I'm able to login successfully with : ibmcloud cr login
but when i try to create a repository in the registry, i have the following error :
docker push registry.eu-gb.bluemix.net/fdutreg/ksrepo
The push refers to repository [registry.eu-gb.bluemix.net/fdutreg/ksrepo]
428c97da766c: Preparing
unauthorized: The login credentials are not valid, or your IBM Cloud account is not active.
Any idea ?
Replace registry.eu-gb.bluemix.net by registry.eu-de.bluemix.net and now this is ok.
2 years later but probably someone could be experimenting the same issue. The thing is that you are not authenticate to the registry. You can authenticate with an API key using:
docker login -u iamapikey -p apikey registry_url
For the apikey field you can create an apikey in Manage > IAM > APIkeys > Create an IBM Cloud API key in ibm.cloud.com
It is important to know that Using --password via the CLI is insecure. Use --password-stdin. You can find alternatives in https://cloud.ibm.com/docs/Registry?topic=Registry-registry_access
Log your local Docker daemon into the IBM Cloud Container Registry.run the following command:
ibmcloud cr login
Related
I have gcloud working in power shell:
> gcloud version
Google Cloud SDK 375.0.0
bq 2.0.74
core 2022.02.25
gsutil 5.6
I've been trying to follow these directions to get my Sql Management Studio to connect to a Google SQL service:
https://cloud.google.com/sql/docs/sqlserver/connect-admin-proxy#start-proxy
But I get this error:
PS C:\gcloud_stuff> ./cloud_sql_proxy -instances=<my instance connection>=tcp:1433
2022/03/06 02:02:51 GcloudConfig: error reading config: exit status 1; stderr was:
The system cannot find the path specified.
The system cannot find the path specified.
2022/03/06 02:02:51 google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.
Does anyone know how to fix this? (I am new to Google Cloud)
Looks like you don't have a local set of credentials.
You can either run gcloud auth login and try again. Or you can create a service account key and pass it to the proxy with the -credentials_file flag. See the Proxy docs for details.
I'm trying to use Keycloak in order to success a login configuration with Kerberos. (Which is a big failure)
I've made a mistake which is Kerberos : Required.
In other word I opened Authentication > Select Browser > Requirement : Required on Kerberos
So I can't connect anymore, I got a "Invalid username or password" when logging on "http://localhost:8080/auth"
Has someone had an issue to resolve this without deleting and reconfiguring the server?
Found something which help me a lot. I solved my problem so, i will explain how
I've used in my bin directory : kcadmin.bat (or .sh)
Opened in a CMD
Login with kcadmin
kcadm.bat config credentials --server http://localhost:8080/auth --realm master --user admin
Next, i get the ID i need to update the flow (master) :
kcadmin.bat get authentication/flows/{FLOW}/executions
Next, i put in a JSON file {"id":"ID_of_my_flow", "requirement":"ALTERNATIVE"}
Save my file and finaly just wrote
kcadmin.bat update authentication/flows/master/executions -r REALM -f myfile.json
Thanks.
How do I connect to the database on Cloud SQL without having to add my credentials file inside the container?
UPDATE: to connect to Cloud SQL from Cloud Run see the official documentation
Cloud SQL is now supported by the fully managed version of Cloud Run (Cloud Run on GKE users were already able to use Cloud SQL using a private IP)
To get started:
if you do not have one already, create a Cloud SQL instance.
make sure that the Cloud SQL admin API is enabled
deploy a new revision of your Cloud Run service with gcloud alpha and the following flag:
$ gcloud run services update --add-cloudsql-instances [INSTANCE_CONNECTION_NAME]
Where is INSTANCE_CONNECTION_NAME is of the type project:region:instancename.
When you do this, Cloud Run will activate and configure the Cloud SQL proxy for you. You should then connect to it via the /cloudsql/[INSTANCE_CONNECTION_NAME] Unix socket.
CONNECTING FROM CLOUD RUN (fully managed) TO CLOUD SQL USING UNIX DOMAIN SOCKETS (Java)
At this time Cloud Run (fully managed) does not support connecting to
the Cloud SQL instance using TCP. Your code should not try to access the instance
using an IP address such as 127.0.0.1 or 172.17.0.1.
link
1.Install and initialize the Cloud SDK
2.Update components:
gcloud components update
3.Create a new project
gcloud projects create run-to-sql
gcloud config set project run-to-sql
gcloud projects describe run-to-sql
4.Enable billing
gcloud alpha billing projects link run-to-sql --billing-account XXXXXX-XXXXXX-XXXX
5.Set the compute project-info metadata:
gcloud compute project-info describe --project run-to-sql
gcloud compute project-info add-metadata --metadata google-compute-default-region=europe-west2,google-compute-default-zone=europe-west2-b
6.Enable the Cloud SQL Admin API:
gcloud services enable sqladmin.googleapis.com
7.Create a Cloud SQL instance with public Ip
#Create the sql instance in the same region as App Engine Application
gcloud --project=run-to-sql beta sql instances create database-external --region=europe-west2
#Set the password for the "root#%" MySQL user:
gcloud sql users set-password root --host=% --instance database-external --password root
#Create a user
gcloud sql users create user_name --host=% --instance=database-external --password=user_password
#Create a database
gcloud sql databases create user_database --instance=database-external
gcloud sql databases list --instance=database-external
gcloud sql instances list
Cloud Run (fully managed) uses a service account to authorize your
connections to Cloud SQL. This service account must have the correct
IAM permissions to successfully connect. Unless otherwise configured,
the default service account is in the format
PROJECT_NUMBER-compute#developer.gserviceaccount.com.
8.Ensure that the service account for your service has one of the following IAM roles:Cloud SQL Client (preferred)
gcloud iam service-accounts list
gcloud projects add-iam-policy-binding run-to-sql --member serviceAccount:PROJECT_NUMBER-compute#developer.gserviceaccount.com. --role roles/cloudsql.client
9.Clone the java-docs-repository
git clone https://github.com/GoogleCloudPlatform/java-docs-samples.git
cd java-docs-samples/cloud-sql/mysql/servlet/
ls
#Dockerfile pom.xml README.md src
10.Inspect the file that handle the connection to Cloud SQL
cat src/main/java/com/example/cloudsql/ConnectionPoolContextListener.java
11.Containerizing the app and uploading it to Container Registry
gcloud builds submit --tag gcr.io/run-to-sql/run-mysql
12.Deploy the service to Cloud Run
gcloud run deploy run-mysql --image gcr.io/run-to-sql/run-mysql
13.Configure the service for use with Cloud Run
gcloud run services update run-mysql --add-cloudsql-instances run-to-sql:europe-west2:database-external --set-env-vars CLOUD_SQL_CONNECTION_NAME=run-to-sql:europe-west2:database-external DB_USER=user_name,DB_PASS=user_password,DB_NAME=user_database
14.Test it
curl -H "Authorization: Bearer $(gcloud auth print-identity-token)" https://run-mysql-xxxxxxxx-xx.x.run.app
SUCCESS!
I was facing an issue with connecting from a dockerized FastApi application to CloudSQL via private ip. I took the following 3 steps to resolve my issue:
Ensure your application is utilizing the proper database-connection-string.
Sanity check, always do this first. You don't want to spend hours researching a solution without first ruling out a wrong connection string.
When testing (and only when testing): consider logging the db connection string on app init so you can explicitly confirm your connection string is correct.
Provide the Cloud SQL Client role to my cloudrun default service account.
Contains the following permissions:
cloudsql.instances.connect
cloudsql.instances.get
Create a VPC connector within the network of the database (documentation). And assign the VPC connector to the Cloud Run service.
I'd like to know how to get the string connection of my MongoDB database to use with Mongoose, I was looking for and there are old info, and when I though I found a good documentation, well, it doesn't work(this is the link), the command doesn't exist, this is the comand [ ibmcloud cdb deployment-connections example-mongo -u admin
** ] specifically ***CDB*
I hope someone can help me please.
You can get the connection string to Databases for MongoDB using the ibmcloud cdb plugin but must be installed first. You can install it using the command:
ibmcloud plugin install cloud-databases
Then you can start using the cdb plugin. After that, you can get your MongoDB connection strings with:
ibmcloud cdb cxn <name of mongo deployment>
For the CA cert you'll need to connect, the plugin will decode it for you with:
ibmcloud cdb cacert <name of mongo deployment>
You'll also be able to change the admin password as well.
Or, you can go to your IBM Cloud dashboard, click on your Databases for MongoDB database, select "Service credentials" on the left panel of your MongoDB management panel, and then create some service credentials. This service credential will give you a username, password, the CA cert (encoded), and connection strings, as well.
I am trying to get started using IBM Bluemix and want to use the Cloud Foundry CLI to login and manage my applications. But I cannot figure out how to login using the cf command. I think what I am missing is the API endpoint I need to provide for the cf login command:
cf login -a [API_URL] -u [USERNAME] -p [PASSWORD]
I suspect I use my IBM ID username and password, but I'm not sure about the API_URL. Seems like this should be an easy question to search, but I have not been able to find an answer.
You set the api endpoint like this:
cf api https://api.ng.bluemix.net
and then you login with cf login.
Alternatively you can use the European endpoint:
cf api https://api.eu-gb.bluemix.net
EDIT:
Alternatively, as you were implying, you can pass the API endpoint to cf login directly via the -a option:
cf login -a https://api.ng.bluemix.net -u <ibm.com id>
Found the answer to my question. The API endpoint for IBM bluemix is https://api.ng.bluemix.net. That was the key piece of information I was missing to login to IBM Bluemix using the Cloud Foundry CLI:
cf login -a https://api.ng.bluemix.net -u <IBM ID Name> -p <IBM ID Password>
I'm impressed with how easy the rest of the cf command is to manage apps.