I'm following the next article: https://learn.hashicorp.com/tutorials/vault/kubernetes-minikube
When I'm trying to add the repo
helm repo add hashicorp https://helm.releases.hashicorp.com
I got an error
Error: looks like "https://helm.releases.hashicorp.com" is not a valid chart repository or cannot be reached: failed to fetch https://helm.releases.hashicorp.com/index.yaml : 405 Method Not Allowed
It seems the repo is broken or unavailable
Is that possible to install Hashicorp Vault/Consule without using such repo using Helm?
It seems, happens because I'm from Russia
Hashicorp has blocked access from Russia to all their services:
We’re sorry, but because of the conflict underway in Ukraine, HashiCorp is prohibiting availability of our products and services in Russia and Belarus.
Related
I am using openstack container to enable integration testing against swift
The container used is : https://hub.docker.com/r/jeantil/openstack-swift-keystone-docker/
And the steps followed are : https://github.com/jeantil/openstack-swift-keystone-docker
The configuration is working fine on local and open internet(concourse pipeline job)
But when I am using the same in concourse pipeline job on INTRANET, I am getting the below error:
Failed to discover available identity versions when contacting http://127.0.0.1:35357/v3. Attempting to parse version from URL.
Unauthorized (HTTP 401)
I am getting this error while creating a new service or even loading user lists:
Example:
openstack endpoint create --region RegionOne object-store internal http://127.0.0.1:8080/v1/KEY_%\(tenant_id\)s
openstack endpoint create --region RegionOne object-store admin http://127.0.0.1:8080/v1
openstack user list
Is it due to some proxy related configuration, because everything is working fine if I am running this concourse job on internet
I tried multiple approaches and at the end I was able to solve the issue.
Include ENV NO_PROXY=localhost in the dockerfile so that the proxy configurations are removed for this config
I'm getting this weird error in azure pipelines. We use a ACR to supply our base images and we connect to this using a service connection which works well most of the time. However occasionally we get an error:
/usr/bin/docker pull /base-images/python:3.7-buster-vanilla
Error response from daemon: Get https:///v2/base-images/python/manifests/3.7-buster-vanilla: unauthorized: authentication required, visit https://aka.ms/acr/authorization for more information.
There does not seem to be any clear explanation for this because when we perform a retry of the specific task this works fine.
We have no separate login to the acr and we only define the connection that needs to be used in the job itself:
container:
image: servers.azurecr.io/base-images/python:3.7-buster-vanilla
endpoint: server-Service-Connection
I have been looking at the build logs but was not able to get any usefull information from there. If any additional information is needed i would of course be happy to supply it.
I fixed this error using the Azure CLI az acr login --name *registry-name* Solution explained here at Azure Registry troubleshooting docs
I think you may be running into a Docker Hub issue. We're experiencing this intermittently in our CI (not Azure) during regular pulls for python images.
From https://status.docker.com/pages/history/533c6539221ae15e3f000031
February 3, 2021 5:21PM
UTC[Investigating] A number of users may experience problems logging into Docker Hub.
When trying to create a namespace at path, it returns the following error.
$ vault namespace create ns1
Error creating namespace: Error making API request.
URL: PUT http://127.0.0.1:8200/v1/sys/namespaces/ns1
Code: 404. Errors:
* 1 error occurred:
* unsupported path
Creating new secret engines and putting new kv entries are working well.
It worked with the Vault Enterprise version.
The namespace support is only available with Vault Enterprise.
It seems you are using the Vault Version, whereas creating Namespace and accessing Vault using namespace is done only when the Vault is Enterprise,
i.e Vault Enterprise, you can check here:
Vault Enterprise Installation
Again i got stuck to achive the target to trigger deployment once code is pushed to repo, I search the net but i found only old information github is updated and as per there instruction i setup all values but still not working so its look i am missing something I tried to follow the instruction but it seems old http://bytes.babbel.com/en/articles/2014-01-22-github-service-hook-for-aws-ops-works.html
The interface is confusing and i am confused because there is no connection between repo name and opswork service , so what value webhook should send to opswork service ?
Below is what i understood
Setup webhook and it will trigger and send pay load to CI or services as needed once code is pushed to repo (this part is working and send payload to some where) : But this is failing because its Payload URL should i give the opswork service url generated by git hub ?
Opswork services : This is not working ,
App
Given from AWS opswork's app : opswork ID
Stack
Given from AWS opswork's stack: opswork ID
Branch name
Here is the confussion again as per github help i need to give the SHA configured for that app in the AWS OpsWorks Console ? Why should i give SHA not the Master or the link of repo ?
GitHub api url
This is optional what should i give here ?
Aws access key
No issues
Aws secret access key
No issues
GitHub token
Optional : Created token as instructed , Both with token and without token not working.
So If you check opswork is not getting triggered , I thought when i push the changes it may work internally but not.
So its seems web hook and opswork service need to be interact at some level but unable to figure it out :(
I checked git hub help also found nothing for new interface
I checked google and stackoverflow too , but not found any thing
Kindly anyone please answer .
One alternative way would be to set up AWS CodePipeline (CodeDeploy??) to deploy to your AWS Opsworks stack.
CodePipeline is a Continuous Delivery solution from Amazon. Mid 2016 they announced that CodePipeline works with OpsWorks - see their blog announcement: AWS CodePipeline Adds Integration with AWS OpsWorks. There's some walkthroughs there too, depending on what version of OpsWorks your stack is set up for.
(It does feel a bit weird to use a deployment service to deploy to a service that has an existing deployment service... but eh, thought this might help)
The problem is with the process of Github and opswork , if there is any error then both do not report user with error.
I contacted to Github support and luckily they responded me back with error message "The security token included in the request is invalid."
Then i recopied the access key and secret key removed "GitHub api url" as blank and branch name to "master" (so it will always deploy the latest version aka head)
Also make sure you need to set permission again in opswork this is separate to IAM permission ,
Steps -> Goto your stack - Permission and edit -> add user github with permission "IAM Policies Only".
There is no interaction between web hooks and integrations . so you can make use of integration services without web hook :) .
Thanks to Stack overflow , Git-hub both :)
I'm trying to create a bucket using GCP Deployment Manager. I already went through the QuickStart guide and was able to create a compute.v1.instance. But I'm trying to create a bucket in Google Cloud Storage, but am unable to get anything other than 403 Forbidden.
This is what my template file looks like.
resources:
- type: storage.v1.bucket
name: test-bucket
properties:
project: my-project
name: test-bucket-name
This is what I'm calling
gcloud deployment-manager deployments create deploy-test --config deploy.yml
And this is what I'm receiving back
Waiting for create operation-1474738357403-53d4447edfd79-eed73ce7-cabd72fd...failed.
ERROR: (gcloud.deployment-manager.deployments.create) Error in Operation operation-1474738357403-53d4447edfd79-eed73ce7-cabd72fd: <ErrorValue
errors: [<ErrorsValueListEntry
code: u'RESOURCE_ERROR'
location: u'deploy-test/test-bucket'
message: u'Unexpected response from resource of type storage.v1.bucket: 403 {"code":403,"errors":[{"domain":"global","message":"Forbidden","reason":"forbidden"}],"message":"Forbidden","statusMessage":"Forbidden","requestPath":"https://www.googleapis.com/storage/v1/b/test-bucket"}'>]>
I have credentials setup, and I even created an account owner set of credentials (which can access everything) and I'm still getting this response.
Any ideas or good places to look? Is it my config or do I need to pass additional credentials in my request?
I'm coming from an AWS background, still finding my way around GCP.
Thanks
Buckets on Google Cloud Platform need to be unique.
If you try to create a bucket with a name that is already used by somebody else (on another project), you will receive an ERROR MESSAGE. I would test by creating a new bucket with another name.