andreasf / cf-mysql-plugin Goto Github PK
View Code? Open in Web Editor NEWCloud Foundry CLI MySQL Plugin
License: Apache License 2.0
Cloud Foundry CLI MySQL Plugin
License: Apache License 2.0
I'm trying to run cf mysqldump <service-name>
but am getting a "not found in PATH" error. I can run cf mysql <service-name>
to connect, so it sees the mysql-plugin located at ~/.cf/plugins. Here is my config.json as well. Any idea what I'm doing wrong?
{
"Plugins": {
"mysql": {
"Name": "mysql",
"Location": "/home/mtvann/.cf/plugins/mysql",
"Version": {
"Major": 2,
"Minor": 0,
"Build": 0
},
"LibraryVersion": {
"Major": 0,
"Minor": 0,
"Build": 0
},
"Commands": [
{
"Name": "mysql",
"Alias": "",
"HelpText": "Connect to a MySQL database service",
"UsageDetails": {
"Usage": "Open a mysql client to a database:\n cf mysql \u003cservice-name\u003e [mysql args...]",
"Options": null
}
},
{
"Name": "mysqldump",
"Alias": "",
"HelpText": "Dump a MySQL database",
"UsageDetails": {
"Usage": "Dump all tables in a database:\n cf mysqldump \u003cservice-name\u003e [mysqldump args...]\n Dump specific tables in a database:\n cf mysqldump \u003cservice-name\u003e [tables...] [mysqldump args...]",
"Options": null
}
}
]
}
}
In orgs with many service instances and bindings, the plugin might not list all available services because it doesn't follow next_url
in the paginated API response.
next_url
Currently, given sufficient amount of time, or after workstation has gone to sleep, the SSH tunnel is disconnected. When this happens, we have to re-run cf mysql <name>
command.
The README makes a comment about how this plugin can be used to dump and restore databases, however it does not appear to offer guidance on how to restore a DB using the plugin.
Is it possible to use this plugin to restore a mysql db? e.g., given a mysql dump, could this plugin be used to upload/restore it to a mysql service?
In my space I have two databases connected to a go app, which is called test-app.
Dbs:
Both are bound to the test-app. Env of app looks like:
System-Provided:
{
"VCAP_SERVICES": {
"mysql-dev": [
{
"credentials": {
"hostname": "someHostname",
"jdbcUrl": "jdbc:mysql://someHostname:3306/cf_xxxxx?user=xxxx\u0026password=xxxx",
"name": "xxxx",
"password": "xxxx",
"port": 3306,
"uri": "mysql://xxxx:xxxxx@someHostname:3306/dbname?reconnect=true",
"username": "xxxx"
},
"label": "mysql-dev",
"name": "db",
"plan": "shared",
"provider": null,
"syslog_drain_url": null,
"tags": [
"mysql",
"aws",
"rds",
"shared",
"development"
],
"volume_mounts": []
}
]
}
}
Believe this requires ssh tunnelling enabled. Any thoughts on this / alternates on how to get this done.
PROD Environment: cf mysqldump debug-mysql (unable to get the dump, get ssh error)
panic: SSH tunnel failed: Error opening SSH connection: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain
goroutine 58 [running]:
github.com/andreasf/cf-mysql-plugin/cfmysql.(*sshRunner).OpenSshTunnel(0xa9ac90, 0x879240, 0xc42016c370, 0x7ffc289d6ae3, 0x10, 0xc420204680, 0x3b, 0xc420166ef0, 0x4, 0xc420186f00, ...)
/home/travis/gopath/src/github.com/andreasf/cf-mysql-plugin/cfmysql/ssh_runner.go:25 +0x260
created by github.com/andreasf/cf-mysql-plugin/cfmysql.(*cfService).OpenSshTunnel
/home/travis/gopath/src/github.com/andreasf/cf-mysql-plugin/cfmysql/cf_service.go:61 +0x107
Unable to retrieve services: Unable to retrieve service instances: Get https://api.sys.pikes.pal.pivotal.io/v2/service_instances: dial tcp 35.201.107.13:443: connectex: No connection could be made because the target machine actively refused it.
When I trace the call it shows...
$ CF_TRACE=1 cf mysql
REQUEST: [2017-12-07T14:47:48-07:00]
POST /oauth/token HTTP/1.1
Host: login.sys.pikes.pal.pivotal.io
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Connection: close
Content-Type: application/x-www-form-urlencoded
User-Agent: go-cli 6.33.0+a345ea34d.2017-11-20 / windows
grant_type=refresh_token&refresh_token=eyJhbGciOiJSUzI1NiIsImtpZCI6ImtleS0xIiwidHlwIjoiSldUIn0.eyJqdGkiOiI0M2FjZWI4ZjA3NjE0YTI0OGYwZTZjMmZjZTEyZWYyMi1yIiwic3ViIjoiYjYyZDkxMTQtZTNkYS00MDFkLWE3MDAtZWEwMzI5NDkyYWE3Iiwic2NvcGUiOlsib3BlbmlkIiwidWFhLnVzZXIiLCJjbG91ZF9jb250cm9sbGVyLnJlYWQiLCJwYXNzd29yZC53cml0ZSIsImNsb3VkX2NvbnRyb2xsZXIud3JpdGUiXSwiaWF0IjoxNTExODA0NzgzLCJleHAiOjE1MTMwMTQzODMsImNpZCI6ImNmIiwiY2xpZW50X2lkIjoiY2YiLCJpc3MiOiJodHRwczovL3VhYS5zeXMucGlrZXMucGFsLnBpdm90YWwuaW8vb2F1dGgvdG9rZW4iLCJ6aWQiOiJ1YWEiLCJncmFudF90eXBlIjoicGFzc3dvcmQiLCJ1c2VyX25hbWUiOiJtaWNoYWVsLnJ1bXBmQHQtc3lzdGVtcy5jb20iLCJvcmlnaW4iOiJ1YWEiLCJ1c2VyX2lkIjoiYjYyZDkxMTQtZTNkYS00MDFkLWE3MDAtZWEwMzI5NDkyYWE3IiwicmV2X3NpZyI6ImVhZjVkY2IyIiwiYXVkIjpbImNsb3VkX2NvbnRyb2xsZXIiLCJwYXNzd29yZCIsImNmIiwidWFhIiwib3BlbmlkIl19.YKcUvsSBFdlWB8axV5s06H6vmMpTD1AyZfDp3ii9Tj8OHKNXtKAF6jNq_QgivpMlEsdOGae2m4GBRlzWR9YkeRo-CszHJ_dco1ZA6VrppE4XWW7khiO5XSJp4qwAOxbopcFmm9_6yIwS7hDom_xHQE-woxMa5Dw93au8MzArpYgI7ISOfGWva3hFY0xPFcJCkjh8qTVtMTXDyp9aSFsam3iduGsMpuHUmL3clbeNTUBVIVBlyF09g7K507LeIocxM-fFwi_k3o9nbQlXphH-07bXYl_YM-YY6J9ti_4R__qcCxI77uzk0RopVPrTTlDdVEOud3jXyTqxjAC-RKU9_w&scope=
REQUEST: [2017-12-07T14:47:48-07:00]
POST /oauth/token HTTP/1.1
Host: login.sys.pikes.pal.pivotal.io
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Connection: close
Content-Type: application/x-www-form-urlencoded
User-Agent: go-cli 6.33.0+a345ea34d.2017-11-20 / windows
grant_type=refresh_token&refresh_token=eyJhbGciOiJSUzI1NiIsImtpZCI6ImtleS0xIiwidHlwIjoiSldUIn0.eyJqdGkiOiI0M2FjZWI4ZjA3NjE0YTI0OGYwZTZjMmZjZTEyZWYyMi1yIiwic3ViIjoiYjYyZDkxMTQtZTNkYS00MDFkLWE3MDAtZWEwMzI5NDkyYWE3Iiwic2NvcGUiOlsib3BlbmlkIiwidWFhLnVzZXIiLCJjbG91ZF9jb250cm9sbGVyLnJlYWQiLCJwYXNzd29yZC53cml0ZSIsImNsb3VkX2NvbnRyb2xsZXIud3JpdGUiXSwiaWF0IjoxNTExODA0NzgzLCJleHAiOjE1MTMwMTQzODMsImNpZCI6ImNmIiwiY2xpZW50X2lkIjoiY2YiLCJpc3MiOiJodHRwczovL3VhYS5zeXMucGlrZXMucGFsLnBpdm90YWwuaW8vb2F1dGgvdG9rZW4iLCJ6aWQiOiJ1YWEiLCJncmFudF90eXBlIjoicGFzc3dvcmQiLCJ1c2VyX25hbWUiOiJtaWNoYWVsLnJ1bXBmQHQtc3lzdGVtcy5jb20iLCJvcmlnaW4iOiJ1YWEiLCJ1c2VyX2lkIjoiYjYyZDkxMTQtZTNkYS00MDFkLWE3MDAtZWEwMzI5NDkyYWE3IiwicmV2X3NpZyI6ImVhZjVkY2IyIiwiYXVkIjpbImNsb3VkX2NvbnRyb2xsZXIiLCJwYXNzd29yZCIsImNmIiwidWFhIiwib3BlbmlkIl19.YKcUvsSBFdlWB8axV5s06H6vmMpTD1AyZfDp3ii9Tj8OHKNXtKAF6jNq_QgivpMlEsdOGae2m4GBRlzWR9YkeRo-CszHJ_dco1ZA6VrppE4XWW7khiO5XSJp4qwAOxbopcFmm9_6yIwS7hDom_xHQE-woxMa5Dw93au8MzArpYgI7ISOfGWva3hFY0xPFcJCkjh8qTVtMTXDyp9aSFsam3iduGsMpuHUmL3clbeNTUBVIVBlyF09g7K507LeIocxM-fFwi_k3o9nbQlXphH-07bXYl_YM-YY6J9ti_4R__qcCxI77uzk0RopVPrTTlDdVEOud3jXyTqxjAC-RKU9_w&scope=
RESPONSE: [2017-12-07T14:47:50-07:00]
HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Alt-Svc: clear
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json;charset=UTF-8
Date: Thu, 07 Dec 2017 21:47:49 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Via: 1.1 google
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Vcap-Request-Id: 4cd0e120-5a22-43b0-6684-3353f7c9e284
X-Xss-Protection: 1; mode=block
9a2
{"access_token":"[PRIVATE DATA HIDDEN]","token_type":"[PRIVATE DATA HIDDEN]","refresh_token":"[PRIVATE DATA HIDDEN]","expires_in":7199,"scope":"cloud_controller.read password.write cloud_controller.write openid uaa.user","jti":"00f78b84c8dd43819a9e1be71d0ae171"}
0
RESPONSE: [2017-12-07T14:47:50-07:00]
HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Alt-Svc: clear
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json;charset=UTF-8
Date: Thu, 07 Dec 2017 21:47:49 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Via: 1.1 google
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Vcap-Request-Id: 8b4eb640-4e01-4d97-5b69-7323cdd1d394
X-Xss-Protection: 1; mode=block
9a2
{"access_token":"[PRIVATE DATA HIDDEN]","token_type":"[PRIVATE DATA HIDDEN]","refresh_token":"[PRIVATE DATA HIDDEN]","expires_in":7199,"scope":"cloud_controller.read password.write cloud_controller.write openid uaa.user","jti":"51c003b7f90d4fdf91765f831a271baa"}
0
Unable to retrieve services: Unable to retrieve service instances: Get https://api.sys.pikes.pal.pivotal.io/v2/service_instances: dial tcp 35.201.107.13:443: connectex: No connection could be made because the target machine actively refused it.
The call is done on a corporate machine with no direct access to the internet.
Recent versions of MySQL v2 allow the Operator to enable TLS on the server side. This is expressed to the user in that the bindings for both app binding and service keys will have an additional entry, a TLS certificate authority.
If that's present in the binding, then it would be great if the mysql plugin would attempt to connect to the database over TLS. This is better because it means that the network path between the Diego container and the database is additionally encrypted, whereas the current implementation only encrypts traffic between the desktop client and the container.
On PWS, old CAPI v2 cf ssh
doesn't work anymore, I forget why.
Now, to ssh to a service instance, you have to use the cf v3-ssh
command.
Here's how the current implementation fails:
→ cf mysql clickpointDB --execute='show databases;'
Creating new service key cf-mysql for clickpointDB...
panic: SSH tunnel failed: Error opening SSH connection: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain
goroutine 13 [running]:
github.com/andreasf/cf-mysql-plugin/cfmysql.(*sshRunner).OpenSshTunnel(0x16963a0, 0x1476380, 0xc42014e870, 0x7ffeefbff8f9, 0xc, 0xc4204738c0, 0x1c, 0xc42052e2f8, 0x4, 0xc42048cd20, ...)
/home/travis/gopath/src/github.com/andreasf/cf-mysql-plugin/cfmysql/ssh_runner.go:25 +0x260
created by github.com/andreasf/cf-mysql-plugin/cfmysql.(*cfService).OpenSshTunnel
/home/travis/gopath/src/github.com/andreasf/cf-mysql-plugin/cfmysql/cf_service.go:61 +0x107
I just downloaded v1.3.5 of the plugin and attempted to use it on one of my services:
❯ cf mysql my-service
panic: SSH tunnel failed: Error: EOF
goroutine 83 [running]:
panic(0x35a660, 0xc420498680)
/home/travis/.gimme/versions/go1.7.linux.amd64/src/runtime/panic.go:500 +0x1a1
github.com/andreasf/cf-mysql-plugin/cfmysql.(*CfSshRunner).OpenSshTunnel(0x610b88, 0x56c0c0, 0xc420011dc0, 0xc4201a8510, 0xc, 0x0, 0x0, 0xc420127e60, 0x1c, 0xc4201a8b00, ...)
/home/travis/gopath/src/github.com/andreasf/cf-mysql-plugin/cfmysql/ssh_runner.go:21 +0x254
created by github.com/andreasf/cf-mysql-plugin/cfmysql.(*CfServiceImpl).OpenSshTunnel
/home/travis/gopath/src/github.com/andreasf/cf-mysql-plugin/cfmysql/cf_service.go:93 +0xc5
When service instances are deployed using secure binding credentials, the credentials are no longer available via cf env
or even when cf ssh
into a container:
$ cf env trivial-js
Getting env variables for app trivial-js in org system / space pivotal-services as admin...
OK
System-Provided:
{
"VCAP_SERVICES": {
"p.mysql": [
{
"binding_name": null,
"credentials": {
"credhub-ref": "/c/548966e5-e333-4d65-8773-7b4e3bb6ca97/52f2a8d2-e9d3-4358-8f00-6c5bd64f0d09/2dd37dff-35a2-4cf3-8acb-5ca760bef861/credentials"
},
...
This causes the following sad behavior:
$ cf services
Getting services in org system / space pivotal-services as admin...
name service plan bound apps last operation
acceptDB p.mysql plan-1 trivial-js create succeeded
$ cf mysql
No MySQL databases available. Please bind your database services to a started app to make them available to 'cf mysql'.
On MacOS 13.3.1 (a), cf install-plugin
fails.
Here's the error on an x86 machine:
Starting download of plugin binary from repository CF-Community...
10.42 MiB / 10.42 MiB [============================================] 100.00% 1s
fatal error: runtime: bsdthread_register error
runtime stack:
runtime.throw(0x142f264, 0x21)
/home/travis/.gimme/versions/go1.10.linux.amd64/src/runtime/panic.go:619 +0x81 fp=0x7ff7bfeff578 sp=0x7ff7bfeff558 pc=0x1029401
runtime.goenvs()
/home/travis/.gimme/versions/go1.10.linux.amd64/src/runtime/os_darwin.go:129 +0x83 fp=0x7ff7bfeff5a8 sp=0x7ff7bfeff578 pc=0x1026f83
runtime.schedinit()
/home/travis/.gimme/versions/go1.10.linux.amd64/src/runtime/proc.go:496 +0xa4 fp=0x7ff7bfeff600 sp=0x7ff7bfeff5a8 pc=0x102bcc4
runtime.rt0_go(0x7ff7bfeff630, 0x3, 0x7ff7bfeff630, 0x1000000, 0x3, 0x7ff7bfeff848, 0x7ff7bfeff87d, 0x7ff7bfeff883, 0x0, 0x7ff7bfeff890, ...)
/home/travis/.gimme/versions/go1.10.linux.amd64/src/runtime/asm_amd64.s:252 +0x1f4 fp=0x7ff7bfeff608 sp=0x7ff7bfeff600 pc=0x1052544
exit status 2
File is not a valid cf CLI plugin binary.
FAILED
Here's the error on an M1 machine:
Starting download of plugin binary from repository CF-Community...
10.42 MiB / 10.42 MiB [===========================================================================] 100.00% 0s
signal: segmentation fault
File is not a valid cf CLI plugin binary.
FAILED
Hello.
When I am in an organisation with multiple spaces, and I execute
cf mysql
I get an overview with all databases instead just the databases in my space, I am currently in.
Same issue with using commands with a database name, appearing in two spaces.
Hello,
my mysql connexion works , but suddenly it doesn't work,
all mysql connexion of an org don't work , on a other org it's ok
my ssh connexion is ok
version driver mysql-plugin: 2.0.0
my error:
**cf mysql forum-oft-aero-OMFRED-mysql
panic: SSH tunnel failed: Erreur lors de l'ouverture de la connexion SSH : ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain
goroutine 37 [running]:
github.com/andreasf/cf-mysql-plugin/cfmysql.(sshRunner).OpenSshTunnel(0xaabd30, 0x88b900, 0xc04210e840, 0xc04200a860, 0x1b, 0xc04211a490, 0xe, 0xc04211a500, 0x4, 0xc0422264e0, ...)
/home/travis/gopath/src/github.com/andreasf/cf-mysql-plugin/cfmysql/ssh_runner.go:25 +0x267
created by github.com/andreasf/cf-mysql-plugin/cfmysql.(cfService).OpenSshTunnel
/home/travis/gopath/src/github.com/andreasf/cf-mysql-plugin/cfmysql/cf_service.go:61 +0x10e
currently i can't use cf mysql with a cf foundation that uses self-signed certs. would be great if i could turn off certificate validation. thanks.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.