我正在使用Java的Google客户端API,并集成了示例代码以在Google云中启动新实例。在这里,我只是检查了获得解决方案的所有可能性,但没有成功
System.out.println("================== Starting New Instance ==================");
// Create VM Instance object with the required properties.
Instance instance = new Instance();
instance.setName(instanceName);
instance.setMachineType(
"https://www.googleapis.com/compute/beta/projects/"
+ PROJECT_ID + "/zones/" + ZONE_NAME + "/machineTypes/n1-standard-1");
// Add Network Interface to be used by VM Instance.
NetworkInterface ifc = new NetworkInterface();
ifc.setNetwork("https://www.googleapis.com/compute/beta/projects/" + PROJECT_ID + "/global/networks/default");
List<AccessConfig> configs = new ArrayList<>();
AccessConfig config = new AccessConfig();
config.setType(NETWORK_INTERFACE_CONFIG);
config.setName(NETWORK_ACCESS_CONFIG);
configs.add(config);
ifc.setAccessConfigs(configs);
instance.setNetworkInterfaces(Collections.singletonList(ifc));
CustomerEncryptionKey key= new CustomerEncryptionKey();
key.set("rsaEncryptedKey", "myencryptedKey");
// Add attached Persistent Disk to be used by VM Instance.
AttachedDisk disk = new AttachedDisk();
disk.setBoot(true);
disk.setAutoDelete(true);
disk.setType("PERSISTENT");
disk.setDiskEncryptionKey(key);
AttachedDiskInitializeParams params = new AttachedDiskInitializeParams();
// Assign the Persistent Disk the same name as the VM Instance.
params.setDiskName(instanceName);
// Specify the source operating system machine image to be used by the VM Instance.
params.setSourceImage(SOURCE_IMAGE_PREFIX + SOURCE_IMAGE_PATH);
params.setSourceImageEncryptionKey(key);
// Specify the disk type as Standard Persistent Disk
params.setDiskType("https://www.googleapis.com/compute/beta/projects/" + PROJECT_ID + "/zones/"
+ ZONE_NAME + "/diskTypes/pd-standard");
disk.setInitializeParams(params);
instance.setDisks(Collections.singletonList(disk));
// Initialize the service account to be used by the VM Instance and set the API access scopes.
ServiceAccount account = new ServiceAccount();
account.setEmail("default");
List<String> scopes = new ArrayList<>();
scopes.add("https://www.googleapis.com/auth/devstorage.full_control");
scopes.add("https://www.googleapis.com/auth/compute");
scopes.add("https://www.googleapis.com/auth/servicecontrol");
scopes.add("https://www.googleapis.com/auth/service.management.readonly");
scopes.add("https://www.googleapis.com/auth/trace.append");
scopes.add("https://www.googleapis.com/auth/logging.write");
account.setScopes(scopes);
instance.setServiceAccounts(Collections.singletonList(account));
// Optional - Add a startup script to be used by the VM Instance.
Metadata meta = new Metadata();
Metadata.Items item = new Metadata.Items();
item.setKey("startup-script-url");
// If you put a script called "vm-startup.sh" in this Google Cloud Storage
// bucket, it will execute on VM startup. This assumes you've created a
// bucket named the same as your PROJECT_ID.
// For info on creating buckets see: https://cloud.google.com/storage/docs/cloud-console#_creatingbuckets
item.setValue("gs://" + PROJECT_ID + "/vm-startup.sh");
meta.setItems(Collections.singletonList(item));
instance.setMetadata(meta);
System.out.println(instance.toPrettyString());
Compute.Instances.Insert insert = compute.instances().insert(PROJECT_ID, ZONE_NAME, instance);
final HttpHeaders httpHeaders = new HttpHeaders();
//httpHeaders.set("x-goog-encryption-algorithm", "AES256");
//httpHeaders.set("x-goog-encryption-key", key);
// httpHeaders.set("x-goog-copy-source-encryption-algorithm", "AES256");
httpHeaders.set("x-goog-copy-source-encryption-key", key);
insert.setRequestHeaders(httpHeaders);
return insert.execute();
但是它抛出一个错误,我没有提供客户提供的密钥。
400 Bad Request
{
"code" : 400,
"errors" : [ {
"domain" : "global",
"message" : "'projects/#####/global/images/image-byok' is protected with a customer supplied encryption key, but none was provided.",
"reason" : "resourceIsEncryptedWithCustomerEncryptionKey"
} ],
"message" : "'projects/######/global/images/image-byok' is protected with a customer supplied encryption key, but none was provided."
}
com.google.api.client.googleapis.json.GoogleJsonResponseException: 400 Bad Request
{
"code" : 400,
"errors" : [ {
"domain" : "global",
"message" : "'projects/######/global/images/image-byok' is protected with a customer supplied encryption key, but none was provided.",
"reason" : "resourceIsEncryptedWithCustomerEncryptionKey"
} ],
"message" : "'projects/######/global/images/image-byok' is protected with a customer supplied encryption key, but none was provided."
}
at com.google.api.client.googleapis.json.GoogleJsonResponseException.from(GoogleJsonResponseException.java:150)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:113)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:40)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest$1.interceptResponse(AbstractGoogleClientRequest.java:321)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1067)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:419)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:352)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:469)
at com.gem.byokGc.ComputeEngineSample.startInstance(ComputeEngineSample.java:294)
at com.gem.byokGc.ComputeEngineSample.main(ComputeEngineSample.java:162)
有人可以帮我吗,因为我能够通过json执行相同的方案。