Once you have a vpn tunnel up and running there does not appear to be a method to view all the details of the tunnel from either the Google Cloud Console or the gcloud command line. Specifically the route policies that were configured when the tunnel was initially setup are missing from the describe.
Is there a method to see this information?
This a known behavior. The Developers Console doesn't set the remoteTrafficSelector when creating the tunnels through it.
The Developers Console creates the necessary routes and shows the "Remote ranges" based on them.
The workaround is to create the VPN tunnels using the Compute API or Cloud SDK with the following command:
gcloud compute vpn-tunnels create NAME --region=REGION --peer-address=PEER_ADDRESS --shared-secret=SHARED_SECRET --target-vpn-gateway=TARGET_VPN_GATEWAY --local-traffic-selector=CIDR --remote-traffic-selector=CIDR
You can click on the star icon in the Public Issue Tracker to get updates when there is any progress on it.
Note: This doesn't have any impact on the VPN tunnel functionality.
Related
I have a Linux VM on Google Compute Engine that I am accessing via SSH. It works just fine, but when I go to the Cloud Console, it asks me if I want to create a new VM as if I have none. I know I'm on the right account because it shows my billing balance has gone down.enter image description here Where did my server go?
It is weird. But it is important to make a differentiation that is not obvious once you start using Google Cloud Platform. The credentials you are using to access the Platform ( your email or a service account), the projects where an entity that any resource must be attached to and the billing account that is the payment profile that can have several projects associated.
In that case you could be in a different project, that is associated to the same billing account.
To check you can the project where your machine is, in the shell
Gcloud compute instances list
Here you will see the instances in your actual project. If nothing appears, reset gcloud configuration.
gcloud init
And change the project.
I created a simple f1 micro instance (Ubuntu 16.10) on Google Compute Engine. I had created a VPC (Networking) and allowed http/https. I explicitly created a Firewall rule to allow SSH (tcp:22). But I am not able to login to the VM instance.
I keep getting this error:
Here is my Firewall Rule:
How to fix this?
I was able to finally ssh into an instance by Choosing "Automatic" while creating a new VPC network instead of Custom and also chose allow ssh. This added default Firewall rules which were more accurate.
For anyone that runs into this problem I reached out to Google support by email (who responded!!) and they instructed me to run the following commands from terminal (where I have gcloud installed):
If you haven't yet authenticated / or to set the correct project
gcloud auth login
gcloud config set project PROJECT_ID
This is the meat of it - setting the firewall rules.
gcloud beta compute firewall-rules create default-allow-ssh --allow tcp:22 --priority=65534
Also - use chrome - the interface seems to occasionally throw a fit whenever you use any other browser.
I accidentally messed up Windows Firewall of my VPS and now I can't connect using RDP anymore.
Is there a way to reset the firewall rules without deleting and creating a new instance? Already checked the FAQs and found nothing about it, same goes for the cloud shell. The firewall rules that I can see on the web manager seems different of my Operational System firewall.
The best way is to use Google Cloud console.
Go to the Windows Instance
Edit the Instance and add the following key/value pair to Custom Metadata section
key is: windows-startup-script-cmd
value: netsh advfirewall set allprofiles state off
This resets the firewall to Off when booting and you can get back in with the RDP client as before.
Please open Cloud Shell on Google Cloud Platform web console.
Type: gcloud compute firewall-rules create openrdp --allow=tcp:3389
Try to connect your machine again.
I am trying to connect to google cloud sql instance from eclipse in my app engine connected android project.
So far i am able to connect to cloud sql instance using Class.forname("com.mysql.jdbc.Driver"). But it requires authorising my ip address in google cloud sql every time i want to use the instance hence making it unfeasible.
I know that while connecting from app engine i dont need to authorize my ip address. Bur for that i have to use GoogleDriver ie. Class.forname("com.mysql.jdbc.GoogleDriver").
But when i run my code it gives me ClassNotFoundException.
I am stuck at this situation for a long time. Please give me a proper solution to the problem
The GoogleDriver is only intended to be used when actually running on App Engine. When running from eclipse or the dev_appserver you will have to use the stock com.mysql.jdbc.Driver class, and you will have to authorize your IP address. A good example of this is shown in the documentation, which demonstrates how to choose in code which driver to use. Note the commented out line for connecting from your dev environment to Cloud SQL.
As an FYI don't forget to enable the connector for running on App Engine.
I have authorised 0.0.0.0/0 in access control in my cloud instance and now all the devices are able to connect to the cloud instance with stock mysql driver ie. com.mysql.jdbc.Driver without need to changing authorised network again and again in access control.
Still can't figure out to implement GoogleDriver but for now this solution will work.
If anyone find a more better and general way to connect to cloud instance please post your answer.
I am having a bit of an issue with the VM Instances on google cloud. I installed and set up apache and a website with it but now I am trying to configure a custom domain and when I try to add it in SSH I get the following error:
ERROR: (gcloud.dns.managed-zone.create) ResponseError: status=403, code=Forbidden, reason(s)=insufficientPermissions
message=Insufficient Permission
I have also tried the directions at the following https://cloud.google.com/appengine/docs/domain and am getting a 404 not found error on my domain. Any help would be greatly appreciated.
You say you are having an issue with a VM instance and are trying to set up a custom domain. Those two are in very different realms. VM instances are under Compute Engine (except for Managed VMs, which live under App Engine, but that is beside the point). Custom Domains are features just of App Engine.
What do you mean that you are trying to "add it in SSH"? Did you mean DNS? If so, see my answer below.
What command are you running to get ERROR: (gcloud.dns.managed-zone.create) ResponseError: status=403, code=Forbidden, reason(s)=insufficientPermissions message=Insufficient Permission?
The docs apply to App Engine, not Compute Engine. That you are getting a 404 error is no surprise if you don't also have a corresponding app running in App Engine.
If you are trying to create a DNS hostname for a web site hosted on a VM instance on Compute Engine, I recommend that you either (a) use a static IP address and a static A record pointing to it, or (b) use an ephemeral IP address and set up a dynamic DNS A records pointing to it. (I use freedns.afraid.org for my DDNS.)