I am using google-cloud-cpp (C++ API for Google Cloud Platform functions) to create/read/write to buckets. When I am working from within the organization's firewall, I have to use a proxy to be able to connect to google cloud.
I see that we can configure a proxy using the gcloud command line:
gcloud config set proxy/type http
gcloud config set proxy/address x.x.x.x
gcloud config set proxy/port
Can I do something similar when I use google-cloud-cpp?
If we look at the source code of the google-cloud-cpp library as found on GitHub, we seem to see that it is based on libcurl.
See:
https://github.com/googleapis/google-cloud-cpp/blob/master/google/cloud/storage/internal/curl_handle.cc
Following on from the comments by #Travis Webb, we then look at the docs for libcurl and find:
https://curl.haxx.se/libcurl/c/CURLOPT_PROXY.html
This documents API that can be used to set proxy settings for programs that use libcurl. However, if we read deeper, we find a section on environment variables that declares that http_proxy and https_proxy can be set.
Related
I am trying to understand what is the equivalent REST api for the cli command:
gcloud logging read ....
I need to execute a query on logs programmatically from a client library (Ruby if possible).
I cannot find nothing in the rest api docs.
Any suggestion?
Google's documentation for using client libraries with its services, is mostly very good.
Here's the documentation for Ruby for Cloud Logging.
https://cloud.google.com/logging/docs/reference/libraries#client-libraries-install-ruby
I encourage you to use Google's excellent APIs Explorer when developing using the client libraries too. APIs Explorer helps you craft REST requests and see the responses and this is very helpful when writing code and debugging:
Here's the APIs Explorer page for the Logging service's method to list log entries:
https://cloud.google.com/logging/docs/reference/v2/rest/v2/entries/list
Another very helpful facility is that you can append --log-http to any gcloud command it will show you the underlying REST calls that are being made. This is also helpful in determining how the gcloud commands work so that you may write your own code that replicates|extends the functionality:
gcloud logging read ${FILTER} \
--project=${PROJECT} \
--log-http
And, finally, the Console's Log Explorer is an excellent way to prototype the filters you'll probably need to use in your client code:
https://console.cloud.google.com/logs/query
Hint: when constructing filters, don't forget to escape " characters, for example FILTER="resource.type=\"gce_instance\"". In this case, the value gce_instance must be quoted (") in the filter's value.
I have connected the Alibaba Cloud OSS bucket using OSSFS. But now I want to change the OSS Bucket to another URL. But I want to check which URL it is configured now?
I have checked the documentation and also the OSSFS --help But there is no basic info command available.
Thanks
You need to configure and set the custom domain name to the public endpoint of the bucket.
Refer the following link:
https://www.alibabacloud.com/help/doc-detail/31902.htm
We have a GUI that manages Cloud Foundry, and there's a link that show an instance with IP white list external dependency (quite large) How can I easily re-create this config as JSON, and recreate to diff Foundry env ?
It's not entirely clear what is being presented in your GUI but it sounds like it might be the application security groups. You might try running cf security-groups or cf security-group <name> to see if this information matches up with what's displayed in the GUI.
If that's what you want, you can use the following API calls to obtain the JSON data & recreate it in another environment.
1.) List all the security groups: http://apidocs.cloudfoundry.org/1.40.0/security_groups/list_all_security_groups.html
2.) List security groups applied to all applications: http://apidocs.cloudfoundry.org/1.40.0/security_group_running_defaults/return_the_security_groups_used_for_running_apps.html
3.) List security groups applied to all staging containers: http://apidocs.cloudfoundry.org/1.40.0/security_group_staging_defaults/return_the_security_groups_used_for_staging.html
4.) Retrieve a particular security group: http://apidocs.cloudfoundry.org/1.40.0/security_groups/retrieve_a_particular_security_group.html
And you can find more details about the API calls here: http://apidocs.cloudfoundry.org/
You can also run the cf cli commands above with the -v flag to show the HTTP requests being made by the CLI to obtain the information that's displayed.
Hope that helps!
I am following this tutorial for connecting Raspberry Pi to AWS IoT using Node.js SDK. I see the following in vim ~/.aws/credentials
[default]
aws_access_key_id = SOMETHING
aws_secret_access_key = SOMETHINGELSE
When I enter the command aws iot describe-endpoint I get the following response:
{
"endpointAddress": "A34SXNTM6AT7XH.iot.us-west-2.amazonaws.com"
}
However when I browse to that URL: https://a34sxntm6at7xh.iot.us-west-2.amazonaws.com/
I get the following error:
Missing Authentication Token
Any idea what could be wrong and how could it be solved?
Here's the files in the ~/certs folder:
pi#raspberrypi:~/certs $ ls
certificate.pem.crt private.pem.key public.pem.key root-CA.pem
Mona,
Your custom endpoint responds to two protocols: MQTT and HTTPS. However, it does not serve any web content and thus does not work in the browser as a site URL. The "endpointAddress" you get from aws iot describe-endpoint will be plugged into your Node.js Device SDK that you're using in the Raspberry Pi example you linked (no https://).
You can also interface with device shadows using the HTTPS version of the endpoint by signing requests with AWS Signature version 4. More on that here: http://docs.aws.amazon.com/iot/latest/developerguide/thing-shadow-rest-api.html and here: http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html though you will likely get going faster by using the AWS CLI or AWS SDK to perform operations like this.
Ryan # AWS
By default, the example programs will look in the current directory for your certificate and private key files, but you can also use the '-f' option to specify another directory if you want to. As for the 'Missing Authentication Token' message you noticed when trying to access the endpoint from your browser, you can safely ignore it.
If you use "TLS mutual authentication" you need to connect on port 8443, so in your example, it would be https://a34sxntm6at7xh.iot.us-west-2.amazonaws.com:8443/things/<thing_name>/shadow
I was sure it will be simple but couldn't find any documentation or resolution.
I'm trying to write a script using gcloud to perform some operations in my GCP instances.
Is there anyway to login/authenticate using gcloud via command line only?
Thanks
You have a couple of options here (depending on what exactly you're trying to do).
The first option is to log in using the --no-launch-browser option. This still requires interaction from a human user, but doesn't require a browser on the machine you're using:
> gcloud auth login --no-launch-browser
Go to the following link in your browser:
https://accounts.google.com/o/oauth2/auth?redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&prompt=select_account&response_type=code&client_id=32555940559.apps.googleusercontent.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud-platform+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fappengine.admin+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcompute&access_type=offline
Enter verification code: *********************************************
Saved Application Default Credentials.
You are now logged in as [user#example.com].
Your current project is [None]. You can change this setting by running:
$ gcloud config set project PROJECT_ID
The non-interactive option involves service accounts. The linked documentation explains them better than I can, but the short version of what you need to do is as follows:
Create a service account in the Google Developers Console. Make sure it has the appropriate "scopes" (these are permissions that determine what this service account can do. Download the corresponding JSON key file.
Run gcloud auth activate-service-account --key-file <path to key file>.
Note that Google Compute Engine VMs come with a slightly-different service account; the difference is described here.