search

cloudfoundry-community / autosleep

Auto sleep service for CloudFoundry
Apache License 2.0
39 stars 21 forks source link

Can this app be used without implementing it as a service broker? #298

Open Shyamkumargv opened 5 years ago

Shyamkumargv commented 5 years ago

At this time this is available as a service broker, but this being an Open Source service our platform team is not too keen to implement it. As a part of application team not having access to the platform to implement this as a broker service can we have a way to use this service just as an app which can tap on to every service in the space? Can you give us some pointers.

Cheers, Shyam

gberche-orange commented 5 years ago

@Shyamkumargv have you tried to register the broker as space scoped , which does not require admin permissions ?

See

https://github.com/cloudfoundry-community/autosleep/blob/develop/doc/publish.md#publish-as-a-private-broker

Shyamkumargv commented 5 years ago

Thank u.. I have NOT tried that.. will give it a try.

Shyamkumargv commented 5 years ago

I tried but I'm not even able to push the app, it gives me 401 Authorization error. When I looked at the doc closely event to push an app in "Private PCF Instance" I need to have "on private CF instance: favor an admin user with cloudcontroller.admin scope". Which is not possible to get. Not sure if there is any other option.

gberche-orange commented 5 years ago

I'm not sure to follow. Can you please prive detailed commands and associated traces ?

Shyamkumargv commented 5 years ago

Sorry.. Details: While trying to push the app I get the below exception:

2019-07-16T10:42:30.58-0400 [APP/PROC/WEB/0] OUT DEBUG - main - o.c.a.a.c.c.CloudfoundryClientBuilder(78) - buildClient - skipSslValidation=true 2019-07-16T10:42:30.58-0400 [APP/PROC/WEB/0] OUT DEBUG - main - o.c.a.a.c.c.CloudfoundryClientBuilder(79) - buildClient - username=xxxxxx 2019-07-16T10:42:30.91-0400 [APP/PROC/WEB/0] OUT WARN - main - c.trust(87) - Trusting SSL Certificate for api.sys.pcf.manulife.com:443 2019-07-16T10:42:31.12-0400 [APP/PROC/WEB/0] OUT DEBUG - main - o.s.w.c.RestTemplate(79) - Created GET request for "https://api.pcf.manulife.com:443/v2/info" 2019-07-16T10:42:31.13-0400 [APP/PROC/WEB/0] OUT DEBUG - main - o.s.w.c.RestTemplate(720) - Setting request Accept header to [application/json, application/*+json] 2019-07-16T10:42:31.19-0400 [APP/PROC/WEB/0] OUT DEBUG - main - o.s.w.c.RestTemplate(632) - GET request for "https://api.pcf.manulife.com:443/v2/info" resulted in 200 (OK) 2019-07-16T10:42:31.19-0400 [APP/PROC/WEB/0] OUT DEBUG - main - o.s.w.c.RestTemplate(92) - Reading [interface java.util.Map] as "application/json;charset=utf-8" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@f0ba07a] 2019-07-16T10:42:31.20-0400 [APP/PROC/WEB/0] OUT WARN - main - c.trust(87) - Trusting SSL Certificate for uaa.sys.cac.preview.pcf.manulife.com:443 2019-07-16T10:42:31.83-0400 [APP/PROC/WEB/0] OUT DEBUG - cloud-foundry-2 - o.s.s.o.c.t.g.p.ResourceOwnerPasswordAccessTokenProvider(159) - Retrieving token from https://uaa.pcf.manulife.com/oauth/token 2019-07-16T10:42:31.83-0400 [APP/PROC/WEB/0] OUT DEBUG - cloud-foundry-2 - o.s.w.c.RestTemplate(79) - Created POST request for "https://uaa.pcf.manulife.com/oauth/token" 2019-07-16T10:42:31.84-0400 [APP/PROC/WEB/0] OUT DEBUG - cloud-foundry-2 - o.s.s.o.c.t.g.p.ResourceOwnerPasswordAccessTokenProvider(221) - Encoding and sending form: {grant_type=[password], username=[xxxxxx], password=[xxxxxx]} 2019-07-16T10:42:31.93-0400 [APP/PROC/WEB/0] OUT DEBUG - cloud-foundry-4 - o.s.s.o.c.t.g.p.ResourceOwnerPasswordAccessTokenProvider(159) - Retrieving token from https://uaa.pcf.manulife.com/oauth/token 2019-07-16T10:42:31.93-0400 [APP/PROC/WEB/0] OUT DEBUG - cloud-foundry-4 - o.s.w.c.RestTemplate(79) - Created POST request for "https://uaa.pcf.manulife.com/oauth/token" 2019-07-16T10:42:31.93-0400 [APP/PROC/WEB/0] OUT DEBUG - cloud-foundry-2 - o.s.w.c.RestTemplate(632) - POST request for "https://uaa.pcf.manulife.com/oauth/token" resulted in 401 (Unauthorized); invoking error handler 2019-07-16T10:42:31.93-0400 [APP/PROC/WEB/0] OUT DEBUG - cloud-foundry-4 - o.s.s.o.c.t.g.p.ResourceOwnerPasswordAccessTokenProvider(221) - Encoding and sending form: {grant_type=[password], username=[xxxxxx], password=[xxxxxx]} 2019-07-16T10:42:31.98-0400 [APP/PROC/WEB/0] OUT DEBUG - cloud-foundry-4 - o.s.w.c.RestTemplate(632) - POST request for "https://uaa.pcf.manulife.com/oauth/token" resulted in 401 (Unauthorized); invoking error handler 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT ERROR - main - o.c.a.a.c.c.CloudfoundryClientBuilder(96) - CloudFoundryApi - failure while login 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException: Error requesting access token. 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:145) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider.obtainAccessToken(ResourceOwnerPasswordAccessTokenProvider.java:47) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:221) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.oauth2.client.OAuth2RestTemplate.createRequest(OAuth2RestTemplate.java:105) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:592) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.oauth2.client.OAuth2RestTemplate.doExecute(OAuth2RestTemplate.java:128) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:572) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:280) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.cloudfoundry.spring.util.AbstractSpringOperations.lambda$get$3(AbstractSpringOperations.java:85) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.cloudfoundry.spring.util.AbstractSpringOperations.lambda$null$1(AbstractSpringOperations.java:66) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.FluxYieldingEmitter$YieldingSignalEmitter.request(FluxYieldingEmitter.java:72) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.util.DeferredSubscription.set(DeferredSubscription.java:71) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.FluxPublishOn$PublishOnPipeline.onSubscribe(FluxPublishOn.java:126) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.subscriber.SignalEmitter.start(SignalEmitter.java:170) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.FluxYieldingEmitter.subscribe(FluxYieldingEmitter.java:43) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.FluxFlatMap.trySubscribeScalarMap(FluxFlatMap.java:152) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.FluxFlatMap.subscribe(FluxFlatMap.java:169) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.FluxPublishOn$SourceSubscribeTask.run(FluxPublishOn.java:308) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.SchedulerGroup$TaskSubscriber.onNext(SchedulerGroup.java:1081) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.SchedulerGroup$TaskSubscriber.onNext(SchedulerGroup.java:1063) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at reactor.core.publisher.WorkQueueProcessor$QueueSubscriberLoop.run(WorkQueueProcessor.java:842) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at java.lang.Thread.run(Thread.java:748) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT Caused by: org.springframework.web.client.HttpClientErrorException: 401 Unauthorized 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:91) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport$AccessTokenErrorHandler.handleError(OAuth2AccessTokenSupport.java:244) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:641) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:597) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:565) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:137) 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT ... 24 common frames omitted 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT WARN - main - o.s.c.a.AnnotationConfigApplicationContext(546) - Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'getClient' defined in org.cloudfoundry.autosleep.access.cloudfoundry.config.CloudfoundryClientBuilder: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.cloudfoundry.client.CloudFoundryClient]: Factory method 'getClient' threw exception; nested exception is org.springframework.context.ApplicationContextException: Failed to build client; nested exception is error="access_denied", error_description="Error requesting access token." 2019-07-16T10:42:32.03-0400 [APP/PROC/WEB/0] OUT DEBUG - main - o.s.b.f.s.DefaultListableBeanFactory(512) - Destroying singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@6cada3f7: defining beans [org.springframework.context.annotation.internalConfigurationAnnotationProcessor,org.springframework.context.annotation.internalAutowiredAnnotationProcessor,org.springframework.context.annotation.internalRequiredAnnotationProcessor,org.springframework.context.annotation.internalCommonAnnotationProcessor,org.springframework.context.annotation.internalPersistenceAnnotationProcessor,org.springframework.context.event.internalEventListenerProcessor,org.springframework.context.event.internalEventListenerFactory,cloudfoundryClientBuilder,org.springframework.context.annotation.ConfigurationClassPostProcessor.importAwareProcessor,org.springframework.context.annotation.ConfigurationClassPostProcessor.enhancedConfigurationProcessor,org.springframework.boot.autoconfigure.condition.BeanTypeRegistry,getClient,getLogClient]; root of factory hierarchy

While following the document u shared earlier i found in the "Prerequisites" section, that if its a "Private PCF instance" then the user credentials used to push the app should have "cloudcontroller.admin" scope. Which my user of course doesn't have.

Hope its clear.. Pls let me know if u need any additional info. Thanks for ur help.