search

paraglider-project / paraglider

Streamlining cloud networking
https://paragliderproject.io
Apache License 2.0
61 stars 4 forks source link

[GCP, Azure] Cross-cloud --ping rule between GCP and Azure VMs fails. #497

Closed aviweit closed 1 week ago

aviweit commented 1 week ago

Started up Paraglider with the following file:

server:
  host: "localhost"
  port: 8080
  rpcPort: 8081

cloudPlugins:
  - name: "gcp"
    host: "localhost"
    port: 8082
  - name: "azure"
    host: "localhost"
    port: 8083

tagService:
  host: "localhost"
  port: 8084

namespaces:
  default:
    - name: "gcp"
      deployment: "projects/project-name"
    - name: "azure"
      deployment: "/subscriptions/subscription-id/resourceGroups/resource-group-name"

glided startup paraglider_config.yaml

Created two VMs:

$ glide resource create gcp vm-gcp gcp_vm.json
Creating resource: vm-gcp
Resource Created.
tag: default.gcp.vm-gcp
uri: https://www.googleapis.com/compute/v1/projects/project-name/zones/us-east4-a/instances/vm-gcp
ip: 10.0.0.9
$ glide resource create azure vm-azure azure_vm.json
Creating resource: vm-azure
Resource Created.
tag: default.azure.vm-azure
uri: /subscriptions/subscription-id/resourceGroups/resource-group-name/providers/Microsoft.Compute/virtualMachines/vm-azure
ip: 10.1.0.4

both created successfully.

Following user guide to create permit rule (ping) between them - failed:

$ glide rule add gcp vm-gcp --ping default.azure.vm-azure
Adding permit list rule
Error: failed to create resource: Request failed with status code 400: {"error":"rpc error: code = Unknown desc = unable to get peering cloud infos: permit list rule target must belong to a specific cloud if it's a private address"}
Usage:
  glide rule add [<cloud> <resource name> | <tag>] [--rulefile <path to rule json file>] [--ping <tag>] [--ssh <tag>] [flags]

Flags:
  -h, --help              help for add
      --ping string       IP/tag to allow ping to
      --rulefile string   The file containing the rules to add
      --ssh string        IP/tag to allow SSH to

Whoops. There was an error while executing your command:

failed to create resource: Request failed with status code 400: {"error":"rpc error: code = Unknown desc = unable to get peering cloud infos: permit list rule target must belong to a specific cloud if it's a private address"}

I wonder if I am missing something. Thanks a lot.

aviweit commented 1 week ago

I am closing this issue as I do not encounter it anymore. I will re-open if it fails again and provide more info.