I designed a simple website using Flask and my goal was to deploy it on Google App engine. I started working on it locally and used google cloud sql for the database. I used google_cloud_proxy to open the port 3306 to interact with my GC SQL instance and it works fine locally... this is the way I'm connecting my application to GC SQL:
I have a app.yaml file which I've defined my Global Variables in it:
env_variables:
CLOUDSQL_SERVER = '127.0.0.1'
CLOUDSQL_CONNECTION_NAME = "myProjectName:us-central1:project"`
CLOUDSQL_USER = "user"
CLOUDSQL_PASSWORD = "myPassword"
CLOUDSQL_PORT = 3306
CLOUDSQL_DATABASE = "database"
and from my local machine I do:
db = MySQLdb.connect(CLOUDSQL_SERVER,CLOUDSQL_USER,CLOUDSQL_PASSWORD,CLOUDSQL_DATABASE,CLOUDSQL_PORT)
and if I want to get connected on App Engine, I do:
cloudsql_unix_socket = os.path.join('/cloudsql', CLOUDSQL_CONNECTION_NAME)
db = MySQLdb.connect(unix_socket=cloudsql_unix_socket,user=CLOUDSQL_USER,passwd=CLOUDSQL_PASSWORD,db=CLOUDSQL_DATABASE)
the static part of the website is running but for example, when I want to login with a username and password which is stored in GC SQL, I receive an internal error.
I tried another way... I started a compute engine, defined my global variables in config.py, installed flask, mysqldb and everything needed to start my application. I also used cloud_sql_proxy on that compute engine and I tried this syntax to connect to GC SQL instance:
db = MySQLdb.connect(CLOUDSQL_SERVER,CLOUDSQL_USER,CLOUDSQL_PASSWORD,CLOUDSQL_DATABASE,CLOUDSQL_PORT)
but it had the same problem. I don't think that it's the permission issue as I defined my compute engine's ip address in the authorized network part of GC SQL and in I AM & ADMIN part, the myprojectname#appspot.gserviceaccount.com has the Editor role!
can anyone help me out where the problem is?
ALright! I solved the problem. I followed the Google cloud's documentation but I had problems.I added a simple '/' in:
cloudsql_unix_socket = os.path.join('/cloudsql', CLOUDSQL_CONNECTION_NAME)
instead of '/cloudsql' it should be '/cloudsql/'
I know it's weird because os.path.join must add '/' to the path but for strange reasons which I don't know, it wasn't doing so.
Related
I was trying to setup code using python to test the azure managed identity services and with C# I can able to test the code locally. Is there any way to test the python code locally?
Enabled managed identity in azure appservice
Added the application user(appservice) in azure SQL server and gave permissions.
this is my sample python code to connect to azure sql with managed identity
conn = db.connect('Driver={ODBC Driver 17 for SQL Server};'
'Server=testdb.database.windows.net;'
'Database=studentdb;'
'Authentication=ActiveDirectoryIntegrated;'
)
query = pd.read_sql_query('SELECT * FROM STUDENT', conn)
frame = pd.DataFrame(query)
return func.HttpResponse(frame.to_json(orient="index"), status_code=200)
Can anyone help me to test this code locally? as i do not have permissions on azure to deploy this code and test.
You can use this Moto library which allow you to test services. You can run the Lambda functions in the same way you would run python script.
if __name__ == "__main__":
event = []
context = []
lambda_handler(event, context)
If you are in a virtual environment then this will ensure that all the required dependencies installed properly for the lambda function with correct python function.
If you check this document from Microsoft, then you will find that -
Managed Identity cannot be used to authenticate locally-running applications. Your application must be deployed to an Azure service that supports Managed Identity.
It's important to understand that Managed Identity feature in Azure is ONLY relevant when, in this case, the App Service is deployed.
As an alternative you can use DefaultAzureCredential() from the Azure.Identity library which is compatible both when running locally and for the deployed web app. You can read more about how Azure.Identity works from the official docs.
Most of the time we use Azure MSI to connect Azure SQL in Azure function with python. We can can use Azure MSI to get Azure AD access token then you can use the token to connect Azure SQL.
Once you enabled system assigned identity on your Azure Web App and gave SQL permissions, you can get access to the database directly from python as shown in the snippet below.
import pyodbc
from logzero import loggerwith pyodbc.connect(
"Driver=" + driver + ";Server=" + server + ";PORT=1433;Database=" + database
+ ";Authentication=ActiveDirectoryMsi",
) as conn:
logger.info("Successful connection to database")
with conn.cursor() as cursor:
cursor.execute(“select ##version")).fetchall()
Following are the parameters used above:
Driver: We should use : “{ODBC Driver 17 for SQL Server}”
Server: The sql server on which is your database
Database: The name of your database
Authentication: To specify the connection method “ActiveDirectoryMsi”
Check the SQL database access with managed identity from Azure Web App document and Configure your local Python dev environment for Azure document for more information.
I can't find any info on Internet about how I can tell my flask app which port it should look at when trying to connect to Cassandra.
From their official website I got:
app = Flask(__name__)
app.config['CASSANDRA_HOSTS'] = ['127.0.0.1']
app.config['CASSANDRA_KEYSPACE'] = "cqlengine"
db = CQLAlchemy(app)
I've tried to add the port to the host with colon or comma and yet nothing. Obviously by default it tries to connect to 9042 and fails miserably.
You can set the port with the following code:
app.config['CASSANDRA_SETUP_KWARGS'] = {'port': 90422}
The CASSANDRA_SETUP_KWARGS configuration value is a parameter of the cassandra.cqlengine.connection.setup method. More information on that here: https://datastax.github.io/python-driver/api/cassandra/cqlengine/connection.html
You can change any Cluster variables with the CASSANDRA_SETUP_KWARGS config. See the following documentation for what configurations are available for the Cluster object: https://datastax.github.io/python-driver/api/cassandra/cluster.html#cassandra.cluster.Cluster
I am trying to Implement Google Cloud DataStore in my Python Django Project not running on Google App Engine.
Can it be possible to use Google Datastore without having the project run on Google App Engine ? If yes, Can you please tell how to retrieve the complete entity object or execute the query successfully ?
The below code snippet prints the query object but throws an error after that.
Code Snippet:
from gcloud import datastore
entity_kind = 'EntityKind'
numeric_id = 1234
client = datastore.Client()
key = client.key(entity_kind, numeric_id)
query = client.query(kind=entity_kind)
print(query)
results = list(query.fetch())
print(results)
Error:
NotFound: 404 The project gproj does not exist or it does not contain an active App Engine application. Please visit http://console.developers.google.com to create a project or https://console.developers.google.com/appengine?project=gproj to add an App Engine application. Note that the app must not be disabled.
This guide will probably be helpful. You can see an example of it in action here.
You just need to pass a project id to the .Client() method:
datastore.Client("YOUR_PROJECT_ID")
You can also skip this part by running this command before running your app:
$ gcloud beta auth application-default login
If you run that, it will authenticate all of your requests locally without injecting the project id :)
Hope this helps!
I am new to mongodb and I am trying to connect it remotely (from my local system to live db) and it is connected successfully. I have admin users in admin table and want that without authentication no one can access my database. But when I try to connect Mongodb remotely via the below mention code , even without authentication i can access any db :
from pymongo import MongoClient, Connection
c = MongoClient('myip',27017)
a = c.mydb.testData.find()
In my config file , the parameter auth is set to True , auth = True . But still no authentication is needed to access my db . Please can anyone let me know what I am missing here.
Based on your description I would guess you haven't actually enabled authentication. In order to enable authentication you must start the Mongo server with certain settings. You can find more information below:
http://docs.mongodb.org/manual/tutorial/enable-authentication/
Basically you need to run with --auth in order to enable authentication.
How can I access Google App Engine endpoints API for Python (not web, android, ios)?
I read this tutorial but it not explains it enough to understand this.
As I found on serve side I can use such code to identify user:
#endpoints.method(message_types.VoidMessage, Greeting,
path='hellogreeting/authed', http_method='POST',
name='greetings.authed')
def greeting_authed(self, request):
current_user = endpoints.get_current_user()
email = (current_user.email() if current_user is not None
else 'Anonymous')
return Greeting(message='hello %s' % (email,))
Full code of API example
How can I connect from Python client to this API and call 'hellogreeting/authed' with authentication current_user != None.
Can you share some code how to do it?
app_id = 'xxx'
user = 'xxx'
password = 'xxx'
callAPI(app_id, user, password, 'hellogreeting/authed')
You need to configure your App Engine instance to be able to serve your API. I would recommend you create a separate module dedicated to your API, like explained in these docs: https://developers.google.com/appengine/docs/python/endpoints/api_server.
Once everything is correctly set up on the server side, you can call your API using something like: http://your-module.your-app.appspot.com/_ah/spi/hellogreeting/authed.
If you're using the development server, things are a little bit different for accessing modules, but once you know which port number the App Engine development server has assigned to your API module, you can reach it locally using: http://localost:<api_module_port_#>/_ah/spi/hellogreeting/authed.
Hope this helped.