I’m doing some troubleshooting for a custom domain (purchased via Google). I’ve updated the custom resource record in Google, done the route 53 + AWS cert manager steps, and ran zappa certify (as well as zappa update). My first thought… is it supposed to show the AWS link after the custom domain: e.g.,
Your updated Zappa is live!: https://customDomain.com (https://abc123.amazonaws.com/dev)
At the moment, the amazonaws link still works, but the custom domain does not. Curious if this could indicate anything per anyone’s experience?
Resolved my own issue ... simple mistake.
In Google Domains, I was using 'Default Name Servers' with CNAME customer records. Instead, I needed to use 'Custom Name Servers' and activated the 4 names servers from route 53. Hopefully this helps anyone who encounters similar troubleshooting w AWS/Google/Zappa!
Related
I'm studying how to deploy a django application with kubernetes, I found this tutorial, which explains about the Devspace tool, so that following the tutorial just like it returns me a message that I can't solve.
the message is this:
returns only this [fatal] pullSecrets[0].registry: cannot be empty
Can someone help me ?
DevSpace maintainer here. Check your devspace.yaml and you'll see that there is a pullSecrets section defined and the first entry in this section has registry either not defined or empty string.
To fix this, you can either remove the entire pullSecrets or provide a valid registry hostname + username and password. For the username and especially for the password, you should use variables such as ${REGISTRY_PASSWORD} and then set them via environment variables in your terminal or let DevSpace set them via devspace set var REGISTRY_PASSWORD=xxx etc.
First thing in your setup at very first you missed two steps
in which it's asking about the docker registry and username & authentication.
If you will pass the detail you won't face any issue and secret will get created automatically.
You have to set the value for pull secret to true
createPullSecret: true
pull seceret is used by Kubernetes config when you have to fetch the container (docker) image from the private container repository for example private docker repository.
If your config pull already exist but you have not created it you can create it manually by providing a few details
kubectl create secret docker-registry my-pull-secret --docker-server=[REGISTRY_URL] --docker-username=[REGISTRY_USERNAME] --docker-password=[REGISTRY_PASSWORD] --docker-email=[YOUR_EMAIL]
Read more at : https://devspace.cloud/docs/v3.5.18/image-building/registries/pull-secrets
There is same issue reported previously : https://github.com/loft-sh/devspace/issues/1317
I get an error when trying to deallocate a virtual machine with the Python SDK for Azure.
Basically I try something like:
credentials = ServicePrincipalCredentials(client_id, secret, tenant)
compute_client = ComputeManagementClient(credentials, subscription_id, '2015-05-01-preview')
compute_client.virtual_machines.deallocate(resource_group_name, vm_name)
pprint (result.result())
-> exception:
msrestazure.azure_exceptions.CloudError: Azure Error: AuthorizationFailed
Message: The client '<some client UUID>' with object id '<same client UUID>' does not have authorization to perform action 'Microsoft.Compute/virtualMachines/deallocate/action' over scope '/subscriptions/<our subscription UUID>/resourceGroups/<resource-group>/providers/Microsoft.Compute/virtualMachines/<our-machine>'.
What I don't understand is that the error message contains an unknown client UUID that I have not used in the credentials.
Python is version 2.7.13 and the SDK version was from yesterday.
What I guess I need is a registration for an Application, which I did to get the information for the credentials. I am not quite sure which exact permission(s) I need to register for the application with IAM. For adding an access entry I can only pick existing users, but not an application.
So is there any programmatic way to find out which permissions are required for an action and which permissions our client application has?
Thanks!
As #GauravMantri & #LaurentMazuel said, the issue was caused by not assign role/permission to a service principal. I had answered another SO thread Cannot list image publishers from Azure java SDK, which is similar with yours.
There are two ways to resolve the issue, which include using Azure CLI & doing these operations on Azure portal, please see the details of my answer for the first, and I update below for the second way which is old.
And for you want to find out these permissions programmatically, you can refer to the REST API Role Definition List to get all role definitions that are applicable at scope and above, or refer to Azure Python SDK Authentication Management to do it via the code authorization_client.role_definitions.list(scope).
Hope it helps.
Thank you all for your answers! The best recipe for creating an application and to register it with the right role - Virtual Machine Contributor - is presented indeed on https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal
The main issue I had was that there is a bug in the adding a role within IAM. I use add. I select "Virtual Machine Contributor". With "Select" I get presented a list of users, but not the application that I have created for this purpose. Entering the first few letters of the name of my application will give a filtered output that includes my application this time though. Registration is then finished and things can proceed.
I'm starting to feel a bit stupid. Have someone been able to successfully create an Application gateway using Python SDK for Azure?
The documentation seems ok, but I'm struggling with finding the right parameters to pass 'parameters' of
azure.mgmt.network.operations.ApplicationGatewaysOperations application_gateways.create_or_update(). I found a complete working example for load_balancer but can't find anything for Application gateway. Getting 'string indices must be integers, not str' doesn't help at all. Any help will be appreciated, Thanks!
Update: Solved. An advice for everyone doing this, look carefully for the type of data required for the Application gateway params
I know there is no Python sample for Application Gateway currently, I apologize for that...
Right now I suggest you to:
Create the Network client using this tutorial or this one
Take a look at this ARM template for Application Gateway. Python parameters will be very close from this JSON. At worst, you can deploy an ARM template using the Python SDK too.
Take a look at the ReadTheDocs page of the create operation, will give you the an idea of what is expected as parameters.
Open an issue on the Github tracker, so you can follow when I do a sample (or at least a unit test you can mimic).
Edit after question in comment:
To get the IP of VM once you have a VM object:
# Gives you the ID if this NIC
nic_id = vm.network_profile.network_interfaces[0].id
# Parse this ID to get the nic name
nic_name = nic_id.split('/')[-1]
# Get the NIC instance
nic = network_client.network_interfaces.get('RG', nic_name)
# Get the actual IP
nic.ip_configurations[0].private_ip_address
Edit:
I finally wrote the sample:
https://github.com/Azure-Samples/network-python-manage-application-gateway
(I work at MS and I'm responsible of the Azure SDK for Python)
Hi I am trying to create a lambda function in amazon lambda. Just trying to follow the python tutorial.
After following all the steps I get a "Service Error" when creating the function.
I found this forum discussing about this link to the forum.
I checked with all the environments but still it gives me the service error.
error
Is it a configuration issue or a problem with the account ?
I am totally new to aws. Appreciate any help regarding this.
I was having this problem, but it disappeared when I selected "Choose an existing role" instead of letting the wizard create a role, under "Lambda function handler and role". If I create a role manually I can then assign it to the Lambda afterwards. Maybe that'll help you, too?
I had this problem, too. In my case, I had "Enable active tracing" selected. I tried un-checking that option and it got rid of the error. Maybe I had a permissions problem w/XRay? Who knows; I didn't investigate further.
I'm having issues with Sentry running on my internal server. I walked through the docs to get this installed on a Centos machine. It seems to run, but none of the asynchronous javascript is working.
Can someone help me find my mistake?
This is what Chrome keeps complaining about:
XMLHttpRequest cannot load
http://test.example.com/api/main-testproject/testproject/poll/. No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://test.example.com:9000' is therefore not allowed
access.
I'm new to Django, but I am comfortable with python web services. I figured there was surely a configuration I missed. I found something in the docs referring to a setting I should use; SENTRY_ALLOW_ORIGIN.
# You MUST configure the absolute URI root for Sentry:
SENTRY_URL_PREFIX = 'http://test.example.com' # No trailing slash!
SENTRY_ALLOW_ORIGIN = "http://test.example.com"
I even tried various paths to my server by using the fully qualified domain name, as well as the IP. None of this seemed to help. As you can see from the chrome error, I was actively connected to the domain name that was throwing the error.
I found my issue. The XMLHttpRequest error is showing that port 9000 is used. This needs to be specified in the SENTRY_URL_PREFIX.
SENTRY_URL_PREFIX = 'http://test.example.com:9000'
edit:
I even found this answer listed in the FAQ:
https://docs.getsentry.com/on-premise/server/faq/