search

googlearchive / k8s-service-catalog

[DEPRECATED] Commandline tool to manage Service Catalog lifecycle and GCP Service Broker atop Kubernetes Cluster
Apache License 2.0
69 stars 31 forks source link

What is a working example of provisioning the spanner service? #214

Open drnic opened 5 years ago

drnic commented 5 years ago

I tried the following:

svcat provision spanner-db -n sb-demo --class cloud-spanner --plan beta --wait

But it never exits. When I look at the events for the resource I see:

  Type     Reason               Age   From                                Message
  ----     ------               ----  ----                                -------
  Warning  ProvisionCallFailed  113s  service-catalog-controller-manager  Provision call failed: operation "projects/491089609225/operations/18ade35a-d355-11e8-b517-0a580a100221/1539922308231574303" failed: generic::invalid_argument: Operation "operation-1539922308431-5788d1a2cfc99-d6c02454-d28c8347" failed with
: [{"code":"MANIFEST_EXPANSION_USER_ERROR","location":"/deployments/iaa5eaaeb-0418-4c3a-bf46-328c4f615ab7/manifests/manifest-1539922308529","message":"Manifest expansion encountered the following errors: Invalid properties for 'gcp-services/composite:cloud-spanner-instance-f3622e2':\n'parameters' is a required property\n Resource: iaa5eaaeb-0418-4c3a-bf46-328c4f615ab7 Resource: config"}]
  Warning  RetryBackoff         72s  service-catalog-controller-manager  Delaying provision retry, next attempt will be after 2018-10-19 04:12:38.162643222 +0000 UTC m=+1948.891986131

What is an example svcat provision command to provision spanner or other services?

drnic commented 5 years ago

I've guessed my way so far to:

svcat provision spanner-db -n sb-demo --class cloud-spanner --plan beta --params-json '{"displayName":"my-spanner","instanceId":"d3d3e4-18f4-4d53"}'

Current error is now Resource projects/knative-experiments/instances/d3d3e4-18f4-4d53 is missing IAM permission: spanner.instances.setIamPolicy

  Warning  ProvisionCallFailed  3s    service-catalog-controller-manager  Provision call failed: operation "projects/491089609225/operations/a15585a3-d356-11e8-b517-0a580a100221/1539922966831069154" failed: generic::invalid_argument: Operation "operation-1539922967227-5788d41716a79-f114bcbd-94794d36" failed with
: [{"code":"RESOURCE_ERROR","location":"/deployments/i496cc442-ca37-4a75-824d-e4caaf07801f/resources/instance","message":"{\"ResourceType\":\"gcp-types/spanner-v1:projects.instances\",\"ResourceErrorCode\":\"403\",\"ResourceErrorMessage\":{\"code\":403,\"message\":\"Resource projects/knative-experiments/instances/d3d3e4-18f4-4d53 is missing IAM permission: spanner.instances.setIamPolicy.\",\"status\":\"PERMISSION_DENIED\",\"statusMessage\":\"Forbidden\",\"requestPath\":\"https://spanner.googleapis.com/v1/projects/knative-experiments/instances/d3d3e4-18f4-4d53:setIamPolicy\",\"httpMethod\":\"POST\"}}"}]
rawlingsj commented 5 years ago

I get the exact same error following this example https://github.com/GoogleCloudPlatform/kubernetes-engine-samples/tree/master/service-catalog/cloud-spanner#before-you-begin. I'm guessing I've missed enabling an API but not sure which one.

khipkin commented 5 years ago

Please read through the information regarding service account usage while using the GCP Broker: https://github.com/GoogleCloudPlatform/kubernetes-engine-samples/tree/master/service-catalog#application-service-account

And look through these instructions: https://github.com/GoogleCloudPlatform/k8s-service-catalog/issues/223#issuecomment-473222539