I have created a GCP Cluster via logging into my GCP project > Container Engine > Create Cluster. But when I want to work with it via kubectl, I can't seem to add it to my configuration.
Using the Google Cloud SDK, I have properly authenticated, set my project, default region/zone, can I can see my cluster:
gcloud auth application-default login
gcloud config set compute/region us-east1
gcloud config set compute/zone us-east1-b
gcloud config set project <myproject>
gcloud container clusters list
gcloud container clusters get-credentials <cluster name>
gcloud config set container/cluster <cluster name>
So all of this works fine.
I have a blank ~/.kube/config as I wanted to troubleshoot a problem and start over, therefore, my kube config is:
kubectl config view
...
apiVersion: v1
clusters: []
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
My problem is that I'm following this guide (see "Configuring kubectl" section) and therefore I want to inform kubectl about my new cluster. So per the documentation there, I successfully run:
gcloud container clusters get-credentials NAME --zone ZONE
...
Fetching cluster endpoint and auth data.
kubeconfig entry generated for <clustername>.
Yet when I run kubectl config view I still see everything blank:
apiVersion: v1
clusters: []
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
Why can't I start from a completely blank kubectl configuration and add my GCP cluster to it?
Related
I am unable to deploy a Dockerized application to App Engine Flexible Environment (AEF) in a Google Cloud Platform (GCP) project with a provisioned Shared Virtual Private Cloud (XPN).
In other words, my application with the following app.yaml:
automatic_scaling:
max_num_instances: 1
min_num_instances: 1
env: flex
network:
instance_tag: incorrect-target-tag
name: projects/$GCP_PROJECT_ID/global/networks/$XPN_NETWORK_NAME
service: $AEF_APPLICATION_NAME
and a confirmed Docker image name and tag in Google Container Registry (GCR):
gcloud container images list-tags \
us.gcr.io/$GCP_PROJECT_NAME/$AEF_APPLICATION_NAME \
--flatten=tags \
--format='value(format("us.gcr.io/$GCP_PROJECT_NAME/$AEF_APPLICATION_NAME:{0}", tags))' \
--project=$GCP_PROJECT_NAME
#=>
. . .
us.gcr.io/$GCP_PROJECT_NAME/$AEF_APPLICATION_NAME:$DOCKER_IMAGE_TAG
. . .
is unable to be deployed to AEF:
yes | gcloud app deploy \
--appyaml=./app.yaml \
--image-url=us.gcr.io/$GCP_PROJECT_NAME/$AEF_APPLICATION_NAME:$DOCKER_IMAGE_TAG
#=>
Services to deploy:
descriptor: [/. . ./app.yaml]
source: [/. . ./$AEF_APPLICATION_NAME]
target project: [$GCP_PROJECT_NAME]
target service: [$AEF_APPLICATION_NAME]
target version: [$AEF_APPLICATION_VERSION]
target url: [. . .]
target service account: [App Engine default service account]
Do you want to continue (Y/n)?
Beginning deployment of service [$AEF_APPLICATION_NAME]...
WARNING: Deployment of service [$AEF_APPLICATION_NAME] will ignore the skip_files field in the configuration file, because the image has already been built.
Updating service [$AEF_APPLICATION_NAME] (this may take several minutes)...
.............................................................failed.
ERROR: (gcloud.app.deploy) Error Response: [13] Flex operation projects/$GCP_PROJECT_NAME/regions/$AEF_APPLICATION_REGION/operations/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx error [INTERNAL]: An internal error occurred while processing task /app-engine-flex/insert_flex_deployment/flex_create_resources>1970-01-01T00:00:00.001Z000001.jc.2: <eye3 title='FAILED_PRECONDITION'/> generic::FAILED_PRECONDITION: Validation error: The App Engine flexible Environment Service Agent is unable to find a suitable Flex Firewall Rule in network '$XPN_NETWORK_NAME' in project '$GCP_PROJECT_ID'. Have the Shared VPC Admin create a Flex Firewall Rule as described in https://cloud.google.com/appengine/docs/flexible/python/using-shared-vpc
with the following Virtual Private Cloud (VPC) firewall rule supporting AEF communication through the XPN:
cloud compute firewall-rules list \
--filter="allowed[].ports=(8443) AND allowed[].ports=(10402)" \
--project=$GCP_PROJECT_NAME
#=>
NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED
aef-instance $XPN_NETWORK_NAME INGRESS 1000 tcp:8443,tcp:10402 False
To show all fields of the firewall, please show in JSON format: --format=json
To show all fields in table format, please see the examples in --help.
gcloud compute firewall-rules describe \
aef-instance \
--format=yaml \
--project=$GCP_PROJECT_NAME
#=>
allowed:
- IPProtocol: tcp
ports:
- '8443'
- '10402'
creationTimestamp: '1970-01-01T00:00:00.000-01:00'
description: allows traffic between aef and xpn
direction: INGRESS
disabled: false
id: 'xxxxxxxxxxxxxxxxxxx'
kind: compute#firewall
logConfig:
enable: false
name: aef-instance
network: https://www.googleapis.com/compute/v1/projects/$GCP_PROJECT_NAME/global/networks/$XPN_NETWORK_NAME
priority: 1000
selfLink: https://www.googleapis.com/compute/v1/projects/$GCP_PROJECT_NAME/global/firewalls/aef-instance
sourceRanges:
- 35.191.0.0/16
- 130.211.0.0/22
targetTags:
- incorrect-target-tag
Note: this rule is required for using any AEF application with the XPN, described here.
Following the guide to linking AEF and the XPN here, the target tag for VPC Firewall rule aef-instance MUST be aef-instance. Update VPC Firewall rule aef-instance with the correct target tag:
gcloud compute firewall-rules update \
aef-instance \
--project=$GCP_PROJECT_NAME \
--target-tags=aef-instance
#=>
Updated [https://www.googleapis.com/compute/v1/projects/$GCP_PROJECT_NAME/global/firewalls/aef-instance].
and you will be able to redeploy to AEF without that validation error.
Note: changing the target tag in the app.yaml isn't necessary: the AEF application will be able to communicate over a provisioned XPN as long as there is a firewall rule that meets this criteria exactly, regardless of tags specified in the app.yaml.
I am doing a PoC to connect from Google App Engine to CloudSQL instance running with Private IP on a SharedVPC . The sample application for testing is from
https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/cloud-sql/mysql/sqlalchemy/README.md
My Serverless VPC Connector Range is as follows
$ gcloud compute networks vpc-access connectors list --region=us-central1
CONNECTOR_ID REGION NETWORK IP_CIDR_RANGE MIN_THROUGHPUT MAX_THROUGHPUT STATE
testserverlessvpc us-central1 kube-shared-vpc 192.168.60.0/28 200 300 READY
Private IP Range is as follows
$ gcloud compute addresses list --global --filter="purpose=VPC_PEERING"
NAME ADDRESS/RANGE TYPE PURPOSE NETWORK REGION SUBNET STATUS
cloudsqltestrangenew 10.0.100.0/20 INTERNAL VPC_PEERING kube-shared-vpc RESERVED
MySQL instance is as follows
$ gcloud sql instances list
NAME DATABASE_VERSION LOCATION TIER PRIMARY_ADDRESS PRIVATE_ADDRESS STATUS
mysql2 MYSQL_5_7 us-central1-b db-f1-micro - 10.0.100.5 RUNNABLE
app.standard.yaml is as follows
runtime: python37
service: appcentralpri
env_variables:
CLOUD_SQL_CONNECTION_NAME: projectname:us-central1:mysql2
DB_USER: guestdb
DB_PASS: password
DB_NAME: testdb
DB_HOST: 10.0.100.5:3306
vpc_access_connector:
name: projects/hostproject-26a2/locations/us-central1/connectors/testserverlessvpc
Deployment went through fine and no errors in log encountered
gcloud app deploy app.standard.yaml
However when I try to connect to the application endpoint , the page is not accessible with "Server Not Found"
I have given VPC Access and Network Compute User role to the below App Engine Default Service account on VPC Host Project
<hostproject>-26a2#appspot.gserviceaccount.com
UPDATES
Also added below in app.yaml but no luck
env_variables:
GAE_USE_SOCKETS_HTTPLIB : 'anyvalue'
https://cloud.google.com/appengine/docs/standard/python/sockets#making_httplib_use_sockets
Same setup for CloudRun and CloudSQL worked for me but struggling with GAE. Any suggestions to resolve this issue ?
Your app.yaml file is wrong formatted. The vpc_access_connector: need to be at the root level. Here it's taken as an environment variable value.
runtime: python37
service: appcentralpri
env_variables:
CLOUD_SQL_CONNECTION_NAME: projectname:us-central1:mysql2
DB_USER: guestdb
DB_PASS: password
DB_NAME: testdb
DB_HOST: 10.0.100.5:3306
vpc_access_connector:
name: projects/hostproject-26a2/locations/us-central1/connectors/testserverlessvpc
I am following this instructions for deploying metabase with Google App Engine, after I complete the operations and open the url where the service is deployed i get 502 Bad Gateway or
Error: Server Error
The server encountered a temporary error and could not complete your request.
Please try again in 30 seconds. and from console I got
INFO metabase.driver :: Registered abstract driver :sql ?
This is my app.yaml
env: flex
manual_scaling:
instances: 1
env_variables:
MB_JETTY_PORT: 8080
MB_DB_TYPE: postgres
MB_DB_DBNAME: metabase
MB_DB_PORT: 5432
MB_DB_USER: devops
MB_DB_PASS: password
MB_DB_HOST: 127.0.0.1
beta_settings:
cloud_sql_instances: <instance-name>=tcp:5432
Dockerfile:
FROM gcr.io/google-appengine/openjdk
EXPOSE 8080
ENV PORT 8080
ENV MB_PORT 8080
ENV MB_JETTY_PORT 8080
ENV MB_DB_PORT 5432
ENV METABASE_SQL_INSTANCE <instance_name>=tcp:5432
ENV JAVA_OPTS "-XX:+IgnoreUnrecognizedVMOptions -Dfile.encoding=UTF-8 --add-opens=java.base/java.net=ALL-UNNAMED --add-modules=java.xml.bind"
ADD https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 ./cloud_sql_proxy
ADD http://downloads.metabase.com/v0.33.2/metabase.jar /metabase.jar
RUN chmod +x ./cloud_sql_proxy
CMD ./cloud_sql_proxy -instances=$METABASE_SQL_INSTANCE=tcp:$MB_DB_PORT & java -jar ./metabase.jar
Also I troubleshoot everything I saw on stackoverflow and tried all options with similar problem but still not working, i tried this option 1 and this options 2 but still no working effects.
My steps:
On GCP I am the owner of the project,I created Compute engine VM instance, then SQL Postgres instance, and a new Postgres database with user, I added the public IP address of the VM in the configurations of the SQL Instance as authorized network, and deployed the app.yaml and Dockerfile with gcloud app deploy. Any working solutons?
[1]: https://www.cloudbooklet.com/install-metabase-on-google-cloud-with-docker-app-engine/
I fixed the issue. I just change the metabase version, it always has to be the newest. 0.36.6 at this moment
I'm fairly new to working with live projects.
My project runs perfectly on localhost, I deploy the exact same copy to google app engine using the command gcloud beta app deploy.
My welcome page works perfectly:
As Well as my auth pages:
straight after the auth process i get the following response:
To verify that the account has been authenticated my route url is redirecting to the dashboard:
example.com/admin/users
my app.yaml file is as follows:
runtime: php
env: flex
runtime_config:
document_root: public
# Ensure we skip ".env", which is only for local development
skip_files:
- .env
env_variables:
# Put production environment variables here.
APP_LOG: errorlog
APP_KEY: App-key
STORAGE_DIR: /tmp
CACHE_DRIVER: file
SESSION_DRIVER: file
## Set these environment variables according to your CloudSQL configuration.
DB_HOST: localhost
DB_DATABASE: lara
DB_USERNAME: root
DB_PASSWORD: password
DB_SOCKET: /cloudsql/connection-name
MAIL_MAILER: smtp
MAIL_HOST: smtp.mailtrap.io
MAIL_PORT: 2525
MAIL_USERNAME:username
MAIL_PASSWORD: password
MAIL_FROM_ADDRESS: from#example.com
MAIL_FROM_NAME: {App-Name}
#we need this for the flex environment
beta_settings:
# for Cloud SQL, set this value to the Cloud SQL connection name,
cloud_sql_instances: connection-name
Here is my log?
This is the view it is looking for:
My routes:
It's funny how small things create the biggest issues, took me over 3 weeks to resolve this issue.
As I was conducting research I discovered that Google App engine is case sensitive and so here are steps I used to resolve this issue:
1st I checked my routes using php artisan route:list and my route is route: admin.users.index and my file structure was --path: views/Admin/Users/index.blade.php and so i change all my folders to lower-case to match the route.
Then I ran the following commands:
php artisan cache:clear
php artisan route:clear
php artisan view:clear
Lastly I added the following script under scripts on my composer.json file:
"post-install-cmd": [
"chmod -R 755 bootstrap\/cache",
"php artisan cache:clear"
]
Deployed using gcloud app deploy
Worked like a charm.
I have followed all the instructions:
1) I downloaded it like this:
appcfg.py download_data -A s~myApp --url=https://myApp.appspot.com/_ah/remote_api/ --filename=data.csv
Note that according to this solution I have to append s~ to the app name, or I get the error message:google.appengine.api.datastore_errors.BadRequestError: app s~myApp cannot access app myApp's data
2) I have to add remote_api access to my app.yaml
- url: /remote_api
script: google.appengine.ext.remote_api.handler.application
login: admin
3) I have to run the local server and go to http://localhost:8080/remote_api. In there I enter the admin email for local env and set it as administrator.
4) I upload the csv to local data storage:
appcfg.py --url=http://localhost:8080/_ah/remote_api/ --filename=data.csv upload_data src/
Unfortunately it fails now with this error message:
ApplicationError: ApplicationError: 1 app "dev~myApp" cannot access app "myApp"'s data
What am I missing please?
I found the solution myself, you have to specify the dev application name, hope this helps others.
appcfg.py --url=http://localhost:8080/_ah/remote_api/ --filename=data.csv upload_data -A dev~myApp src/