Re: project wide custom meta-data

[Kamran (Google Cloud Support)]

Hello Roya,

I'm quoting this from Google Cloud article on Storing and Retrieving Instance Metadata:

Every instance stores its metadata on a metadata server. You can query this metadata server programmatically, from within the instance and from the Compute Engine API, for information about the instance, such as the instance's host name, instance ID, startup and shutdown scripts, custom metadata, and service account information. Your instance automatically has access to the metadata server API without any additional authorization.

The metadata server is particularly useful when used in combination with startup and shutdown scripts because you can use the metadata server to programmatically get unique information about an instance, without additional authorization. For example, you can write a startup script that gets the metadata key/value pair for an instance's external IP and use that IP in your script to set up a database. Since the default metadata keys are the same on every instance, you can reuse your script without having to update it for each instance. This helps you create less brittle code for your applications.

Metadata is stored in the format key:value. There is a default set of metadata entries that every instance has access to. You can also set custom metadata.

Regarding your question about project-wide metadata:

Setting project-wide metadata apply the metadata to all instances in the project. For example, if you define a project-wide metadata pair of baz=bat, that metadata pair is automatically applied to all instances in the project.

With that said, if access to all of your VM instances is affected, I would suggest reviewing your GCE SSH firewall rules to make sure that the correct remote external IP address is listed and allowed. Usually, the error messages thrown by SSH clients, such as SSHv or Cyberduck, will provide some pointers to the root cause of the issue. Some common examples of these errors are: timeout error, incorrect username/password or private/public keys errors.

If you can provide more information about the errors that you are receiving from your SSH clients, I will be in a better position to advise you. 

Sincerely,

Kamran

On Wednesday, July 20, 2016 at 5:11:58 PM UTC-4, Roya Salei wrote:

Hi,

Can anyone explain what is project wide meta-data? and what can you do with it? What happens if I delete it? Sorry if my questions are elementary! I am not a developer but very eager to learn.
I have hired a company to develop app and launch on my google cloud but now I can’t access the server. They said the app is set up directly on root. I can’t ssh by any means. I used to connect with SSHv and Cyberduck on mac. the only change I see on the console is the addition of a custom meta-data.

Thanks,

[Kamran (Google Cloud Support)]

Hi Roya,

Since the error message shows that the issue is related to the SSH key, I would suggest generating and adding a new SSH key to your project or to the server (specific instance). If you are unfamiliar with the procedure, I recommend following the steps described in this article. After you get the new key working, it would be wise to remove all other unused SSH keys to strengthen the security of your project.

I hope this helps.

Sincerely,

On Wednesday, July 20, 2016 at 10:36:02 PM UTC-4, Roya Salei wrote:

Hi Kamran,
Thanks for the help. I checked the firewall. the external ip address is correct and leads to the site. there are 7 firewall rules:
 default-allow-http    
default-allow-https
default-allow-icmp
default-allow-internal
default-allow-rdp    
default-allow-ssh    
python    
and when I tried to connect with server using SSHv I got a long message which at the end it says:
Server refused our key
Disconnected: No supported authentication methods available (Server sent: publickey)
I used the key that the developer company gave me because none of my own keys work.
Thanks again
Roya