Couldn't connect to the Docker daemon due to an SSL - google-app-engine

I'm trying to deploy Managed VM (Python) on Google App / Compute Engine with command:
gcloud --verbosity debug preview app deploy ./app.yaml --set-default
during deployment VM instance is created but it exits on error (here is paste of last few lines of listing):
DEBUG: Display disabled.
Copying certificates for secure access. You may be prompted to create an SSH keypair.
DEBUG: Loaded Command Group: ['gcloud', 'compute', 'copy_files']
DEBUG: Detected docker environment variables: DOCKER_HOST=tcp://104.197.50.238:2376, DOCKER_CERT_PATH=../../../../../tmp/tmpPbKmOs, DOCKER_TLS_VERIFY=True
INFO: Starting new HTTPS connection (1): 104.197.50.238
DEBUG: Failed to connect to Docker daemon due to an SSL problem: [Errno 1] _ssl.c:523: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
DEBUG: (gcloud.preview.app.deploy) Couldn't connect to the Docker daemon due to an SSL problem.
Traceback (most recent call last):
File "/home/zdenulo/bin/google-cloud-sdk/./lib/googlecloudsdk/calliope/cli.py", line 591, in Execute
result = args.cmd_func(cli=self, args=args)
File "/home/zdenulo/bin/google-cloud-sdk/./lib/googlecloudsdk/calliope/backend.py", line 1191, in Run
resources = command_instance.Run(args)
File "/home/zdenulo/bin/google-cloud-sdk/./lib/googlecloudsdk/appengine/app_commands/deploy.py", line 208, in Run
implicit_remote_build)
File "/home/zdenulo/bin/google-cloud-sdk/./lib/googlecloudsdk/appengine/lib/deploy_command_util.py", line 137, in BuildAndPushDockerImages
with docker_util.DockerHost(cli, version_id, remote) as docker_client:
File "/home/zdenulo/bin/google-cloud-sdk/./lib/googlecloudsdk/appengine/lib/images/docker_util.py", line 215, in __enter__
return containers.NewDockerClient(local=(not self._remote), **kwargs)
File "/home/zdenulo/bin/google-cloud-sdk/./lib/googlecloudsdk/appengine/lib/docker/containers.py", line 313, in NewDockerClient
'Couldn\'t connect to the Docker daemon due to an SSL problem.' + msg)
DockerDaemonConnectionError: Couldn't connect to the Docker daemon due to an SSL problem.
ERROR: (gcloud.preview.app.deploy) Couldn't connect to the Docker daemon due to an SSL problem.
apparently there is problem with SSL but I have no idea how to solve it, and I'm quite desperate at the moment :)
I have:
Docker version 1.8.2, build 0a8c2e3
Boot2Docker-cli version: v1.8.0 Git commit: 9a26066
Google Cloud SDK 0.9.79
app 2015.09.23
app-engine-java 1.9.26
app-engine-python 1.9.26
bq 2.0.18
bq-nix 2.0.18
core 2015.09.23
core-nix 2015.09.03
gcloud 2015.09.21
gsutil 4.15
gsutil-nix 4.14
preview 2015.09.21
OpenSuse 13.2
OpenSSL 1.0.1k-fips 8 Jan 2015
I would very much appreciate help of any kind.
EDIT:
app.yaml
module: default
runtime: python27
api_version: 1
threadsafe: yes
vm: true
resources:
cpu: .5
memory_gb: 1.3
manual_scaling:
instances: 1
handlers:
- url: .*
script: main.app

Are you using homebrew Python on OS X? If so, there's an existing bug for OpenSSL and Docker here.
The easiest way around this is to temporary use a virtualenv with system python.
pip install virtualenv
virtualenv ~/system-python-env
source ~/system-python-env
gcloud preview app deploy ...

You can get at a short-lived SSL with "gcloud docker --authorize-only". Then immediately do your "gcloud preview app deploy..".
gcloud docker --authorize-only
gcloud preview app deploy app.yaml --promote

Related

Problem during deploying Metabase with Google App Engine

I am following this instructions for deploying metabase with Google App Engine, after I complete the operations and open the url where the service is deployed i get 502 Bad Gateway or
Error: Server Error
The server encountered a temporary error and could not complete your request.
Please try again in 30 seconds. and from console I got
INFO metabase.driver :: Registered abstract driver :sql ?
This is my app.yaml
env: flex
manual_scaling:
instances: 1
env_variables:
MB_JETTY_PORT: 8080
MB_DB_TYPE: postgres
MB_DB_DBNAME: metabase
MB_DB_PORT: 5432
MB_DB_USER: devops
MB_DB_PASS: password
MB_DB_HOST: 127.0.0.1
beta_settings:
cloud_sql_instances: <instance-name>=tcp:5432
Dockerfile:
FROM gcr.io/google-appengine/openjdk
EXPOSE 8080
ENV PORT 8080
ENV MB_PORT 8080
ENV MB_JETTY_PORT 8080
ENV MB_DB_PORT 5432
ENV METABASE_SQL_INSTANCE <instance_name>=tcp:5432
ENV JAVA_OPTS "-XX:+IgnoreUnrecognizedVMOptions -Dfile.encoding=UTF-8 --add-opens=java.base/java.net=ALL-UNNAMED --add-modules=java.xml.bind"
ADD https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 ./cloud_sql_proxy
ADD http://downloads.metabase.com/v0.33.2/metabase.jar /metabase.jar
RUN chmod +x ./cloud_sql_proxy
CMD ./cloud_sql_proxy -instances=$METABASE_SQL_INSTANCE=tcp:$MB_DB_PORT & java -jar ./metabase.jar
Also I troubleshoot everything I saw on stackoverflow and tried all options with similar problem but still not working, i tried this option 1 and this options 2 but still no working effects.
My steps:
On GCP I am the owner of the project,I created Compute engine VM instance, then SQL Postgres instance, and a new Postgres database with user, I added the public IP address of the VM in the configurations of the SQL Instance as authorized network, and deployed the app.yaml and Dockerfile with gcloud app deploy. Any working solutons?
[1]: https://www.cloudbooklet.com/install-metabase-on-google-cloud-with-docker-app-engine/
I fixed the issue. I just change the metabase version, it always has to be the newest. 0.36.6 at this moment

502 Bad Gateway Nginx error while deploying Django Channels app using Daphne on Google App Engine (Flexible)

My Django app was working fine on Google App Engine (Flexible) using gunicorn as entrypoint in the app.yaml file. I needed to add websockets to it so I used Django Channels (with redis). This works beautifully on my local machine (Windows 10).
For deployment, I changed my entrypoint to daphne on port 8080 since that's the default on GAE (using $PORT produces the same effect), so my yaml file now looks like this:
runtime: python
env: flex
runtime_config:
python_version: 3
entrypoint: daphne -b 127.0.0.1 -p 8080 my_project_name.asgi:application
I've checked my .asgi file and requirements.txt to ensure everything is ok and the packages are the latest versions.
But after deploying it, I get a "502 Bad Gateway Nginx" error.
The Stackdriver logs (nginx.error) on the GCP cloud console say the below:
[error] 33#33: *341 connect() failed (111: Connection refused) while connecting
to upstream, client: 172.xxx.xxx.xxx, server: , request: "GET / HTTP/1.1",
upstream: "172.17.0.1:8080", host: "my_project_name.appspot.com"
I don't recognize those IPs for upstream server or client, and I don't know what to do next. I've tried numerous things over the last 4 days, including:
using various different ports (8000, 8001 etc)
adding an nginx.conf file (based on this documentation) in my project directory, which seems to make no difference
Adding a line in the runtime_config section of the yaml file that says "nginx_conf_http_include: nginx.conf"
4.Using Unix sockets to start the daphne server in the entrypoint like "entrypoint: daphne -u /tmp/daphne.sock my_project_name.asgi:application
Deleting the entrypoint altogether after declaring the daphne server in the nginx.conf file
None of this helps. The logs stay the same, the error stays the same. I've read SO questions like this and this but I don't know how to apply them to GAE Flex since I'm not directly operating the VM instance. Please help.

Error connecting to Google Cloud SQL from App Engine custom environment using TCP

I'm trying to connect to google sql cloud instance from custom runtime environment in App Engine.
When I follow the doc to connect using unix domain socket, it works. The problem is when I try to connect using a TCP connect. It shows:
Warning: mysqli_connect(): (HY000/2002): Connection refused in
/var/www/html/index.php on line 3
Connect error: Connection refused
This is my app.yaml file:
runtime: custom
env: flex
beta_settings:
cloud_sql_instances: testing-mvalcam:europe-west1:testdb=tcp:3306
resources:
cpu: 1
memory_gb: 0.5
disk_size_gb: 10
The Dockerfile:
FROM php:7.0-apache
ENV PORT 8080
CMD sed -i "s/80/$PORT/g" /etc/apache2/sites-available/000-default.conf /etc/apache2/ports.conf && docker-php-entrypoint apache2-foreground
RUN docker-php-ext-install mysqli
RUN a2enmod rewrite
COPY ./src /var/www/html
EXPOSE $PORT
And index.php:
<?php
$link = mysqli_connect('127.0.0.1', 'root', 'root', 'test');
if (!$link){
die('Connect error: '. mysqli_connect_error());
}
echo 'successfully connected';
mysqli_close($link);
?>
What am I doing Wrong?
The ip address ‘172.17.0.1’ is related with the docker container where the webserver is running, you can get more context on that in this documentation.
The documentation page you’re using might be lacking on adjusting the use case if you’re deploying with a presence of a Dockerfile. In the following documentation you can read more information about App Engine flexible runtimes.
As demonstrated by the documentation you’re using (remember to click on the TCP CONNECTION tab on this page), on the section of the app.yaml related to Cloud SQL instances information about the TCP port in use by the database server is needed.

Google Cloud App engine after Travis building

I wanted to host my spring boot application on the Google App engine after building on Travis.
I have configured the following in my .travis.yml but I'm always getting the following error from GCP:
Step #0: Exception in thread "main" com.google.cloud.runtimes.builder.exception.ArtifactNotFoundException: No deployable artifacts were found. Unable to proceed.
I dont know how to fix this problem in my code
sudo: false
language: java
jdk:
- oraclejdk8
cache:
directories:
- "$HOME/.m2/repository"
before_deploy:
- mv target/healthcare-1.0.jar target/healthcare.jar
deploy:
provider: gae
skip_cleanup: true
keyfile: secret.json
project: healthcare-196408
file: target/healthcare.jar
before_install:
- chmod +x mvnw
- openssl aes-256-cbc -K $encrypted_07ec618bb998_key -iv $encrypted_07ec618bb998_iv
-in secret.json.enc -out secret.json -d
My app.yaml file:
runtime: java
env: flex
handlers:
- url: /.*
script: this field is required, but ignored
It seems like Travis isnt uploading my .Jar at all, but how can I fix this problem?
I have tried to build it as docker with the same result:
Invalid or corrupt jarfile /app.jar --from docker

Google App Engine Managed VMs for Go: AttributeError: 'module' object has no attribute 'CleanableContainerName'

On a Mac OS X, trying to turn on the debug flag or to run the hello world test project for Go Managed VMs, I am getting the following error: AttributeError: 'module' object has no attribute 'CleanableContainerName'
Any ideas?
Full error log:
orcaman$ $(boot2docker shellinit)
Writing /Users/orcaman/.boot2docker/certs/boot2docker-vm/ca.pem
Writing /Users/orcaman/.boot2docker/certs/boot2docker-vm/cert.pem
Writing /Users/orcaman/.boot2docker/certs/boot2docker-vm/key.pem
orcaman$ gcloud --verbosity debug preview app setup-managed-vms
DEBUG: Running gcloud.preview.app.setup-managed-vms with _Args({'base_image_bucket': 'containers-prod',
'docker_host': None,
'format': None,
'h': None,
'help': None,
'image_version': 'latest',
'markdown': None,
'project': None,
'quiet': None,
'shell': None,
'user_output_enabled': None,
'verbosity': 'debug'}).
DEBUG: Detected docker environment variables: DOCKER_HOST=tcp://192.168.59.103:2376, DOCKER_CERT_PATH=/Users/orcaman/.boot2docker/certs/boot2docker-vm, DOCKER_TLS_VERIFY=1
INFO: Starting new HTTPS connection (1): 192.168.59.103
DEBUG: "GET /v1.10/_ping HTTP/1.1" 200 2
INFO: Looking for image_id for image with tag google/docker-registry
DEBUG: "GET /v1.10/images/json?filter=google%2Fdocker-registry&only_ids=1&all=0 HTTP/1.1" 200 253
DEBUG: Found Cloud SDK root: /Users/orcaman/google-cloud-sdk
Select the runtime to download the base image for:
[1] Go
[2] Java
[3] Python27
[4] All
Please enter your numeric choice (4): 1
DEBUG: Detected docker environment variables: DOCKER_HOST=tcp://192.168.59.103:2376, DOCKER_CERT_PATH=/Users/orcaman/.boot2docker/certs/boot2docker-vm, DOCKER_TLS_VERIFY=1
INFO: Starting new HTTPS connection (1): 192.168.59.103
DEBUG: "GET /v1.10/_ping HTTP/1.1" 200 2
Pulling base images for runtimes [go] from Google Cloud Storage
INFO: Refreshing access_token
DEBUG: Copy /Users/orcaman/.config/gcloud/legacy_credentials/orhiltch#gmail.com/.boto to /var/folders/dv/g8_pdljx49gdtbs25_1ch7vm0000gn/T/tmp7imPhg...
DEBUG: Copy /Users/orcaman/google-cloud-sdk/docker/true-asm to /var/folders/dv/g8_pdljx49gdtbs25_1ch7vm0000gn/T/tmp7imPhg...
Traceback (most recent call last):
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/gcloud/gcloud.py", line 177, in <module>
main()
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/gcloud/gcloud.py", line 173, in main
_cli.Execute()
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/calliope/cli.py", line 409, in Execute
post_run_hooks=self.__post_run_hooks, kwargs=kwargs)
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/calliope/frontend.py", line 274, in _Execute
pre_run_hooks=pre_run_hooks, post_run_hooks=post_run_hooks)
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/calliope/backend.py", line 928, in Run
result = command_instance.Run(args)
File "/Users/orcaman/google-cloud-sdk/lib/googlecloudsdk/appengine/app_commands/setup_managed_vms.py", line 39, in Run
args.image_version)
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/appengine/lib/images/pull.py", line 54, in PullBaseDockerImages
util.PullSpecifiedImages(docker_client, image_names, version, bucket)
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/appengine/lib/images/util.py", line 217, in PullSpecifiedImages
with credentials.CredentialsContainer(docker_client) as creds, (
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/appengine/lib/images/credentials.py", line 114, in __enter__
self.Start()
File "/Users/orcaman/google-cloud-sdk/./lib/googlecloudsdk/appengine/lib/images/credentials.py", line 95, in Start
name=containers.CleanableContainerName(
AttributeError: 'module' object has no attribute 'CleanableContainerName'
Docker/Boot2docker version:
bash-3.2$ docker version
Client version: 1.4.1
Client API version: 1.16
Go version (client): go1.3.3
Git commit (client): 5bc2ff8
OS/Arch (client): darwin/amd64
Server version: 1.4.1
Server API version: 1.16
Go version (server): go1.3.3
Git commit (server): 5bc2ff8
gcloud version:
gcloud version
Google Cloud SDK 0.9.42
app 2015.01.06
app-engine-go-darwin-x86_64 1.9.17
app-engine-java 1.9.17
app-engine-managed-vms 2014.11.03
app-engine-python 1.9.17
bq 2.0.18
bq-nix 2.0.18
compute 2015.01.06
core 2015.01.06
core-nix 2014.10.20
dns 2015.01.06
gcutil 1.16.5
gcutil-nix 1.16.5
gsutil 4.7
gsutil-nix 4.6
preview 2015.01.06
preview-extensions-darwin-x86_64 0.7.0
sql 2015.01.06
UPDATE:
The fix for gcloud is now available in the latest version and this issue should be resolved.
Previous Post:
As a temporary workaround you can run:
gcloud components restore
There may be a bug in the latest gcloud update. I saw the same error after updating - but is working now after running the above command.

Resources