I am trying to use Apache libcloud to access GCP and hopefully be able to launch compute instances. So, following the documentation, I have created a service account on GCP associated with my email and given it the owner access for the moment. After that, I am using libcloud as follows:
from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver
ComputeEngine = get_driver(Provider.GCE)
driver = ComputeEngine('luca@googlemail.com', 'gcp-key.json', project='first-gcp')
This actually displays a URL and asks me to enter a code from it. When I click on the URL, I get the error message:
The OAuth client was not found.
This was not the workflow I was envisioning. I thought providing the secret key would just let me in and I would be able to then use methods for launching instances etc. So, I am not sure if I am doing the right thing by using a service account on GCP for this.
So, I get the following asking for a code:
So I get this:
Please Go to the following URL and sign in:
https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=xxx&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcompute+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdevstorage.full_control+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fndev.clouddns.readwrite&state=Libcloud+Request
Enter Code:
How should I approach this? We will be a few remote people working on this eventually so ideally each person will have their own key to use and this should happen in a bit autonomous way in the sense if codes do not need to be entered manually, that would be great.
From the Console (https://cloud.google.com/console), select your project. When your project is open, select "APIs & auth" and then "Credentials" as shown below:
In Development: Preferably make one for each, could use one for all for testing purposes.
In production: For each user to use this service, create a service account.
When you download the service account, you should have it as a .pem or .json file. Use the email address from the service account (if you open the json/pem you shd be able to see the email) and give it the correct values region/project/email and path to the pem file.
The code you're using is correct, avoid using the name "ComputeEngine" since it may be a keyword (even though it probably isn't, best practice)
from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver
Driver = get_driver(Provider.GCE)
gce = Driver('your_service_account_email', 'path_to_pem_file',
datacenter='us-central1-a',
project='your_project_id')
Have a look here If you're confused on any steps. But this should def work.