Monday, 9 April 2018

IBM Cloud Private - Authentication using IBM Cloud CLI - Changed

As ever, continuing to tinker with IBM Cloud Private (ICP), this time the most recent build ( 2.1.02 ), but using notes from my first build with an older version, back in October.

Having downloaded and installed the IBM Cloud CLI ( formerly known as the IBM Bluemix CLI ), I attempted to log into ICP, using one of two approaches: -

bx pr login -a https://icpboot.uk.ibm.com:8443 --skip-ssl-validation -c id-icp-account

-OR-

bx pr login -a https://icpboot.uk.ibm.com:8443 --skip-ssl-validation -c id-icp-account -u admin -p admin

Alas both methods failed: -

bx pr login -a https://icpboot.uk.ibm.com:8443 --skip-ssl-validation -c id-icp-account

API endpoint: https://icpboot.uk.ibm.com:8443

Username> admin

Password> 
Authenticating...
OK

FAILED
Account ID or name does not match to the existing accounts.


bx pr login -a https://icpboot.uk.ibm.com:8443 --skip-ssl-validation -c id-icp-account -u admin -p admin

API endpoint: https://icpboot.uk.ibm.com:8443
Authenticating...
OK

FAILED
Account ID or name does not match to the existing accounts.

I looked at the help text for the bx pr login command: -

bx pr login -?

Incorrect Usage: flag provided but not defined: -?

NAME:
    login - Log user in.

    USAGE:
       bx pr login [-a CLUSTER_URL] [-u USERNAME] [-p PASSWORD] 

      WARNING:   Providing your password as a command line option is not recommended.
                 Your password might be visible to others and might be recorded in your shell history.

      EXAMPLE:
        bx pr login
            To interactively provide your user name and password, omit the user name and password options.
        bx pr login -u name@example.com -p pa55woRD
            Specify your username and password as arguments.
        bx pr login -u name@example.com -p "my password"
            Use quotation marks (") around passwords that have spaces.
        bx pr login -u name@example.com -p "\"password"\"
            If your password contains quotation mark characters ("), use backslash characters (\) to escape them.

    
    PARAMETERS:
       -a value               The URL that you use to access the management console, such as https://<ip_address>:8443.
       -u value               Username
       -p value               Password
       -c value               Account ID or name
       --skip-ssl-validation  Bypass SSL validation of HTTP requests. This option is not recommended.

specifically focusing upon the -c parameter.

In my notes, I had this set to id-icp-account and I wondered whether that was part of the problem.

Taking a punt, I tried this: -

bx pr login -a https://icpboot.uk.ibm.com:8443 --skip-ssl-validation -u admin -p admin

( i.e. NOT specifying the account name )

which prompted me thusly: -

API endpoint: https://icpboot.uk.ibm.com:8443
Authenticating...
OK

Select an account:
1. mycluster Account (id-mycluster-account)
Enter a number> 1
Targeted account: mycluster Account (id-mycluster-account)


In other words, for this installation, the account name has changed from id-icp-account to id-mycluster-account.

To prove this, I logged out: -

bx pr logout

Logging out…
OK


and then tried the all-in-one command: -

bx pr login -a https://icpboot.uk.ibm.com:8443 --skip-ssl-validation -c id-mycluster-account -u admin -p admin

API endpoint: https://icpboot.uk.ibm.com:8443
Authenticating...
OK

Targeted account: mycluster Account (id-mycluster-account)


bx pr clusters

OK
Name        ID                                 State      Created                    Masters   Workers   Datacenter   
mycluster   00000000000000000000000000000001   deployed   2018-04-09T12:57:13+0000   1         2         default   


Can you say "YAY!" ?? I bet you can ….


No comments: