Abiquo Documentation Cookies Policy

Our Documentation website uses cookies to improve your experience. Please visit our Cookie Policy page for more information about cookies and how we use them.


Abiquo 4.7

Skip to end of metadata
Go to start of metadata

Introduction to Google GCE credentials

These instructions are a guide only. Always check your cloud provider documentation for up to date information.

Note that when you are first configuring your account, you may need to wait a little while for information to propagate throughout the Google Cloud Platform.

To use GCE with Abiquo, you will need credentials to access your GCE account.

These credentials are as follows:

  • Access key ID: Developer email address (for example, for the Service account of your Project)
  • Secret access key: Private key (in pem format) derived from the P12 key of the Service account

 

Only use ONE set of GCE keys for each enterprise in each datacenter

GCE will allow you to generate more than one set of active keys for each Google user. However, in Abiquo, you can only add one set per enterprise. If you try to add another set, for example, using the API, you will get an error message.

Generate credentials in Google

To obtain credentials go to the Google Developers console for Google Cloud Platform.

Create a project and enable billing.

Under API manager > Dashboard, check that GCE is enabled.

Then you will need a service account with a P12 key. 

 One way to obtain this is to do the following steps:

  1. Go to API Manager > Credentials > Service accounts > Create credentials. 
  2. Select Service account key. Either use the default Compute service account or create a new one
    • If creating a new one, enter the name and give the service account an appropriate Roles, for example, all Google Compute Engine roles
  3. Select P12 key and save the key for the service account to a secure location. 
    1. Note the keystore's password, for example, "notasecret" and click Okay.

Obtain Access key ID 

The Developer email address is the EMAIL ADDRESS that is the Service Account ID, which will have a format something like:

project_id@developer.gserviceaccount.com 
project_id-extended_uid@developer.gserviceaccount.com

For example:

123269589999-bs5i5bktqsln799rngl3klsfd775qrm4@developer.gserviceaccount.com

Enter this email address as the Access key ID in Abiquo.

Generate Secret access key

On your local filesystem, locate the file you saved earlier, which is a keystore p12 file.

Convert it into pem format. When it asks for the password, give the one you noted in the earlier step.

openssl pkcs12 -in <my_keystore>.p12 -out <my_keystore>.pem -nodes

For example:

$ openssl pkcs12 -in API\ Project-973f15669399.p12 -out API\ Project-973f15669399.pem -node
Enter Import Password:
MAC verified OK

Extract the private key and remove the passphrase

openssl rsa -in <my_keystore>.pem -out <my_key>.pem

For example:

openssl rsa -in API\ Project-973f15669399.pem -out APIPROJ973.pem
writing RSA key

The pem file my_key contains the Private key to enter in Abiquo as the Secret access key. Open the file using a suitable program and cut and paste the private key text.

-----BEGIN RSA PRIVATE KEY-----
ASDFJASDKLJSADFÑLKSJADF+/PZYLPK4UQo3iL+JJ/z4n/XDLHwXZjorMN2PZKuY
sAU8XRhBu9wH5KZhKPYmSqetl6S4by8htPgiCasdfjklassdfkljasdflkLjasjL
L4Bx9ft2zPCFZVSkXE8K1iVQGorsiDv1n6gSGGtp9/Ouq2iHTs1jr1saRwIDAQAB
9999999999999999999/A7vfsbbqPkg9+UJj4HKUdzji4flFg0inUbpZUDxv3ZwG
y+ogKbuKd7sQSyp6pXcZcGq9nNbbq1MRv6EHDZsta6lHo0/WzAIKBvcFuwuP9zI1
rae36JkyIh2GMKjC00z7QPUMIg0qgYlHtCrSAPywhvtvDoECQQD1ANDjCDnA0wLG
qt4UtB249t9cH4ByS1MrKz9duduK4eR5EZYsuPjHnqlJCRw47a41a+hs+YcjLEdw
pvlVLdDvAkEA4KooJ3CasdlNfkiouiojskldjgskladfjsklafjaslkdfjsklasd
hd7Pfrls4nSbJeyDg/qNmFLGHPWdlX2cKQJAPfbB3dmTubfkaNiIKFZRehk97m+t
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//bVptIJIpUtUEl6n9dhkwJBAJyG
cItp/lY63vVCx2ej7CKioisKOHWOyLvwySmD+ByUS/478Cjqvk+OuMn1rmLoEuAN
NGPTQKuLn/O1PCFW7mECQHRQvdtnp6ENvkEkcPcDxp3pM1ZY+0ScPaww5YLw+4QM
0cMEfeSXxjBE3hb4kTkSYV8WBS+/quNfBBbhXdytUnw=
-----END RSA PRIVATE KEY-----

 

Reference: https://github.com/jclouds/jclouds/blob/master/providers/google-compute-engine/README.md

  • No labels