MacBook-Air-2:~ Owner$ gcloud sql instances describe ahaha-mysql
ERROR: (gcloud.sql.instances.describe) There was no instance found at projects/ahaha-20180621/instances/ahaha-mysql or you are not authorized to access it.
You will need to enable permission for the compute instance to access the cloud sql
Stop the instance
Edit the instance and change the Cloud API access scopes
Enable Cloud SQL
Restart the instance
run gcloud auth login and authenticate as yourself by following the link (you might need to fix it in a text editor) and entering the verification code.
run gcloud sql instances describe ahaha-mysql this should now work
Related
Is there any gcloud command in GCP to list GCP SQL instance iam service-accounts. I am able to see in the GCP UI but I need cli command to print it the terminal. Could some one help me on this.
There is no such gcloud command to get only the service account of a sql instance, if you want to get the account of an specific instance you can run this in cloud shell or voa Cloud SDK gcloud sql instances describe instanceName | grep "serviceAccountEmailAddress" the output will be just then one of the service account.
Keep getting this error:
Error, failed to create instance group-database-instance: googleapi: Error 403: Request had insufficient authentication scopes.
More details:
Reason: insufficientPermissions, Message: Insufficient Permission
I have added a service account with editor permissions to use all gcp resources and added directed terraform to a credentials file generated.
Would this be an error in the code or something else?
Based on the error message you have provided and the task you would like to accomplish, it would seem that you might need to add a scope when creating your instance.
To use the Google Kubernetes Engine API for a GCE virtual machines, you will need to add the Cloud Platform Scope ("https://www.googleapis.com/auth/cloud-platform") to your VM when it is created.
Additionally, if you are using the gcloud command-line, you can follow along with something like:
gcloud compute instances create NAME --scopes=https://www.googleapis.com/auth/cloud-platform
If you are using the Cloud Console UI, when you are creating a VM instance, look for the "Identity and API access" section, and select "Allow full access to all Cloud APIs".
Note there is a similar post here but not fixing my issue:
I had wamp server which comes with mysql server, the path is there. I installed SDK, able to connect to it:
C:\Program Files (x86)\Google\Cloud SDK>gcloud beta sql connect welynxmysql --user=root
However in Cloud Shell, it throws out an error complaining below:
You need the [cloud_sql_proxy] component to use the sql connect
command. ERROR: (gcloud.beta.sql.connect) The cloud_sql_proxy
component(s) is unavailable through the packaging system you are
currently using. Please consider using a separate installation of the
Cloud SDK created through the default mechanism described at:
https://cloud.google.com/sdk/
What am I missing here? How can I connect to mysql instance/database in Cloud Shell?
Thank you very much.
What am I missing here? How can I connect to mysql instance/database in Cloud Shell?
If you are not able to connect to your Cloud SQL instance, you could try to either follow:
Quickstart for Cloud SQL for MySQL
Quickstart for using the proxy for local testing
You could also try to reset your Cloud Shell (note: this will delete all your files within Cloud Shell) as stated here:
Important: This will permanently delete all files in your home directory.
Then, you could try to do a fresh installation of the Google Cloud's SDK.
If none of those works for you, you could try to authorize your account again within the Cloud Shell as follows:
Before beginning, make sure that your Cloud Shell is using your project. If you are not sure you could also run this command to set your project:
gcloud config set project [PROJECT_ID]
Where PROJECT_ID is the project ID where the Cloud SQL instance is located. Then:
Go to your Cloud Shell and run this command (please notice the sudo at
the beginning):
sudo gcloud auth login
Click on the link displayed on the Cloud Shell and log in with your
Google account.
Copy the code displayed on your screen.
Switch to the Cloud Shell, paste it there and hit enter.
You can now run the command as follows:
gcloud beta sql connect [YOUR_INSTANCE_NAME]
or:
gcloud sql connect [YOUR_INSTANCE_NAME]
Where YOUR_INSTANCE_NAME is the name of your Cloud SQL instance.
I hope it helps.
I made instance in Google Cloud > Storage > SQL > MYSQL. Now I have to import database in it so I am trying to connect to MYSQL
using adminer, but it gives following error
SQLSTATE[HY000] [2002] Operation timed out
I also tried via HeidiSQL > MariaDB or MYSQL (SSL Tunnel) but here also it does not connect and gives error
https://prnt.sc/o58in0
I am mentioning
Host: Public Ip of SQL instance
Username: root
Any suggestions, what could be the fix?
Your error typically means that a firewall blocked your connection attempt.
For Cloud SQL, this typically means that you have not enabled instance-level access.
Since your error is 10060, which is a Windows WinSock error message, I am assuming that you are running on Windows. The steps are similar for Linux.
There are two methods to enable access to Cloud SQL:
Cloud SQL Proxy
This is the recommended method and is secure. Download and install the Cloud SQL Proxy to your the computer that you want to connect from. If you have set up the Cloud SDK (gcloud), Cloud SQL Proxy will use your Cloud SDK credentials. If not, then you will need to create and download a service account with (usually) the Cloud SQL Client role.
You will need the "instance connection name" from Cloud SQL Instance details page.
Download Cloud SQL Proxy (link) to your computer. Remember the full path to the program. Save the program as "cloud_sql_proxy.exe"
Start the Cloud SQL Proxy
[full_path_to_program]\cloud_sql_proxy -instances=[INSTANCE_CONNECTION_NAME]=tcp:3306
OR
[full_path_to_program]\cloud_sql_proxy -instances=<INSTANCE_CONNECTION_NAME>=tcp:3306 -credential_file=[PATH_TO_KEY_FILE]
Connect using mysql.exe: `mysql -u USERNAME -p --host 127.0.0.1
Public IP Method
The second method is not secure unless you also enable SSL, which I will not cover in this answer. I do not recommend this method except for knowledgeable persons.
Figure out what your public IP address is. Go to any website such as "MXToolbox" https://mxtoolbox.com/whatismyip/
Go to the Google Cloud Console
Go to the Cloud SQL Instances Details page
Select the Connections tab
Click Add network
In the Network field, enter your Public IP address using CIDR notice: eg 145.11.22.33/32
Enter a name such as "My Home IP"
Click Done
Click Save
Note: Most home Internet services change your Public IP address periodically. This means that you will need to update your Public IP address in Cloud SQL if you are using the second method.
I usually SSH into a Google Cloud Compute Engine Instance using my local terminal like:
ssh -i ~/.ssh/[KEY_FILENAME [USERNAME]#ip_address
where the [KEY_FILENAME] is generated using
ssh-keygen -t rsa -f ~/.ssh/[KEY_FILENAME] -C [USERNAME]
There is also another way to connect to the instance which is through the browser, however I would connect to the instance with a different user account. Is there a way that I can make it consistent regardless of the method I use to connect?
There are several ways to connect a Linux instance via the SSH. The way you are connecting to an instance is via the terminal. You can connect via the Cloud Console Web UI which is in general the most convenient way to connect to an instance. Also, you can use Google Cloud SDK and run below command to connect to an instance via SSH:
gcloud compute ssh [INSTANCE_NAME]
You can also use Cloud Shell to connect your instance from the Cloud Console web UI by using the same command as above. You can connect via the serial console using the Google Cloud Platform Console, the gcloud command-line tool, or a third-party SSH client. The serial console authenticates users with SSH keys. Specifically, you must add your public SSH key to the project or instance metadata, and store your private key on the local machine from which you want to connect. There are other advanced methods to connect to an instance which you can find at this link.
By default, the gcloud compute command-line tool uses the $USER variable to add users to the /etc/passwd file for connecting to virtual machine instances using SSH. You can specify a different user using the --ssh-key-file PRIVATE_KEY_FILE flag when running the gcloud compute ssh command. Depending on your use case and convenience, you can use any method consistently.