GCP cloudbreak unable to launch instances on subnetwork shared from host project

sachin_d_shinde · ‎10-29-2018

We have GCP project whose subnet is allocated from host project. Cloudbreak instances is deployed into same project on subnet allocated from host project. Service account which configure in cloudbreak has permission to deploy instances on that subnet. Able to deploy instance using gcloud command using same service account.

When i am trying to deploy HDP cluster using cb cli its failing for below input in cluster-config json file.

  "network": {
    "parameters": {
      "noPublicIp": true,
      "noFirewallRules": true,
      "networkId": "https://www.googleapis.com/compute/v1/projects/host-project-xxx/global/networks/hostnettwork01",
      "subnetId": "https://www.googleapis.com/compute/v1/projects/host-project-xxx/regions/europe-west1/subnetworks/hostsubnet02"
    }
  },

Cloudbrak code while creating instances add prefix of current project API to above attributes and it fails.

Is there option in config to use, provided networkId and subnetId as it is?

gtopolyai · ‎10-30-2018

Hi Sachin,

Cloudbreak does not support network and subnet ids as URL. You should send the name only. For example:

"network": {
  "parameters": {
    "noPublicIp": true,
    "noFirewallRules": true,
    "networkId": "hostnettwork01",
    "subnetId": "hostsubnet02"
  }
},

sachin_d_shinde · ‎10-30-2018

Thanks @gtopolyai for reply. In our GCP infrastructure deployment, we do not create VPC in our project (i.e. abc). We get subnet which carve from another GCP (Host) project(i.e. xyz) and its shared with our project. So if i provide only name for network and subnet, cloudbreak when tries to create cluster instances using service account its look for that subnet in our project (ie. abc) and it unable to find it as those are not part of our project but part of host project (i.e. xyz). Hence I try to provide SelfLink(URL) for network and subnet Id.

Using same service account via gcloud CLI by providing SelfLink I am able to spin up instance, so there is no issue with permission for account.

Let me know if you need any additional details and way forward for such requirement

sachin_d_shinde · ‎10-30-2018

Thanks @gtopolyai for reply. In our GCP infrastructure deployment, we do not create VPC in our project (i.e. abc). We get subnet which carve from another GCP (Host) project(i.e. xyz) and its shared with our project. So if i provide only name for network and subnet, cloudbreak when tries to create cluster instances using service account its look for that subnet in our project (ie. abc) and it unable to find it as those are not part of our project but part of host project (i.e. xyz). Hence I try to provide SelfLink(URL) for network and subnet Id.

Using same service account via gcloud CLI by providing SelfLink I am able to spin up instance, so there is no issue with permission for account.

Let me know if you need any additional details and way forward for such requirement

darvasip · ‎11-06-2018

@Sachin Shinde

This cross-project resource management is currently not supported by Cloudbreak.

I would suggest you to contact your company's Hortonworks representative, who can then create a feature request for Cloudbreak to support this in the near future.

Hope this helps!