Unable to deploy my app as I started getting below error since today morning.
I have tried gcloud info --run-diagnostics and gcloud components reinstall without much help.
I tried to deploy it using the old Google App Engine Launcher for Windows but faced the same error.
Earlier it worked till yesterday night (IST) using gcloud. Please help!
I am on latest gcloud sdk and have updated all its components. I use Win10. I tried rebooting my laptop as well.
C:\gaurav\coding\python\myapp\myapp\dist>gcloud app deploy --project=myproject --version 1 --verbosity=info ./app.yaml
INFO: Refreshing access_token
ERROR: gcloud crashed (SSLHandshakeError): [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)
If you would like to report this issue, please run the following command:
gcloud feedback
To check gcloud for common problems, please run the following command:
gcloud info --run-diagnostics
C:\gaurav\coding\python\myapp\myapp\dist>
Diagnostics Output.
C:\gaurav\coding\python\myapp\myapp\dist> gcloud info --run-diagnostics
Network diagnostic detects and fixes local network connection issues.
Checking network connection...done.
ERROR: Reachability Check failed.
Cannot reach https://accounts.google.com (SSLHandshakeError)
Cannot reach https://cloudresourcemanager.googleapis.com/v1beta1/projects (SSLHandshakeError)
Cannot reach https://www.googleapis.com/auth/cloud-platform (SSLHandshakeError)
Network connection problems may be due to proxy or firewall settings.
Do you have a network proxy you would like to set in gcloud (Y/n)? n
ERROR: Network diagnostic (0/1 checks) failed.
C:\gaurav\coding\python\myapp\myapp\dist>
Although gcloud info --run-diagnostics complains that the three URLs are not reachable. I am able to open them from web browser.
I found that when using Fiddler (for viewing network traffic) and have decrypting https traffic enabled, then I received the SSLHandshakeError.
Stopping the tool (or choosing not to decrypt https traffic) and then running the gcloud resulted in success.
According to the comments, also a problem with other web debugging proxies such as Charles.
A problem in recent GAE and GCloud SDK versions is the presence of invalid SSH certificates, see, for example, Google App Engine SSL Certificate Error and issue 38338974.
You could try to use my suggested solution in the above-mentioned post and replace your SDK's certificate file with a valid one (will have to locate a good one for the gcloud SDK, my answer was for the GAE SDK).
You might also be able to use the gcloud config command to set the core custom_ca_certs_file configurable property to point to a file with up to date certificates, if you have one. I didn't try it, YMMV.
Upgrading to Python 2.7.9 on MacOS High Sierra solved the issue for me.
I had this issue upon install of the google cloud SDK on MacOS Mojave. I am not behind a corporate proxy, and all the answers on the web seemed to indicate that this was the issue. I noticed in the install.sh script that it takes an environment variable CLOUDSDK_PYTHON for the python executable. So, I fixed this by exporting the path to my python 3 executable.
In my case:
export CLOUDSDK_PYTHON=/Library/Frameworks/Python.framework/Versions/3.6/bin/python3.6
The install worked as expected after this.
On MacOS Catalina, the solution was to completely uninstall gcloud and reinstall it.
I had the same issue, downloaded the root/intermediate cert from one of the google url you get when you run the command: gcloud info --run-diagnostics and append to the cacerts.txt file that is being used. In my case it was the following one: google-cloud-sdk/lib/third_party/httplib2/python2/httplib2/cacerts.txt
For me it was a conflict in the python versions. gcloud was calling a different version. The solution was to set CLOUDSDK_PYTHON to point to the correct python (python2 in this case).
I tried to deploy gcloud and I was getting this error. Here is how I fixed it:
Access to Google cloud using Firefox
Download certificate. pem file and chain file
Append them on cert.pem located at:
C:\Program Files\google-cloud-sdk\lib\third_party\certifi\cert.pem
(using this you are creating custom CA cert file based on your proxy)
Update cert file as mentioned here: https://cloud.google.com/sdk/gcloud/reference/config/set
(Absolute path to a custom CA cert file.)
Make sure you have cert.pem at the end of path.
I fixed the problem by installing gcloud from apt-get. The guide is at this link
Related
I'm having the sample problem as Vaclav. I've followed the GCR quick start to the letter which entailed creating a new project (called gcr-project) and copying the code for a Flask (python) app.
After building the docker image, I entered the commands:
gcloud auth configure-docker
docker tag quickstart-image gcr.io/gcr-project/quickstart-image:tag1
docker push gcr.io/gcr-project/quickstart-image:tag1
The response was:
unauthorized: You don't have the needed permissions to perform this operation, and you may have invalid credentials. To authenticate your request, follow the steps in: https://cloud.google.com/container-registry/docs/advanced-authentication
So it would be nice to know if the issue is with the credentials (I'm using cloud SDK OK for other projects) or permissions. The documentation here suggests you need storage-admin rights but the projects already has it, see screen cap here
Would appreciate any tips for trouble shooting this as I was looking for to using the GCR but this problem is a hard stop for me.
UPDATE:
I tried the same process with the cloud shell
me#cloudshell:~ (gcr-project-XXXXXX)$ docker push gcr.io/gcr-project/quickstart-image:tag1
The push refers to repository [gcr.io/gcr-project/quickstart-image]
4399528b7213: Preparing
1d10b1eeca74: Preparing
75156020d862: Preparing
c5697656a146: Preparing
2a435270de82: Preparing
c35f70b5c25a: Waiting
28e260baaf1b: Waiting
556c5fb0d91b: Waiting
denied: Token exchange failed for project 'gcr-project'. Please enable Google Container Registry API in Cloud Console at https://console.cloud.google.com/apis/api/containerregistry.googleapis.com/overview?project=gcr-project before performing this operation.
me#cloudshell:~ (gcr-project-XXXXXX)$
This prompted me to check the API & Services dashboard to confirm the container-registry API was enabled - It is.
UPDATE 2:
I'm having these problems on a machine running ubuntu 19.04. Per the comments below I was able to do a push via the cloud shell. So I then went through the same exercise on a MacBook Pro - worked no problems.
So I then uninstalled Cloud SDK per the doco having used the standard linux install instructions previously. I then re-installed using the debian-ubuntu install instructions (version 274.0.1-0)... STILL no go.
When I do a docker pull on the image (because push worked on MBP) I get this error: Error response from daemon: unauthorized: You don't have the needed permissions to perform this operation, and you may have invalid credentials. To authenticate your request, follow the steps in: https://cloud.google.com/container-registry/docs/advanced-authentication
And when I do a push I get this error: unauthorized: You don't have the needed permissions to perform this operation, and you may have invalid credentials. To authenticate your request, follow the steps in: https://cloud.google.com/container-registry/docs/advanced-authentication
So at this stage, given the success on the MBP and the lack thereof on the linux/ubuntu machine, the problem is constrained to to linux/ubuntu installs.
UPDATE 3:
I got on to a separate ubuntu server, did a clean install with sudo snap install google-cloud-sdk --classic , did everything else per the docs and still had the exact same problem. So I recon this is a linux google cloud SDK specific problem.
Is there anyone out there Ubuntu land who as been able install and use cloud SDK with GCR recently?????????
I was able to replicate this issue on multiple ubuntu machines. I tried again after the most recent cloud SDK update (276.0.0) but had no luck.
In the end I went with json key file authentincati described in the docs here as a work around which worked fine.
I am following the google tutorial on creating a simple helloWorld function and deploying it on google cloud. My machine is Windows 7 - 64 bit.
I am following this link: https://cloud.google.com/functions/docs/tutorials/http
However I am facing few issues here:
1. Before You Begin -> Enable the API: getting the following error: "You have no permissions to use requested API"
2. Install the Cloud SDK: When I run the downloaded installer, following error comes: "Unzip failed: Error opening ZIP file"
I however installed SDK from another link:
https://cloud.google.com/sdk/downloads#versioned
3. Unable to install alpha component. Used this command:
gcloud components install alpha
4. Deploying the function:
ERROR: (gcloud.alpha.functions.deploy) ResponseError: status=[403], code=[Forbid
den], message=[Cannot access Google Cloud Functions API in project gcf-project-1
]
If anybody knows the solution, please help.
Thanks,
Robin
it might be silly but be sure to enable the cloud functions api in your project settings on the gcloud dashboard website.
Google Cloud Functions was just released as public beta. The commands are slightly different (e.g. you don't install alpha components)! It should all work now without whitelisting.
https://cloud.google.com/functions/
Google Cloud Functions is currently in Alpha, which means it's whitelist only. You're getting this error because your account is not whitelisted. You'll need to sign up for access to the Alpha, which you can do here
I try to setup the Hyperledger Fabric project. Unfortunately, when I invoke vargant up I get:
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'hyperledger/fabric-baseimage' could not be found. Attempting to find and install...
default: Box Provider: virtualbox
default: Box Version: 0.0.10
The box 'hyperledger/fabric-baseimage' could not be found or
could not be accessed in the remote catalog. If this is a private
box on HashiCorp's Atlas, please verify you're logged in via
`vagrant login`. Also, please double-check the name. The expanded
URL and error message are shown below:
URL: ["https://atlas.hashicorp.com/hyperledger/fabric-baseimage"]
Error: SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
I tried to use docker image https://hub.docker.com/r/hyperledger/fabric-baseimage/ but run command didn't do anything
I would like to start Fabric Blockchain, try management system, deploy contract and initiate some test transactions. Could anyone help me, how to start Fabric?
Thanks
The error listed here is pretty clear and provides a link to the resolution. Vagrant is unable to download the image because the local CA did not carry the certificate of the CA that issued the HashiCorp server's certificate.
If you are interested in simply running the Hyperledger Fabric and developing/deploying chaincode and developing a blockchain application, you can simply run docker-compose up with the following docker-compose.yml definition using Docker for Mac or Windows (beta):
vp:
image: hyperledger/fabric-peer
ports:
- "5000:5000"
environment:
- CORE_PEER_ADDRESSAUTODETECT=true
- CORE_VM_ENDPOINT=http://127.0.0.1:2375
- CORE_LOGGING_LEVEL=DEBUG
command: peer node start
membersrvc:
image: hyperledger/fabric-membersrvc
command: membersrvc
The Vagrant-based development environment approach to getting the Fabric running on your laptop is really more oriented towards developers wishing to help with the development OF the Hyperledger Fabric project than it is for those who simply wish to develop applications using the platform.
I recommend you to install again.
vagrant destroy. It will stops and deletes all traces of the vagrant machine.
vagrant up. starts and provisions the vagrant environment.
Try these instructions:
http://hyperledger-fabric.readthedocs.io/en/latest/dev-setup/devenv.html
I used branch v0.6 of the hyperledger fabric from GitHub instead of
the Gerrit one (at step "Cloning the Fabric project"):
git clone -b v0.6 https://github.com/hyperledger/fabric.git
When the VM provisioning will be complete at the end, you will have an environment ready to be used for testing chaincode.
When the environment is complete, you should also check out the GitHub IBM-Blockchain marbles app.
Hope this works out for you, good luck.
Open this link: https://atlas.hashicorp.com/hyperledger/boxes/fabric-baseimage
Use command below:
vagrant init hyperledger/fabric-baseimage; vagrant up --provider virtualbox
I am running below command to connect to google compute instance:
gcloud compute ssh example-instance
I am getting error message below:
ERROR: (gcloud.compute.ssh) Your platform does not support OpenSSH.
Can someone please help me in this regard.
Thanks
Shiv
Try updating your local Cloud SDK and run ssh command again. To update the Google Cloud SDK use the following command:
gcloud components update
The error is pretty much self-explanatory. You need to install an OpenSSH to operate. Try installing OpenSSH. The guide for installing on Windows 10 is as follows:
https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse
I am trying view logs of my running application on Bluemix using : "cf logs my-cool-app" command (CF version 6.11) .
If fails with :
FAILED
Loggregator endpoint missing from config file
Anyone seen this issue?
The problem appears to stem from the use of the 6.11 codebase for CF CLI and the current version of CloudFoundry that Bluemix is running. Good news is that an upcoming upgrade will alleviate the problem. We're investigating potential workarounds.
This is just an issue with the CF CLI version 6.11.