I'm studing GCP Data Fusion, and after reading the [overwiew] 1 of the service
I tryed to create a first Data Fusion using the [tutorial] 2.
The creation of the pipeline gone well, but on the run statement I got an error about the VPC:
java.lang.IllegalArgumentException: Network 'default' in project '*********' does not contain any subnets. Please create a subnet or use a different network.
I checked the documentation where I found that Data Fusion requires that in the VPC the rule ** default-allow-ssh ** is enabled.
I'm using the default project VPC and in that VPC that rule is enable.
How can I resolve my issue?
Thanks
Stefano G.
Step 2
Hi, to avoid the issue I've created ad new VPC and there I set a subnet where i set the configuration required:
ip address range: 10.128.0.0/9
firewall rule
Name: sg-allow-internal
Type: Targets
Ingress: "Apply to all"
IP ranges: 10.128.0.0/9
Protocols/ports:
tcp:0-65535
udp:0-65535
icmp
and now the error is
java.lang.IllegalArgumentException: Parameter network must conform to the pattern [a-z](?:[-a-z0-9]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}
Why?
A GCP VPC can't be used in any region unless it has one or more subnets. Please follow the instructions at https://cloud.google.com/vpc/docs/using-vpc#add-subnets to create a subnet for the default VPC.
The error is talking about the name of the network/subnetwork. You've included the details to your firewall rule which is not the cause of the error. Can you confirm if the name of your network matches that regex?
Related
Original error message: Operation failed: VPC Access did not have permission to resolve the subnet or the provided subnet does not exist.
Steps Followed:
Created a new Project la-gcp-cloud-run-demo
Created a subnet in the network with CIDR range 10.8.0.0/28
Created a VPC Connector using the subnet 10.8.0.0/28
Note : While creating the same Connector on la-gcp-cloud-run-demo, On other projects like la-gcp-corp an ls-gcp-test.
enter image description here
I've just recently encountered the same issue as yours.
I am assuming that you are connecting the projects via Shared VPC.
You missed 2 steps from your original one:
Steps Followed:
1. Created a new Project la-gcp-cloud-run-demo
2. Created a subnet in the network with CIDR range 10.8.0.0/28
3. Created a VPC Connector using the subnet 10.8.0.0/28
4. Navigate to your target project and enable Serverless VPC API -- Once enabled, go to IAM Permissions and copy the freshly created gcp-sa-vpcaccess.iam.gserviceaccount
5. Go to your Shared VPC Host project and add your new gcp-sa-vpcaccess.iam.gserviceaccount under IAM add set the role as networkUser
Once you have the right permissions, you will be able to create Connectors without any problem.
Hoping this helps!
this happened to me today i have to made an account with this format in the "host vpc" #cloudservices.gserviceaccount.com , you have to puto the account ID not the name, the account is in twelve digits. Give to this network user role.
We have been using network-scripts to manage the networking of our Linux systems adding NM_CONTROLLED=no in ifcfg-ethn files. But we have encountered a special case where this is not working and we need to use Network Manager service. I have encountered an issue with it.
Existing system IP - > 192.168.2.4/24
Just for testing I tried to configure the same IP on new system and unfortunately, it did get configured. With network-scripts, we never encountered this. It used to check if the IP has already been assigned but Network Manager is not doing this. Do we have any flag or something in NetworkManager settings to enable so that it checks for existing IP addresses before assigning. I have configured it directly using ifcfg-files, and I also need to use virtual interfaces eth0:1 for our specific use cases.
Thank you in advance for your help.
Update 11-08-2021
[eth0-interface]
https://i.stack.imgur.com/n9bCw.png
[eth0:1 interface]
https://i.stack.imgur.com/3Mum9.png
10.133.32.251 already exists in the network, so the network manager is correctly ignoring it after executing the suggested command 'nmcli con modify ipv4.dad-timeout 3000'. But eth0 is also ignored and hence no IP is configured on any interface.
Is it an issue or I am making some mistake here, please suggest
configure ipv4.dad-timeout, for example nmcli connection modify "$PROFILE" ipv4.dad-timeout 3000.
In wso2 api manager analytics I faced following exception, could you please guide me?
Exception occurred :java.security.cert.CertificateException: No subject alternative names matching IP address 172.24.64.114 found executing GET https://172.24.64.114:9443/api/am/admin/v1/custom-urls/carbon.super
This looks like it is failing due to hostname verification. Although you have relevant cert in the client truststore, you have used the IP address to communicate with APIM.
You have few options here.
Disable hostname verification (Not recommended for production)- https://github.com/wso2/docker-apim/blob/v3.2.0.2/docker-compose/apim-is-as-km-with-analytics/conf/apim-analytics-dashboard/conf/dashboard/deployment.yaml#L25
Use the hostname instead of the IP. You can map your hostname with IP by adding a DNS entry or by adding an /etc/hosts entry. DNS entry is preferred for Prod
I currently have a GCE instance that is running Jenkins, and I want to be able to access it from the browser. It's running on an IP address OTHER than the primary internal address Google gives me. So for example, the primary internal IP is 10.128.0.8, but Jenkins is running at 10.0.1.15:8081.
How do I direct traffic from <EXTERNAL_IP>:8081 to 10.0.1.15:8081 ?
Please note that my Linux skills are shaky and my networking skills are non-existant, so if you can tell me HOW to do whatever it is I need to do, bonus. :) Thanks!
1- First you need to create a Firewall rules on the current instance's network eg:
gcloud beta compute --project=<project-name> firewall-rules create jenkins --description="8081 port jenkins" --target-tags=jenkins --network=<network-name> --action=ALLOW --rules=tcp:8081
Then you have to add that rule in the instance (selecting the tag created above) eg:
gcloud compute instances add-tags <instance-name> --tags jenkins
2- Other way it's by Cloud Console from VPC network/Firewall rules and then add the Firewall Rule Tag on your instance.
However you should use the Alias IP Ranges (from this documentation may respond your question + your FR rules created for External IP).
I've installed Kaa platform on Ubuntu 16-04. not Sandbox but source 0.11
Default sample period: 1 seconds
2016/11/25 2:31:25 [ERROR] [kaa_tcp_channel.c:870] (-101) - Kaa TCP channel new access point [0x929A2016] hostname resolve failed
2016/11/25 2:31:25 [WARNING] [kaa_bootstrap_manager.c:612] (-7) - Could not find next Bootstrap access point (protocol: id=0x56C8FF92, version=1)
2016/11/25 2:31:25 [ERROR] [kaa_tcp_channel.c:307] (-7) - Kaa TCP channel [0x929A2016] error notifying bootstrap manager on access point failure
2016/11/25 2:31:25 [ERROR] [kaa_client.c:268] (-7) - Failed to connect channel [0x9E010CC0]
Sampled temperature: 29
Sampled temperature: 30
Sampled temperature: 30
Sampled temperature: 29
Sampled temperature: 25
What are my errors indicating?
There are 2 possible reasons for such output:
1. you are trying to run application without running/connected server.
2. wrong server ip set in the web UI.
Things to fix:
1. check connection beetween kaa client & server then regenerate SDK.
Perform these two steps may be this can solve your problem.
Just run this command on host machine
sudo /usr/lib/kaa-sandbox/bin/change_kaa_host.sh $new host name/ip$
Then change the IP address of using Admin UI, for that you need to sign in using username : kaa
and passwword : kaa123
then go to setting > general setting then change the IP address preceded by :8080, enter your machine's public IP address, that can be easily accessible from anywhere.
Tips :: if you are using AWS instance then use public IP address of your instance.
Further error persist then drop your previous instance and launch a new instance.
For more details go the official documentation page
Hope it will be helpful for you.
I have configured my kaa's host name to be my current connection's ip address because i am using bridged adapter as one of my methods of getting the new host name
I had the same problem with KAA installation on my virtual server. Instead of putting the IP address inside kaa-node.properties just put the full domain name or hostname.
transport_public_interface=<server name or full domain name>
and on your client host, update DNS or /etc/hosts accordingly.
The client app will not complain about a name resolution issue.