I am currently trying to Assign another IP Adress to my Google Cloud SQL Instance, in order to remotely connect to my database. However I keep getting the error "Your changes could not be saved". I attempted to add the IP Adress from both the Edit option as well as the Access Control tab.
A big Thank You goes out to the Google Cloud team for helping us find our error. Someone on our team had put an improperly formatted IP address in the Authorized Network settings. This caused the instance settings to freeze up on us, which kept the instance from being edited within the Developer Console. By removing it, it solved our problem.
Related
I have instance on Google Cloud Platform and I'm trying to connect it to the pgAdmin 4.
So here is my postgresql.conf
So I've tried the following:
I've wrote the instance ip as well as the username and password.
And I get the following error:
I've added my IP Address on cloud instance, but this didn't help as well.
Is there something else what I can try?
Posting this as a community wiki as this is based on the comments shared by #AdrianKlaver:
Given that you get a timeout expired error, which generally means a firewall blocked the connection, this is likely to be an issue on the port 5432 not being open to external access, so if you change that this might work.
NOTE: Just remember that you once you do this you will have opened the database to public access as determined by the IP's you allow in. Make sure your pg_hba.conf and role security are sufficient to deal with this. You can find more information on how to set this up by following both of this documenation links for Client Auth and to Create Roles
I cannot connect to my Google Cloud SQL database from my Macbook Pro using MySQL Workbench.
I have read the help file here:
https://cloud.google.com/sql/docs/mysql/admin-tools
I have added an authorized IP address for my IP per
https://cloud.google.com/sql/docs/mysql/configure-ip#add
I created a user for the database with it set to allow to connect from any host. I get the error "Can't connect to MySQL server on 'XX.XXX.XX.XXX' (60)
I have also attempted to telnet and get a consistent error that I am unable to connect to the remote host
As far as I know, I've followed all the steps but it really seems I'm getting blocked even before the server. I am trying to connect from home and I don't believe my home firewall is blocking things. I am wondering if there's something I need to open up on the GCE firewall but I have successfully connected to this database from other outside tools (e.g., Zapier).
Your best action right now would be to create a proxy with public IP address.
https://cloud.google.com/sql/docs/mysql/connect-external-app
This link will walk you through that process. If this doesn’t solve your issue, then taking your question to ServerFault (Stackoverflow sister site) might give you a better idea of how to fix your issue.
We decided to move dev machines (PC's) into the cloud in the form of Amazon Workspaces. In simple terms, a provisioned workspace is very similar to a PC accessed via RDP. However, the scaffolding for the service assigns a 'unqiue' computer name to each workspace. We wanted to set a specific computer name and therefore we connected to the workspace and used the standard Windows technique of going into Properties on "This PC". Windows prompted to restart, which we did. Thereafter the workspace was unreachable from the Windows WorkSpaces client stating the status was Unhealthy. The WorkSpaces Management status was initially REBOOTING then PENDING. Finally it showed UNHEALTHY.
It is not unusual to want to change the computer name, particularly if modelling a current physical config into the cloud. However it looks like this derails / confuses the workspaces scaffolding.
Question: How to make the workspace reachable again, especially if much time investment has been made configuring it?
I shall provide the answer that solved the issue for me, which I leave for others hitting this issue and in the hope that it helps.
I found the basis of this answer in the Amazon Workspaces forum from the same question asked by JoeA in 2016. It took me a while to find - see the original post here. which I shall paraphrase following in case this precious link breaks in the future.
Amazon's answer was:
Changing the computer name on your WorkSpace will cause the PCoIP application to fail, so you won't be able to connect to it using the Amazon client.
To connect to the workspace, you can edit the security group associated with the workspace's ENI and allow TCP traffic on port 3389 so you can RDP into it.
Once you are connected to the WorkSpace, rename it back to the original name and reboot it and you should be able to connect again.
JoeA responded:
Thank you very much for your reply, there is hope! I'm a newbie with AWS and Workspaces. Can you provide more details, or point me to a document, on how to access the Workspace using RDP? I searched the forum, but no luck.
Specifically, I don't know how to "edit the security group associated with the workspace's ENI and allow TCP traffic on port 3389 so you can RDP into it" as you state. I did find under the "Directories" setting that my "Security Group" is set to "None selected". (FYI, I have only this one Workspace.) "Access to Internet" is set to "Enable", if that is a factor. Thanks.
JoeA then followed up with the solution which was, in his words:
The changes to open the port are under the EC2 console, not the Workspaces console where I was originally looking. I found the Security Group for Workspaces, and changed Inbound traffic to allow RDP (port 3389). Then also on the EC2 console, I found Network Interfaces that shows the public IP. (I first tried to RDP using the IP shown in Workspaces console properties ("WorkSpace IP"), but that must be a local IP inside that network.) RDP'ing to the public IP, I connected and put back the original machine name, restarted, and now I can connect again using the Workspaces client again.
Thanks JoeA for that good work.
We are currently encountering the following error when trying to connect to a Cloud SQL instance: Lost connection to MySQL server at 'reading initial communication packet', system error: 0.
This is a familiar error, and as detailed here usually means the IP address needs to be whitelisted. However, we believe we have done so.
Is there a way to see connection attempts and their IP addresses that have been made (and refused) to the Cloud SQL instance?
Currently we don't expose that information but it is something we would like fix. :-)
According to #Razvan, as of September 2014, this information isn't exposed.
We ended up using CIDR blocks to search the space and find the actual IP address. This is unsatisfying, obviously, but it's a way to pin down the problem.
If other people want to sanity check that the problem is their IP is being refused, you can add 0.0.0.0/0 in order to accept all ranges and try to connect. If it works, you know what is the problem.
Be absolutely sure to remove this as an accepted range, after you are done, however!
Figured I might help someone who stumbles here.
Had exactly the same issue essentially trying to connect to a GCP SQL instance from a hosting provider.
Whitelist the IP address that is shown in my cpanel and it will not connect. (It used to, but the provider made some changes with their infrastructure lately and it stopped working)
put 0.0.0.0/0 in my Cloud Platform whitelist and it connects no problem.
So now I know that my cpanel IP is not the IP trying to connect to GCP.
After some hair pulling (figured that the bare metal server had a different IP than my cpanel IP, it did, but this also didn't work.)
finally tried the IP address for the name servers that point to my domain and bam. All is good.
If you are facing this issue, try your name server (usually something like NS1.hostingprovider.com etc..). I put both the NS1 and NS2 ip's in the whitelist and we are working fine.
I have just created a Google Cloud SQL instance. When I was looking on the access control of my instance, I found that if I want to access my database, I should authorize my IP address to get the right to access the database, but the problem is that my application will be deployed anywhere where the clients need, and even if I know where they will run the application and also I authorized their IP address, it (the IP) will be changed at least one time every 24 hours because it is not static IP, and then I have to re-authorize the IP again and again!
Is there any way to make the instance accessible from any IP?
Thanks
You can whitelist any subnet. You just need to enter it using CIDR notation: http://en.wikipedia.org/wiki/Cidr
In particular, you can whitelist 0.0.0.0/0 which includes all possible IP Address.
Please note that this is not recommended for security reasons. You want your access to be as restricted as possible.
This is an older post, but I noticed it on the sidebar so I figured I would add my 2c.
If you're able to use Cloud SQL Second Gen (currently in Beta) there is a new feature which allows access to the database without having to whitelist any firewalls: https://cloud.google.com/sql/docs/sql-proxy
Today, I was looking for a way to set-up an MS-SQL server for development purpose and found the similiar problem (how to allow my laptop to access).
This guide, helps.
In short, you need to allow firewall to enable EXTERNAL access to your VM instance at port 1433.