Bringing Google Cloud costs to zero (compute engine)

0
votes

In the billing section for one of my projects the costs for Compute Engine - E2 Instance Core of 12 hours are listed every day. But there are no instances in the Compute Engine section. The project actually only contains special Google Maps API keys that cannot be transferred.

I have also tried to disable the Compute Engine API. Unfortunately this fails with the following error: Hook call/poll resulted in failed op for service 'compute.googleapis.com': Could not turn off service, as it still has resources in use] with failed services [compute.googleapis.com]

Any idea?

2
google-cloud-platformgoogle-compute-enginegcloud

2 Answers

1
votes

Based on the error message: ‘Could not turn off service, as it still has resources in use] with failed services [compute.googleapis.com]’

That means that there are resources under Compute Engine API, so, you can either run a gcloud command to list the current instances or run a gcloud command to view the Asset Inventory, I suggest you to open your GCP project in a Chrome incognito window and use cloud shell.

List instances

gcloud compute instances list

List Asset Inventory

gcloud asset search-all-resources

NOTE: The Asset Inventory API is not enabled by default, so, after you run the command you’ll receive this message:

user@cloudshell:~ (project-id)$ gcloud asset search-all-resources
API [cloudasset.googleapis.com] not enabled on project [project-id].
 Would you like to enable and retry (this will take a few minutes)?
(y/N)?

Please type y, to enable the API and be able to see the output of the command.

Having said that, when you see the results on the screen you’ll be able to identify the resources under the Compute Engine API and all its components, e.g.

---
additionalAttributes:
  networkInterfaces:
  - network: https://www.googleapis.com/compute/v1/projects/project-id/global/networks/default
    networkIP: 1.18.0.5
assetType: compute.googleapis.com/Instance
displayName: linux-instance
location: us-central1-a
name: //compute.googleapis.com/projects/project-id/zones/us-central1-a/instances/linux-instance
project: projects/12345678910
---
additionalAttributes: {}
assetType: compute.googleapis.com/Disk
displayName: linux-instance
location: us-central1-a
name: //compute.googleapis.com/projects/project-id/zones/us-central1-a/disks/linux-instance
project: projects/12345678910
---

As you can see the 2 above lines describe the instance ‘linux-instance’ and its components (disk and ip address), all of them are under the API -> compute.googleapis.com

If you need further assistance, please send the output of the command to a TXT file and remove the sensitive information like: project-id, external IPs, internal IPs and share the output with me so I can take a look at it.

Alternatively, you can sanitize the output of the command just like I did it by replacing the instance name, project ID, project number and IP address with fake data.

Please keep in mind that since this is a billing concern the GCP billing team is open to hear you.

0
votes

Curious.

There are some services that require Compute Engine resources, e.g. Kubernetes Engine, but I thought that, if used, the resources are always exposed.

One way to surface the user of this resource may be to enumerate the project's services and eyeball the result for a service that may be consuming VMs:

gcloud services list --enabled --project=[[YOUR-PROJECT]]