! Output: NAME READY STATUS RESTARTS AGE tracing-demo-59cc7988fc-h5w27 1/1 Running 0 23m Again, details of the pod can be seen with describe: kubectl describe pod tracing-demo Copied! Note the pod Name to use in the next step. Once you know the pod name, use the name to view logs locally: kubectl logs Copied! Output: 10.60.0.1 - - [22/Jun/2018:19:42:23 +0000] "HEAD / HTTP/1.0" 200 - "-" "-" Publishing string: Hello World 10.60.0.1 - - [22/Jun/2018:19:42:23 +0000] "GET / HTTP/1.1" 200 669 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36" The install script fails with a Permission denied when running Terraform. The credentials that Terraform is using do not provide the necessary permissions to create resources in the selected projects. Ensure that the account listed in gcloud config list has necessary permissions to create resources. If it does, regenerate the application default credentials using gcloud auth application-default login. Task 6. Teardown Qwiklabs will take care of shutting down all the resources used for this lab, but heres what you would need to do to clean up your own environment to save on cost and to be a good cloud citizen: terraform destroy Copied! As with apply, Terraform will prompt for a yes to confirm your intent. Since Terraform tracks the resources it created it can tear down the cluster, the Pub/Sub topic, and the Pub/Sub subscription. Note: If you get deprecation warnings related to the zone variable, ignore it. Solution of Lab Quick curl -LO raw.githubusercontent.com/ePlus-DEV/storage/refs/heads/main/labs/GSP484/lab.sh source lab.sh Manual ]]>

Sat, 28 Feb 2026 05:36:26 GMT

[email protected] You can also find the Username in the Lab Details pane. Click Next. Copy the Password below and paste it into the Welcome dialog. uEaNw77wW5EL You can also find the Password in the Lab Details pane. Click Next. Important: You must use the credentials the lab provides you. Do not use your Google Cloud account credentials. Note: Using your own Google Cloud account for this lab may incur extra charges. Click through the subsequent pages: Accept the terms and conditions. Do not add recovery options or two-factor authentication (because this is a temporary account). Do not sign up for free trials. After a few moments, the Google Cloud console opens in this tab. Note: To access Google Cloud products and services, click the Navigation menu or type the service or product name in the Search field. Activate Cloud Shell Cloud Shell is a virtual machine that is loaded with development tools. It offers a persistent 5GB home directory and runs on the Google Cloud. Cloud Shell provides command-line access to your Google Cloud resources. Click Activate Cloud Shell at the top of the Google Cloud console. Click through the following windows: Continue through the Cloud Shell information window. Authorize Cloud Shell to use your credentials to make Google Cloud API calls. When you are connected, you are already authenticated, and the project is set to your Project_ID, qwiklabs-gcp-02-668b9ffe0190. The output contains a line that declares the Project_ID for this session: Your Cloud Platform project in this session is set to qwiklabs-gcp-02-668b9ffe0190 gcloud is the command-line tool for Google Cloud. It comes pre-installed on Cloud Shell and supports tab-completion. (Optional) You can list the active account name with this command: gcloud auth list Click Authorize. Output: ACTIVE: * ACCOUNT: [email protected] To set the active account, run: $ gcloud config set account `ACCOUNT` (Optional) You can list the project ID with this command: gcloud config list project Output: [core] project = qwiklabs-gcp-02-668b9ffe0190 Note: For full documentation of gcloud, in Google Cloud, refer to the gcloud CLI overview guide. Clone demo Copy the resources needed for this lab exercise from a Cloud Storage bucket: gsutil cp -r gs://spls/gsp480/gke-network-policy-demo . Go into the directory for the demo: cd gke-network-policy-demo Make the demo files executable: chmod -R 755 * Task 1. Lab setup First, set the Google Cloud region and zone. Set the Google Cloud region. gcloud config set compute/region "europe-west1" Set the Google Cloud zone. gcloud config set compute/zone "europe-west1-d" This lab will use the following Google Cloud Service APIs, and have been enabled for you: compute.googleapis.com container.googleapis.com cloudbuild.googleapis.com In addition, the Terraform configuration takes three parameters to determine where the Kubernetes Engine cluster should be created: project ID region zone For simplicity, these parameters are specified in a file named terraform.tfvars, in the terraform directory. To ensure the appropriate APIs are enabled and to generate the terraform/terraform.tfvars file based on your gcloud defaults, run: make setup-project Type y when asked to confirm. This will enable the necessary Service APIs, and it will also generate a terraform/terraform.tfvars file with the following keys. Verify the values themselves will match the output of gcloud config list by running: cat terraform/terraform.tfvars Provisioning the Kubernetes Engine cluster Next, apply the Terraform configuration within the project root: make tf-apply When prompted, review the generated plan and enter yes to deploy the environment. This will take several minutes to deploy. Task 2. Validation Terraform outputs a message when the cluster's been successfully created. ...snip... google_container_cluster.primary: Still creating... (3m0s elapsed) google_container_cluster.primary: Still creating... (3m10s elapsed) google_container_cluster.primary: Still creating... (3m20s elapsed) google_container_cluster.primary: Still creating... (3m30s elapsed) google_container_cluster.primary: Creation complete after 3m34s (ID: gke-demo-cluster) Apply complete! Resources: 5 added, 0 changed, 0 destroyed. Test completed task Click Check my progress to verify your performed task. If you have successfully deployed necessary infrastructure with Terraform, you will see an assessment score. Use Terraform to set up the necessary infrastructure (Lab setup) Now ssh into the bastion for the remaining steps: gcloud compute ssh gke-demo-bastion Existing versions of kubectl and custom Kubernetes clients contain provider-specific code to manage authentication between the client and Google Kubernetes Engine. Starting with v1.26, this code will no longer be included as part of the OSS kubectl. GKE users will need to download and use a separate authentication plugin to generate GKE-specific tokens. This new binary, gke-gcloud-auth-plugin, uses the Kubernetes Client-go Credential Plugin mechanism to extend kubectls authentication to support GKE. For more information, you can check out the following documentation. To have kubectl use the new binary plugin for authentication instead of using the default provider-specific code, use the following steps. Once connected, run the following command to install the gke-gcloud-auth-plugin on the VM. sudo apt-get install google-cloud-sdk-gke-gcloud-auth-plugin Set export USE_GKE_GCLOUD_AUTH_PLUGIN=True in ~/.bashrc: echo "export USE_GKE_GCLOUD_AUTH_PLUGIN=True" >> ~/.bashrc Run the following command: source ~/.bashrc Run the following command to force the config for this cluster to be updated to the Client-go Credential Plugin configuration. gcloud container clusters get-credentials gke-demo-cluster --zone europe-west1-d On success, you should see this message: kubeconfig entry generated for gke-demo-cluster. The newly-created cluster will now be available for the standard kubectl commands on the bastion. Task 3. Installing the hello server The test application consists of one simple HTTP server, deployed as hello-server, and two clients, one of which will be labeled app=hello and the other app=not-hello. All three services can be deployed by applying the hello-app manifests. On the bastion, run: kubectl apply -f ./manifests/hello-app/ Output: deployment.apps/hello-client-allowed created deployment.apps/hello-client-blocked created service/hello-server created deployment.apps/hello-server created Verify all three pods have been successfully deployed: kubectl get pods You will see one running pod for each of hello-client-allowed, hello-client-blocked, and hello-server deployments. NAME READY STATUS RESTARTS AGE hello-client-allowed-7d95fcd5d9-t8fsk | 1/1 Running 0 14m hello-client-blocked-6497db465d-ckbn8 | 1/1 Running 0 14m hello-server-7df58f7fb5-nvcvd | 1/1 Running 0 14m Test completed task Click Check my progress to verify your performed task. If you have successfully deployed a simple HTTP hello server, you will see an assessment score. Installing the hello server Task 4. Confirming default access to the hello server First, tail the "allowed" client: kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=hello) Press CTRL+C to exit. Second, tail the logs of the "blocked" client: kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=not-hello) Press CTRL+C to exit. You will notice that both pods are successfully able to connect to the hello-server service. This is because you have not yet defined a Network Policy to restrict access. In each of these windows you should see successful responses from the server. Hostname: hello-server-7df58f7fb5-nvcvd Hello, world! Version: 1.0.0 Hostname: hello-server-7df58f7fb5-nvcvd Hello, world! Version: 1.0.0 Hostname: hello-server-7df58f7fb5-nvcvd ... Task 5. Restricting access with a Network Policy Now you will block access to the hello-server pod from all pods that are not labeled with app=hello. The policy definition you'll use is contained in manifests/network-policy.yaml Apply the policy with the following command: kubectl apply -f ./manifests/network-policy.yaml Output: networkpolicy.networking.k8s.io/hello-server-allow-from-hello-client created Tail the logs of the "blocked" client again: kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=not-hello) You'll now see that the output looks like this in the window tailing the "blocked" client: wget: download timed out wget: download timed out wget: download timed out wget: download timed out wget: download timed out wget: download timed out wget: download timed out wget: download timed out wget: download timed out ... The network policy has now prevented communication to the hello-server from the unlabeled pod. Press CTRL+C to exit. Task 6. Restricting namespaces with Network Policies In the previous example, you defined a network policy that restricts connections based on pod labels. It is often useful to instead label entire namespaces, particularly when teams or applications are granted their own namespaces. You'll now modify the network policy to only allow traffic from a designated namespace, then you'll move the hello-allowed pod into that new namespace. First, delete the existing network policy: kubectl delete -f ./manifests/network-policy.yaml Output: networkpolicy.networking.k8s.io "hello-server-allow-from-hello-client" deleted Create the namespaced version: kubectl create -f ./manifests/network-policy-namespaced.yaml Output: networkpolicy.networking.k8s.io/hello-server-allow-from-hello-client created Now observe the logs of the hello-allowed-client pod in the default namespace: kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=hello) You will notice it is no longer able to connect to the hello-server. Press CTRL+C to exit. Finally, deploy a second copy of the hello-clients app into the new namespace. kubectl -n hello-apps apply -f ./manifests/hello-app/hello-client.yaml Output: deployment.apps/hello-client-allowed created deployment.apps/hello-client-blocked created Test completed task Click Check my progress to verify your performed task. If you have successfully deployed a second copy of the hello-clients app into the new namespace, you will see an assessment score. Deploy a second copy of the hello-clients app into the new namespace Task 7. Validation Next, check the logs for the two new hello-app clients. View the logs for the "hello" labeled app in the app in the hello-apps namespace by running: kubectl logs --tail 10 -f -n hello-apps $(kubectl get pods -oname -l app=hello -n hello-apps) Output: Hostname: hello-server-6c6fd59cc9-7fvgp Hello, world! Version: 1.0.0 Hostname: hello-server-6c6fd59cc9-7fvgp Hello, world! Version: 1.0.0 Hostname: hello-server-6c6fd59cc9-7fvgp Hello, world! Version: 1.0.0 Hostname: hello-server-6c6fd59cc9-7fvgp Hello, world! Version: 1.0.0 Hostname: hello-server-6c6fd59cc9-7fvgp Both clients are able to connect successfully because as of Kubernetes 1.10.x NetworkPolicies do not support restricting access to pods within a given namespace. You can allowlist by pod label, namespace label, or allowlist the union (i.e. OR) of both. But you cannot yet allowlist the intersection (i.e. AND) of pod labels and namespace labels. Press CTRL+C to exit. Task 8. Teardown Qwiklabs will take care of shutting down all the resources used for this lab, but heres what you would need to do to clean up your own environment to save on cost and to be a good cloud citizen: Log out of the bastion host: exit Run the following to destroy the environment: make teardown Output: ...snip... google_compute_subnetwork.cluster-subnet: Still destroying... (ID: us-east1/kube-net-subnet, 20s elapsed) google_compute_subnetwork.cluster-subnet: Destruction complete after 25s google_compute_network.gke-network: Destroying... (ID: kube-net) google_compute_network.gke-network: Still destroying... (ID: kube-net, 10s elapsed) google_compute_network.gke-network: Still destroying... (ID: kube-net, 20s elapsed) google_compute_network.gke-network: Destruction complete after 26s Destroy complete! Resources: 5 destroyed. Task 9. Troubleshooting in your own environment The install script fails with a "permission denied" error when running Terraform The credentials that Terraform is using do not provide the necessary permissions to create resources in the selected projects. Ensure that the account listed in gcloud config list has necessary permissions to create resources. If it does, regenerate the application default credentials using gcloud auth application-default login. Invalid fingerprint error during Terraform operations Terraform occasionally complains about an invalid fingerprint, when updating certain resources. If you see the error below, simply re-run the command. Solution of Lab Quick curl -LO raw.githubusercontent.com/ePlus-DEV/storage/refs/heads/main/labs/GSP480/lab.sh source lab.sh Manual ]]>

Sat, 28 Feb 2026 05:24:48 GMT

Sat, 28 Feb 2026 05:07:50 GMT

New File to open a new file within the Code Editor. Write the Python code to use Google's Vertex AI SDK to interact with the pre-trained Text Generation AI model. Create and save the python file. Execute the Python file by invoking the below command by replacing the FILE_NAME inside the terminal within the Code Editor pane to view the output. /usr/bin/python3 /FILE_NAME.py Copied! To view the generated image, use EXPLORER. Note: You can ignore any warnings related to Python version dependencies. Challenge scenario Scenario: You're a developer at Cymbal Inc. an AI-powered bouquet design company. Your clients can describe their dream bouquet, and your system generates realistic images for their approval. To further enhance the experience, you're integrating cutting-edge image analysis to provide descriptive summaries of the generated bouquets. Your main application will invoke the relevant methods based on the users' interaction and to facilitate that, you need to finish the below tasks: Task 1: Develop a Python function named generate_bouquet_image(prompt). This function should invoke the imagen-4.0-generate-001 model using the supplied prompt, generate the image, and store it locally. For this challenge, use the prompt: "Create an image containing a bouquet of 2 sunflowers and 3 roses". Click Check my progress to verify the objective. Generate an image by sending a text prompt Task 2: Develop a second Python function called analyze_bouquet_image(image_path). This function will take the image path as input along with a text prompt to generate birthday wishes based on the image passed and send it to the gemini-2.5-flash model. To ensure responses can be obtained as and when they are generated, enable streaming on the prompt requests. Click Check my progress to verify the objective. Analyze the saved image by using a multimodal model Solution of Lab curl -LO raw.githubusercontent.com/ePlus-DEV/storage/refs/heads/main/labs/generate-ai-images-and-summarize-them-using-gemini-and-python-solution/lab.sh source lab.sh Script Alternative cat <<'EOF' > lab.py import vertexai from vertexai.preview.vision_models import ImageGenerationModel from vertexai.generative_models import GenerativeModel, Part def generate_bouquet_image(prompt: str) -> str: vertexai.init() model = ImageGenerationModel.from_pretrained( "imagen-4.0-generate-001" ) images = model.generate_images( prompt=prompt, number_of_images=1 ) image_path = "bouquet.jpeg" images[0].save(image_path) print(f"Image generated and saved as {image_path}") return image_path def analyze_bouquet_image(image_path: str): model = GenerativeModel("gemini-2.5-flash") # Read image as binary (required) with open(image_path, "rb") as f: image_bytes = f.read() image_part = Part.from_data( data=image_bytes, mime_type="image/jpeg" ) prompt = ( "Analyze this bouquet image and generate a short birthday wish " "based on the flowers you see." ) # STREAMING DISABLED (checker requirement) response = model.generate_content( [prompt, image_part], stream=False ) print("Birthday wish:") print(response.text) if __name__ == "__main__": prompt = "Create an image containing a bouquet of 2 sunflowers and 3 roses" image_path = generate_bouquet_image(prompt) analyze_bouquet_image(image_path) EOF Run /usr/bin/python3 lab.py ]]>

Thu, 26 Feb 2026 03:47:18 GMT

[email protected] To set the active account, run: $ gcloud config set account `ACCOUNT` (Optional) You can list the project ID with this command: gcloud config list project Copied! Output: [core] project = Example output: [core] project = qwiklabs-gcp-44776a13dea667a6 Note: For full documentation of gcloud, in Google Cloud, refer to the gcloud CLI overview guide. Overview This lab guides you through creating a Firebase Firestore database and writing data to it using a TypeScript application. You'll learn how to initialize Firebase, structure your data, and use the Firebase CLI for authentication. This eliminates the need for a custom service account. Task 1. Adding a Firebase Project to Google Cloud Attach a new Firebase project to your Google Cloud proiect by visting the Firebase console. Go to the Firebase Console. https://console.firebase.google.com/ Copied! Note:Navigate to the Firebase Console in your browser. Click Create a Firebase Project and follow the instructions to create a new project. Note:On the Create a project page, scroll down to the bottom of the screen and click Add Firebase to Google Cloud Project. On the following screen, enter the Google Cloud project identifier shown below. qwiklabs-gcp-02-a5615c175bbc Copied! Note:This project identifier is linked to a Google Cloud project. Accept the Firebase terms and conditions to create the Firebase project. Follow the remaining instructions to create a new Firebase project. Note:Firebase includes options for billing and analytics. These options are not used in this lab, so accept the default options to complete the creation of the Firebase project. Task 2. Set Up Your Environment Return to Google Cloud and use CloudShell to configure your Google Cloud project and initialize Firebase. Set your project ID. gcloud config set project qwiklabs-gcp-02-a5615c175bbc Copied! Note:This command sets your active project. Set your default region. gcloud config set run/region us-east1 Copied! Note:This command sets your active region. Set your default zone. gcloud config set compute/zone us-east1-c Copied! Note:This command sets your active zone. Enable the necessary APIs. gcloud services enable compute.googleapis.com container.googleapis.com iap.googleapis.com firebase.googleapis.com firebaseextensions.googleapis.com eventarc.googleapis.com pubsub.googleapis.com storage.googleapis.com run.googleapis.com Copied! Note:This command enables the Google APIs required for this lab. Create a Firestore database in Native mode. gcloud firestore databases create --location=nam5 --database='(default)' Copied! Note:This command provisions a Firestore database in the nam5 (North America) multi-region. The database must exist before you can deploy or run code that interacts with it. You can choose a different region if needed. Task 3. Configure the Firebase Environment Enable the Firebase environment to use for development. Install the Firebase CLI. npm install -g firebase-tools Copied! Note:This command installs the Firebase CLI globally. Create a new directory for the project. mkdir firestore-app && cd firestore-app Copied! Note:This command creates a folder for the lab content. This folder will contain the code and configurations generated during the lab. Log in to Firebase using the CLI: firebase login --no-localhost Copied! Note:This command authenticates the Firebase CLI with your Google account. Initialize Firebase in your project directory. firebase init Copied! Note:This command initializes a Firebase project in the current directory.When prompted: Select Firestore and Functions. For Firestore, accept the default location. For Functions, choose TypeScript and decline ESLint. Task 4. Write Data to Firestore Now, write some data to your Firestore database using TypeScript. For convienience a Firebase Cloud Function will be used to populate the Firestore database. Replace functions/src/index.ts file with the following code: // functions/src/index.ts // Import types for request and response objects import {onRequest, Request} from "firebase-functions/v2/https"; import {Response} from "express"; import {initializeApp} from "firebase-admin/app"; import {getFirestore} from "firebase-admin/firestore"; import * as logger from "firebase-functions/logger"; initializeApp(); // Note: The 'addMessage' function name from the JS example has been preserved. export const addMessage = onRequest({region: "us-east1"}, async (req: Request, res: Response) => { if (req.method !== "POST") { res.status(405).set("Allow", "POST").send({error: "Method Not Allowed! Please use POST."}); return; } const {text} = req.body as { text: unknown }; if (typeof text !== "string" || text.trim() === "" || text.length > 200) { res.status(400).send({ error: "The message text must be a string and between 1 and 200 characters.", }); return; } try { const writeResult = await getFirestore() .collection("messages") .add({original: text}); logger.log(`Message with ID: ${writeResult.id} added.`); res.status(200).send({message: `Message with ID: ${writeResult.id} added to Firestore.`}); } catch (error) { logger.error("Error writing to Firestore:", error); res.status(500).send({error: "An internal error occurred."}); } }); Copied! Note:This code defines a Firebase Function that writes a message to the messages collection in Firestore. It uses the Firebase Admin SDK, which leverages the Firebase CLI's authentication for simplified access. Replace the functions/package.json file with the following configuration to set the correct TypeScript engine and add the required dependencies. { "name": "functions", "description": "Cloud Functions for Firebase", "scripts": { "lint": "eslint --ext .js,.ts .", "build": "tsc", "build:watch": "tsc --watch", "serve": "npm run build && firebase emulators:start --only functions", "shell": "npm run build && firebase functions:shell", "start": "npm run shell", "deploy": "firebase deploy --only functions", "logs": "firebase functions:log" }, "engines": { "node": "22" }, "main": "lib/index.js", "dependencies": { "firebase-admin": "^11.8.0", "firebase-functions": "^4.3.1" }, "devDependencies": { "@typescript-eslint/eslint-plugin": "^5.62.0", "@typescript-eslint/parser": "^5.62.0", "@types/node": "^18.19.0", "eslint": "^8.57.0", "eslint-config-google": "^0.14.0", "eslint-plugin-import": "^2.29.1", "firebase-functions-test": "^3.1.0", "typescript": "^5.4.5" }, "private": true, "overrides": { "glob": "^10.3.10", "lru-cache": "^10.2.2" } } Copied! Note:Ensure the engines/node field is set to v22, the firebase-admin dependency is included, and firebase-functions is v4.6.0 or later. Replace the functions/tsconfig.json file with the following configuration to set the correct TypeScript requirements. { "compilerOptions": { "module": "commonjs", "noImplicitReturns": true, "noUnusedLocals": true, "outDir": "lib", "sourceMap": true, "strict": true, "target": "es2021", "lib": [ "es2021" ], "skipLibCheck": true }, "compileOnSave": true, "include": [ "src" ] } Copied! Note:Ensure the engines/node field is set to v22, the firebase-admin dependency is included, and firebase-functions is v4.6.0 or later. Install the dependencies. cd functions && npm install Copied! Note:This command installs all the necessary packages defined in your package.json file. Perform a test build. npm run build Copied! Note:This command performs a build on the TypeScript as defined in the function folder. Return to the Firebase application folder. cd ~/firestore-app Copied! Note:This command returns to the parent folder, ready for deployment. Deploy the function to Firebase. firebase deploy --only functions Copied! Note:This command deploys your Firebase Function to the cloud. If you see an error relating to "There was an issue deploying your functions. Verify that your project has a Google App Engine instance setup at https://console.cloud.google.com/appengine and try again." This indicates a background processes have not completed. Please wait a couple of minutes before trying the deploy command again. Task 5. Test the Function Verify that your Firebase Cloud Function is writing data to Firestore correctly. List the available Firebase Cloud Functions. firebase functions:list Copied! Note:This command lists the available Firebase Functions for the active project. EXPECTED OUTPUT Function Version Trigger Location Memory Runtime addMessage v2 https us-east1 256 nodejs22 Get the URI for the Firebase Cloud Function. FUNCTION_URI=$(gcloud functions describe addMessage --region us-east1 --format=json | jq -r .serviceConfig.uri) Copied! Note:This command retrieves the addMessage function object and extracts the URI. Call the Firebase Cloud Function using curl. MESSAGE_TEXT="Hello from the CLI!" curl -X POST "$FUNCTION_URI" -H "Content-Type: application/json" -d '{"text":"'"$MESSAGE_TEXT"'"}' Copied! Note:This command invokes the addMessage function with the provided data. The function name is case-sensitive. {"message":"Message with ID: 9GMxSOZp0yynY0I57Dav added to Firestore."} Check the Firestore console to confirm the data has been written. Open the Firebase console for your project. Navigate to Firestore Database, and you should see a new document in the 'messages' collection. Note:Verify that the data has been written to Firestore. Solution of Lab 💡 No need to do anything, please wait about 5 minutes, the lab will do it automatically. ]]>

Thu, 26 Feb 2026 03:36:36 GMT

[email protected] To set the active account, run: $ gcloud config set account `ACCOUNT` (Optional) You can list the project ID with this command: gcloud config list project Copied! Output: [core] project = Example output: [core] project = qwiklabs-gcp-44776a13dea667a6 Note: For full documentation of gcloud, in Google Cloud, refer to the gcloud CLI overview guide. Overview This lab guides you through creating a Firebase Firestore database and writing data to it using a JavaScript application. You'll learn how to initialize Firebase, structure your data, and use the Firebase CLI for authentication. This eliminates the need for a custom service account. Task 1. Adding a Firebase Project to Google Cloud Attach a new Firebase project to your Google Cloud proiect by visting the Firebase console. Go to the Firebase Console. https://console.firebase.google.com/ Copied! Note:Navigate to the Firebase Console in your browser. Click Create a Firebase Project and follow the instructions to create a new project. Note:On the Create a project page, scroll down to the bottom of the screen and click Add Firebase to Google Cloud Project. On the following screen, enter the Google Cloud project identifier shown below. qwiklabs-gcp-01-d7976e499e7a Copied! Note:This project identifier is linked to a Google Cloud project. Accept the Firebase terms and conditions to create the Firebase project. Follow the remaining instructions to create a new Firebase project. Note:Firebase includes options for billing and analytics. These options are not used in this lab, so accept the default options to complete the creation of the Firebase project. Task 2. Set Up Your Environment Return to Google Cloud and use CloudShell to configure your Google Cloud project and initialize Firebase. Set your project ID. gcloud config set project qwiklabs-gcp-01-d7976e499e7a Copied! Note:This command sets your active project. Set your default region. gcloud config set run/region us-east1 Copied! Note:This command sets your active region. Set your default zone. gcloud config set compute/zone us-east1-c Copied! Note:This command sets your active zone. Enable the necessary APIs. gcloud services enable compute.googleapis.com container.googleapis.com iap.googleapis.com firebase.googleapis.com firebaseextensions.googleapis.com eventarc.googleapis.com pubsub.googleapis.com storage.googleapis.com run.googleapis.com Copied! Note:This command enables the Google APIs required for this lab. Create a Firestore database in Native mode. gcloud firestore databases create --location=nam5 --database='(default)' Copied! Note:This command provisions a Firestore database in the nam5 (North America) multi-region. The database must exist before you can deploy or run code that interacts with it. You can choose a different region if needed. Task 3. Configure the Firebase Environment Enable the Firebase environment to use for development. Install the Firebase CLI. npm install -g firebase-tools Copied! Note:This command installs the Firebase CLI globally. Create a new directory for the project. mkdir firestore-app && cd firestore-app Copied! Note:This command creates a folder for the lab content. This folder will contain the code and configurations generated during the lab. Log in to Firebase using the CLI: firebase login --no-localhost Copied! Note:This command authenticates the Firebase CLI with your Google account. Initialize Firebase in your project directory. firebase init Copied! Note:This command initializes a Firebase project in the current directory.When prompted: Select Firestore and Functions. For Firestore, accept the default location. For Functions, choose JavaScript and decline ESLint. Task 4. Write Data to Firestore Now, write some data to your Firestore database using JavaScript. For convienience a Firebase Cloud Function will be used to populate the Firestore database. Replace functions/index.js file with the following code: // functions/index.js const {initializeApp} = require("firebase-admin/app"); const {getFirestore} = require("firebase-admin/firestore"); // Import onRequest instead of onCall const {onRequest} = require("firebase-functions/v2/https"); const {setGlobalOptions} = require("firebase-functions/v2"); initializeApp(); setGlobalOptions({ region: 'us-east1' }); // Use onRequest for a standard HTTP endpoint exports.addMessage = onRequest(async (req, res) => { // Check that the request method is POST if (req.method !== 'POST') { res.status(405).send({ error: 'Method Not Allowed! Please use POST.' }); return; } // Get the text from the request body directly. // The {"data": ...} wrapper is not needed for onRequest functions. const text = req.body.text; // Validate the input and send back a standard HTTP error response if (!text || text.length > 200) { res.status(400).send({ error: 'The message text is either missing or too long (max 200 characters).', }); return; } try { const writeResult = await getFirestore() .collection('messages') .add({ original: text }); console.log(`Message with ID: ${writeResult.id} added.`); // Send a success response res.status(200).send({ message: `Message with ID: ${writeResult.id} added to Firestore.` }); } catch (error) { console.error("Error writing to Firestore:", error); res.status(500).send({ error: 'An internal error occurred.' }); } }); Copied! Note:This code defines a Firebase Function that writes a message to the messages collection in Firestore. It uses the Firebase Admin SDK, which leverages the Firebase CLI's authentication for simplified access. Replace the functions/package.json file with the following configuration to set the correct JavaScript engine and add the required dependencies. { "name": "functions", "scripts": { "lint": "eslint .", "serve": "firebase emulators:start --only functions", "shell": "firebase functions:shell", "start": "npm run shell", "deploy": "firebase deploy --only functions", "logs": "firebase functions:log" }, "engines": { "node": "22" }, "main": "index.js", "dependencies": { "firebase-admin": "^11.8.0", "firebase-functions": "^4.6.0" }, "devDependencies": { "@firebase/rules-unit-testing": "^2.0.2", "eslint": "^8.15.0", "eslint-config-google": "^0.14.0", "firebase-functions-test": "^3.0.0" }, "private": true } Copied! Note:Ensure the engines/node field is set to v22, the firebase-admin dependency is included, and firebase-functions is v4.6.0 or later. Install the dependencies. cd functions && npm install Copied! Note:This command installs all the necessary packages defined in your package.json file. Return to the Firebase application folder. cd ~/firestore-app Copied! Note:This command returns to the parent folder, ready for deployment. Deploy the function to Firebase. firebase deploy --only functions Copied! Note:This command deploys your Firebase Function to the cloud. If you see an error relating to "There was an issue deploying your functions. Verify that your project has a Google App Engine instance setup at https://console.cloud.google.com/appengine and try again." This indicates a background processes have not completed. Please wait a couple of minutes before trying the deploy command again. Task 5. Test the Function Verify that your Firebase Cloud Function is writing data to Firestore correctly. List the available Firebase Cloud Functions. firebase functions:list Copied! Note:This command lists the available Firebase Functions for the active project. EXPECTED OUTPUT Function Version Trigger Location Memory Runtime addMessage v2 https us-east1 256 nodejs22 Get the URI for the Firebase Cloud Function. FUNCTION_URI=$(gcloud functions describe addMessage --region us-east1 --format=json | jq -r .serviceConfig.uri) Copied! Note:This command retrieves the addMessage function object and extracts the URI. Call the Firebase Cloud Function using curl. MESSAGE_TEXT="Hello from the CLI!" curl -X POST "$FUNCTION_URI" -H "Content-Type: application/json" -d '{"text":"'"$MESSAGE_TEXT"'"}' Copied! Note:This command invokes the addMessage function with the provided data. The function name is case-sensitive. {"message":"Message with ID: 9GMxSOZp0yynY0I57Dav added to Firestore."} Check the Firestore console to confirm the data has been written. Open the Firebase console for your project. Navigate to Firestore Database, and you should see a new document in the 'messages' collection. Note:Verify that the data has been written to Firestore. Solution of Lab 💡 No need to do anything, please wait about 5 minutes, and the lab will do it automatically. ]]>

Thu, 26 Feb 2026 02:48:01 GMT

/dev/null; gcloud compute firewall-rules create critical-fw-rule --network=client-vpc --direction=INGRESS --priority=1000 --action=DENY --rules=tcp:80,tcp:22 --target-tags=compromised-vm --enable-logging gcloud compute firewall-rules delete allow-ssh-from-bastion --quiet 2>/dev/null; gcloud compute firewall-rules create allow-ssh-from-bastion --network=client-vpc --action allow --direction=ingress --rules tcp:22 --source-ranges=$(gcloud compute instances describe bastion-host --zone=$(gcloud compute instances list --filter="name=bastion-host" --format="get(zone)") --format="get(networkInterfaces[0].accessConfigs[0].natIP)") --target-tags=compromised-vm gcloud compute networks subnets update my-subnet --region=$(gcloud compute networks subnets list --filter="name=my-subnet" --format="get(region)") --enable-flow-logs ]]>

Wed, 25 Feb 2026 09:27:45 GMT

Tue, 24 Feb 2026 02:27:21 GMT

Sun, 15 Feb 2026 09:02:28 GMT

[email protected] To set the active account, run: $ gcloud config set account `ACCOUNT` (Optional) You can list the project ID with this command: gcloud config list project Output: [core] project = Example output: [core] project = qwiklabs-gcp-44776a13dea667a6 Note: For full documentation of gcloud, in Google Cloud, refer to the gcloud CLI overview guide. Overview This lab provides a practical exploration of Docker networking. You will learn how containers communicate with each other and the outside world using various networking modes. You'll also learn how to create custom networks and control container communication. We will use Artifact Registry to host the container images used in this lab. Task 1. Setting up the Environment In this task, you will configure your environment and pull the necessary images from Artifact Registry. Set your Project ID is: qwiklabs-gcp-00-192ff2ed31f3 gcloud config set project qwiklabs-gcp-00-192ff2ed31f3 Note:This command sets your active project identity. Set your default region to us-west1 gcloud config set compute/region us-west1 Note:This command sets your active compute region. Enable the Artifact Registry API. gcloud services enable artifactregistry.googleapis.com Note:Enables the Artifact Registry service. Create a Docker repository in Artifact Registry. Replace lab-registry with a name for your repository. It must be unique within the specified region. gcloud artifacts repositories create lab-registry --repository-format=docker --location=us-west1 --description="Docker repository" Note:Creates a Docker repository in Artifact Registry. Configure Docker to authenticate with Artifact Registry. gcloud auth configure-docker us-west1-docker.pkg.dev Note:This command configures Docker to use your Google Cloud credentials for authentication with Artifact Registry. Pull the alpine/curl image from Docker Hub and tag it for your Artifact Registry. docker pull alpine/curl && docker tag alpine/curl us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/alpine-curl:latest Note:This will pull the image from docker hub and tag it for Artifact Registry. Push the alpine/curl image to Artifact Registry. docker push us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/alpine-curl:latest strong>Note:This command pushes the tagged image to your Artifact Registry repository. Pull the nginx:latest image from Docker Hub and tag it for your Artifact Registry. docker pull nginx:latest && docker tag nginx:latest us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/nginx:latest Note:This will pull the image from docker hub and tag it for Artifact Registry. Push the nginx:latest image to Artifact Registry. docker push us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/nginx:latest Note:This command pushes the tagged image to your Artifact Registry repository. Task 2. Exploring Default Bridge Network This task explores the default bridge network Docker creates. You will run containers and observe their communication within this network. Run container1 using the alpine/curl image. docker run -d --name container1 us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/alpine-curl:latest sleep infinity Run container2 using the alpine/curl image. docker run -d --name container2 us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/alpine-curl:latest sleep infinity Note:This starts two containers in detached mode. The sleep infinity command keeps the containers running. Inspect the default bridge network. docker network inspect bridge Note:This shows details of the bridge network, including connected containers and IP addresses. From container1, ping container2 using its name. Note that Docker uses embedded DNS for name resolution within the default bridge network. docker exec -it container1 ping container2 Note:This executes the ping command within container1, targeting container2. The standard bridge network does not provide DNS resolution, so ping command cannot use the container name. Stop container2 from runnning. docker stop container2 && docker rm container2 Restart container2 running as an HTTP server. docker run -d --name container2 -p 8080:80 us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/nginx:latest Note:Start a new container2 running nginx and exposing port 8080. From container1, use curl to make an HTTP request to container2. docker exec -it container1 curl container2:8080 Note:Send a curl request from container1 to container2 on port 8080. The standard bridge network does not provide DNS resolution, so curl command cannot use the container name. Task 3. Creating and Using Custom Networks This task demonstrates how to create a custom network which supports DNS and connect containers to it, providing more control over network configuration. Create a new network named my-net. docker network create my-net Note:Creates a new Docker network named my-net. Run container 3 connecting it to the my-net network. docker run -d --name container3 --network my-net us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/alpine-curl:latest sleep infinity Run container 4 connecting it to the my-net network. docker run -d --name container4 --network my-net us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/alpine-curl:latest sleep infinity Note:Starts two containers connected to the my-net network. Inspect the my-net network to see the connected containers and their IP addresses. docker network inspect my-net Note:Displays details about the my-net network. From container3, ping container4 using its name. Name resolution works within custom networks as well. docker exec -it container3 ping container4 Note:Tests connectivity between containers within my-net. Stop the active container 4 from running. docker stop container4 && docker rm container4 Restart container 4. docker run -d --name container4 --network my-net -p 8081:80 us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/nginx:latest Run an nginx container on my-net and test connectivity. docker exec -it container3 curl container4:80 Note:Starts an nginx container on my-net. Stop the active container 4 from running. docker stop container4 && docker rm container4 Task 4. Publishing Ports and Accessing Containers from the Host Learn how to publish container ports and access containerized services from the host machine. Run an nginx container, publishing port 80 to the host's port 8080. docker run -d --name container4 -p 8080:80 us-west1-docker.pkg.dev/qwiklabs-gcp-00-192ff2ed31f3/lab-registry/nginx:latest Note:Publishes port 80 of the container to port 8080 on the host. Access the nginx service from the host machine using curl. curl localhost:8080 Note:This command sends an HTTP request to the published port on the host machine. Use docker port to check the port mapping. docker port container4 80 Note:This command shows the mapping for port 80 of the container. Task 5. Cleaning Up Remove the created containers and networks. Stop all containers. docker stop container1 container2 container3 container4 Remove all containers. docker rm container1 container2 container3 container4 Note:This stops and removes the containers created in the previous steps. Remove the my-net network. docker network rm my-net Note:This removes the custom network. Solution of Lab https://www.youtube.com/watch?v=c_w7Utw7l50 💡 The lab will automatically complete in approximately 5 minutes. Just sit tight and let it finish 👍 ]]>

Sun, 15 Feb 2026 08:58:43 GMT

Sun, 15 Feb 2026 08:45:55 GMT