Cant connect with cloud_sql_proxy over tcp - google-cloud-sql

I created a Cloud SQL instance and am trying to connect from my laptop running OSX El Capitan.
I followed the instructions for creating a proxy to run the proxy. I am able to connect if I use a socket file as follows:
sudo ./cloud_sql_proxy -dir=/cloudsql -instances=my-project:us-central1:mysql-instance -credential_file=mycredentials.json
mysql -u root -p -S /cloudsql/my-project:us-central1:mysql-instance
Now I'd like to connect to the Cloud SQL instance from a local python application. So I tried creating the proxy over tcp using =tcp:3306 and testing using the mysql client as follows:
sudo ./cloud_sql_proxy -dir=/cloudsql -instances=my-project:us-central1:mysql-instance=tcp:3306 -credential_file=/web/visi/api/resources/keys/visi-staging-ec040759d57a.json
mysql -u root --host 127.0.0.1 --password
But Im getting this error:
2016/04/06 23:09:58 Got a connection for
"my-project:us-central1:mysql-instance" 2016/04/06 23:09:59
to "my-project:us-central1:mysql-instance" via
111.111.111.111:3307: read tcp 127.0.0.1:3306->127.0.0.1:49518: use of closed network connection ERROR 2026 (HY000): SSL connection error:
error:00000005:lib(0):func(0):DH lib

Try specifying --skip-ssl as an option to your mysql client.
We have a fix for this in progress and should be rolled out in the near future.
The reason this happens is that we reject connections over the proxy that request MySQL SSL. The connection between the proxy and Cloud SQL is already done over SSL so there's no need to use SSL at the MySQL level.

Related

Cannot connect to Cloud SQL Proxy

I'm trying to use Cloud SQL Proxy for my Kubernetes project.
I follow the guide of Elixir and Phoenix. Under Connect to your Cloud SQL instance, that guide says that running cloud_sql_proxy -dir=/tmp/cloudsql and psql -h /tmp/cloudsql/[CONNECTION-NAME] -U postgres will open the proxy.
So I tried to make a new directory with these commands below.
mkdir -p /tmp/cloudsql
chmod +x /tmp/cloudsql
and then I tried to connect to Cloud SQL Proxy.
cloud_sql_proxy -dir=/tmp/cloudsql/ 16:47
2020/10/30 16:47:50 Rlimits for file descriptors set to {&{xxxx xxxxxxxxxxxxxxxxxxx}}
2020/10/30 16:47:51 Using gcloud's active project: [instance-id]
2020/10/30 16:47:54 Listening on /tmp/cloudsql/instance-id:region:instance-name for instance-id:region:instance-name
2020/10/30 16:47:54 Ready for new connections
To connect the proxy, I opened another terminal and entered this psql command but failed.
psql -U postgres -h /tmp/cloudsql/instance-id:region:instance-name
psql: error: could not connect to server: could not connect to server: Not a directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/cloudsql/instance-id:region:instance-name/.s.PGSQL.5432"?
What should I do additionally for connecting to the proxy?
from what I see you are passing a wrong connection name
wrong --> instance-id:region:instance-name
correct --> PROJECT_ID:region:instance-name
You can find the connection name from the
console --> Cloud SQL --> INSTANCE --> Connect to this instance --> Connection name

How do I access a remote aws lightsail mongodb over ssh tunnel

I have a Lightsail AWS instance up and running with a MEAN stack. I have an existing MEAN stack running on a different network. At the moment the node server.js connects to localhost for the mongo bit (on same machine) and all I want to do is replace the localhost with a connection to my mongo running on my AWS remote server.
I understand, that for security reasons, it is best to ssh tunnel this connection, which I think I am familiar with.
What I have done so far is this:
In a console on the machine hosting the node server (remote to the db) I have run:
ssh -L 8181:127.0.0.1:80 -i ~/LightsailDefaultPrivateKey-eu-west-2.pem bitnami#31.16.56.125 -N
I can then browse to the RockMongo UI from the local machine using localhost:8181/rockmongo ...yay.
If I then run the following:
ssh -L 8181:127.0.0.1:27017 -i ~/LightsailDefaultPrivateKey-eu-west-2.pem bitnami#31.16.56.125 -N
(27017 being the mongo port)
Then try and access the db from my remote machine using:
mongo --username XXXXXX --password XXXXXX 31.16.56.125:8181/testdata
I get the following error:
~]
2017-12-28T22:11:09.791+0000 Error: couldn't connect to server 31.16.56.125:8181 (31.16.56.125), connection attempt failed at src/mongo/shell/mongo.js:148
exception: connect failed
Am I doing this wrong? i.e. is the tunnel only for http connections and not mongo command line use? Do I need to test the connection some other way?
I've Googled all over the place for this and not had much luck (a lot of the AWS docs suggest punching a hole in the firewall - which one can no longer do!)
OK I've (partially) solved this, there were a few things wrong.
1) The mongo client was 2.6 and mongo running on AWS was 3.4. Upgrading this solved some issues - in that I was getting a more meaningful error message.
One thing I did have trouble with is that apt-get seemed to perform an update, yet the version reported when issuing the mongo command was still 2.6.
To solve this I had to run sudo apt-get purge mongodb-org* (note the asterisk). Then perform the update.... If you need to do this then follow these instructions:
https://docs.mongodb.com/v3.2/tutorial/install-mongodb-on-ubuntu/
2) This command
mongo --username XXXXXX --password XXXXXX 31.16.56.125:8181/testdata
won't work as I've omitted 'admin' from it and not specified localhost!
but
mongo admin --username XXXXXX --password XXXXXX localhost:8181/testdata
doesn't work either and gives the following output.
2018-01-03T22:00:42.380+0000 W NETWORK [thread1] Failed to connect to 127.0.0.1:27017, in(checking socket for error after poll), reason: errno:111 Connection refused
2018-01-03T22:00:42.380+0000 E QUERY [thread1] Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:229:14
#(connect):1:6
The only command I could get to work is:
mongo admin --username XXXXXX --password XXXXXX --port 8181
The default host is localhost, so in this case it uses the tunnel, this will also just connect to the test db, you can then admin from there.
What I haven't got to the bottom of is the specification of the host:port/db as an argument as per the output from running mongo --help
usage: mongo [options] [db address] [file names (ending in .js)]
db address can be:
foo foo database on local machine
192.169.0.5/foo foo database on 192.168.0.5 machine
192.169.0.5:9999/foo foo database on 192.168.0.5 machine on port 9999

pgAdmin4: Unable to connect to Amazon EC2 via SSH Tunnel

I have Amazon EC2 instance running Ubuntu. I have installed and configured PostgreSQL.
Contents of the file /etc/postgresql/9.3/main/pg_hba.conf:
local all all md5
host all all 0.0.0.0/0 md5
Also in postgresql.conf
I have set listen_addresses='*'.
The test command below is successfully starting psql console.
psql -U postgres testdb
Now I am trying to connect pgAdmin4 from MacOS.
I have created a SSH tunnel with following command:
ssh -i ~/.ssh/test.pem -fN -L 5433:localhost:5432 ubuntu#mytestdomain.com
Now I have following details in pgAdmin:
When I save, I get this output:
Unable to connect to server: server closed the connection unexpectedly. This probably means the server terminated abnormally before or while processing the request.
What am I doing wrong ?
Here is the solution,
install pgadmin 4 into your system. and configure the below-added configurations. if the below configurations do not work then please check that DB user permissions on AWS. because of the restriction on IP level so it may not be able to access.

MySQL Workbench won't work with Google Cloud SQL Proxy

I'm using Google Cloud SQL 2nd generation and installed cloud-sql-proxy on my local machine.
On my local machine I'd simply connect to 127.0.0.1:3306 and this has been working fine, in NodeJs, Php and using the mysql command line client.
On Google App Engine Managed VM (flexible environment) i'm using unix_socket or socketPath '/cloudsql/MY_PROJECT_ID:us-central1:SQL_INSTANCE' this has been working fine too, in both, Php and NodeJs.
What doesn't work is MySQL Workbench, I can't figure out how to get it to connect. Does it use another protocol or is cloud-sql-proxy for command line only ?
Here is how I start cloud-sql-proxy
this works:
./cloud_sql_proxy \
-instances=MY_PROJECT:us-central1:MY_SQL_INSTANCE=tcp:3306 \
-credential_file='/Users/ME/SomeFolder/MY_SERVICE_ACC_KEY.json'
after that I'd use MySQL Workbench to try to connect to 127.0.0.1:3306, but I always get an error :
SSL connection error: socket layer receive error
local PHP, NodeJS and mysql client work though.
Any help would be appreciated
Ok, I got it working and believe it might be useful for others too:
I couldn't get it working over the tcp connection, but I figured out how to use the socket method running without fuse:
sudo ./cloud_sql_proxy \
-dir=/cloudsql \
-instances=MY_PROJECT:MY_SQL_REGION:MY_SQL_INSTANCE \
-credential_file='/Users/ME/some_folder/MY_SERVICE_ACC_KEY.json'
couple of things here:
The folder /cloudsql has to already exists e.g. sudo mkdir /cloudsql
Don't mistype that folder name, really don't
Don't specify the tcp port after instances or it will use a tcp connection instead.
sudo is necessary
In MySQL Workbench:
Select Database > Manage Connections...
Under Connection > Connection Method choose Standard (TCP/IP)
Under Parameters set Host: localhost Port:3306 (although I don't think it matters)
Goto Advanced > Others: enter socket=/cloudsql/MY_PROJECT:MY_SQL_REGION:MY_SQL_INSTANCE
Click Test Connection it should as for your username and password, success.
This error indicates that MySQL Workbench is requesting an SSL connection, which is not supported via the proxy. The proxy always uses SSL between the local machine and the instance so there's no need to enable SSL at the MySQL protocol level.
Can you try turning off SSL in MySQL Workbench connection settings?

PG::CONNECTION BAD connecting to pgAdminIII cloud 9 IDE

New to web development. Trying to connect and register new server for pgAdminIII. (using cloud 9 ide)..
I get this error when viewing in the browser..
_PG::CONNECTION BAD _
could not connect to server: Connection refused Is the server running on
"localhost" (::1) and accepting TCP/IP connections on port 5432?
could not connect to server: Connection
refused Is the server running on host "localhost"
(127.0.0.1) and accepting TCP/IP connections on port 5432
PS. trying to access via new user "ubuntu" SUPERUSER created..
How can I fix this?
PPS. On cloud 9's community forum, an employee says..
"Only ports 8080, 8081 and 8082 are open for workspaces so if you want to access the DB externally you'll need to run it on one of these ports. Make sure you can access it with curl from a local terminal and ensure it's listening on 0.0.0.0 not 127.0.0.1, as the latter only allows local connections."
Lastly, their ide comes with postgres installed, all I needed to do, was set it up..
How do I use the above info while trying to register the new server in order to use the gui?
Let me know if I need to include anything else.
Thanks.
You should enable postgresql service by performing sudo service postgresql start.
After enabling, you can access the console using sudo sudo -u postgres psql and CREATE ROLE ubuntu LOGIN REPLICATION CREATEDB CREATEROLE SUPERUSER; to allow Rails take advantage of your database.
Rails also complains about template read error after creating ubuntu role.
To fix the template error, read up on this.
You should get PostgreSQL server up and running in no time. Happy coding!
Edit:
You should only use localhost for local and system resources (i.e. psql, etc.) while 0.0.0.0 is for everything else like running Rails or Apache server.