MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-05-13 05:12:55 -07:00
Code Issues Packages Projects Releases Wiki Activity

feat(offload): implement internal-only network architecture and disable external IPs

Browse Source
This commit is contained in:
mkorwel
2026-03-15 13:18:15 -07:00
parent 7b9a8294ee
commit bb36fc4486
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gemini/skills/offload/scripts/fleet.ts
+2
View File
@@ -6,6 +6,7 @@
import { spawnSync } from 'child_process'; import { spawnSync } from 'child_process';
import path from 'path'; import path from 'path';
import fs from 'fs'; import fs from 'fs';
import os from 'os';
const PROJECT_ID = 'gemini-cli-team-quota'; const PROJECT_ID = 'gemini-cli-team-quota';
const USER = process.env.USER || 'mattkorwel'; const USER = process.env.USER || 'mattkorwel';
@@ -80,6 +81,7 @@ runcmd:
'--metadata', `enable-oslogin=TRUE${sshKeyMetadata ? `,ssh-keys=${sshKeyMetadata}` : ''}`, '--metadata', `enable-oslogin=TRUE${sshKeyMetadata ? `,ssh-keys=${sshKeyMetadata}` : ''}`,
'--labels', `owner=${USER.replace(/[^a-z0-9_-]/g, '_')},type=offload-worker`, '--labels', `owner=${USER.replace(/[^a-z0-9_-]/g, '_')},type=offload-worker`,
'--tags', `gcli-offload-${USER}`, '--tags', `gcli-offload-${USER}`,
'--network-interface', 'network-tier=PREMIUM,no-address',
'--scopes', 'https://www.googleapis.com/auth/cloud-platform' '--scopes', 'https://www.googleapis.com/auth/cloud-platform'
], { stdio: 'inherit' }); ], { stdio: 'inherit' });
.gemini/skills/offload/scripts/setup.ts
+4 -4
View File
@@ -42,7 +42,7 @@ export async function runSetup(env: NodeJS.ProcessEnv = process.env) {
const useContainer = await confirm('Use Container-Native mode (Container-Optimized OS)?'); const useContainer = await confirm('Use Container-Native mode (Container-Optimized OS)?');
console.log(`🔍 Verifying access and finding worker ${targetVM}...`); console.log(`🔍 Verifying access and finding worker ${targetVM}...`);
const statusCheck = spawnSync(`gcloud compute instances describe ${targetVM} --project ${projectId} --zone ${zone} --format="json(status,networkInterfaces[0].accessConfigs[0].natIP)"`, { shell: true }); const statusCheck = spawnSync(`gcloud compute instances describe ${targetVM} --project ${projectId} --zone ${zone} --format="json(status,networkInterfaces[0].networkIP)"`, { shell: true });
let instanceData: any; let instanceData: any;
try { try {
@@ -55,7 +55,7 @@ export async function runSetup(env: NodeJS.ProcessEnv = process.env) {
} }
const status = instanceData.status; const status = instanceData.status;
const publicIp = instanceData.networkInterfaces[0].accessConfigs[0].natIP; const internalIp = instanceData.networkInterfaces[0].networkIP;
if (status !== 'RUNNING') { if (status !== 'RUNNING') {
console.log(`⚠️ Worker is ${status}. Starting it for initialization...`); console.log(`⚠️ Worker is ${status}. Starting it for initialization...`);
@@ -63,12 +63,12 @@ export async function runSetup(env: NodeJS.ProcessEnv = process.env) {
} }
// 1. Configure Fast-Path SSH Alias // 1. Configure Fast-Path SSH Alias
console.log(`\n🚀 Configuring Fast-Path SSH Alias...`); console.log(`\n🚀 Configuring Fast-Path SSH Alias (Internal IP)...`);
const sshAlias = 'gcli-worker'; const sshAlias = 'gcli-worker';
const sshConfigPath = path.join(os.homedir(), '.ssh/config'); const sshConfigPath = path.join(os.homedir(), '.ssh/config');
const sshEntry = ` const sshEntry = `
Host ${sshAlias} Host ${sshAlias}
HostName ${publicIp} HostName ${internalIp}
IdentityFile ~/.ssh/google_compute_engine IdentityFile ~/.ssh/google_compute_engine
User ${env.USER || 'mattkorwel'}_google_com User ${env.USER || 'mattkorwel'}_google_com
CheckHostIP no CheckHostIP no