Simple.py description: Error received from peer grpc_message:unauthorized ip address

Issues Dgraph
, ,
1

I wanted to have a quick look at DGraph. I started with the simple.py example at pydgraph/examples/simple at master · dgraph-io/pydgraph · GitHub

Created virtualenv with python 3.8 on MS-Windows 10.
pip installed the requirements.txt
Created the compose.yml file and ran docker-compose up

Then ran simple.py and got the following error.

(base) PS C:\Users\rnwol\Downloads\dgraph-windows-amd64>  & 'c:\Users\rnwol\Downloads\dgraph-windows-amd64\.venv\Scripts\python.exe' 'c:\Users\rnwol\.vscode\extensions\ms-python.python-2020.8.103604\pythonFiles\lib\python\debugpy\launcher' '54528' '--' 'c:\Users\rnwol\Downloads\dgraph-windows-amd64\simple.py' 
Error: <_InactiveRpcError of RPC that terminated with:
        status = StatusCode.UNKNOWN
        details = "unauthorized ip address: 172.18.0.1"
        debug_error_string = "{"created":"@1598363513.454000000","description":"Error received from peer ipv6:[::1]:9080","file":"src/core/lib/surface/call.cc","file_line":1062,"grpc_message":"unauthorized ip address: 172.18.0.1","grpc_status":2}"
>

When I run dgraph-ratel.exe I get a UI and it is connected to a server at localhost:8080 as I see a green tick.
Maybe there is some security-related issue that needs to be addressed in order to getsimple.py to work?

I have pydgraph==20.3.1 installed.

When I open the Ratel-UI I see

Access Control
Error fetching ACL data: "{\"message\":\"resolving queryUser failed because unauthorized ip address: 172.18.0.1\",\"locations\":[{\"line\":3,\"column\":17}]}"

Problem solved

https://dgraph.io/docs/master/deploy/dgraph-administration/#whitelisting-admin-operations

I updated my docker-compuse.yml file and added a whitelist argument

    command: dgraph alpha --whitelist 172.18.0.1 --my=server:7080 --lru_mb=2048 --zero=zero:5080

172.18.0.1 is the IP address docker has given the server. This might be different on your computer.

It will most probably be good to make a note of this in README.md

2

I see that there is a suggestion here to use a shell script to create a network for the docker containers and then pass that info to docker-compose to allow admin access.

This should be referenced in the github readme.md file.

3

Thank you for bringing this up. I have converted it to a documentation ticket.

4

I’m not sure this suggested docker-compose.yml file is ideal, because it relies on an environment variable. Perhaps a .env file could be used to avoid the warnings when the compose file is read, but I would not be comfortable having this solution in the readme, as it can confuse a user who doesn’t know how to use docker compose.

5

I am currently using MS-Windows as my primary dev environment, after using Ubuntu for many years, so it might also be good to get an approach that works in the Powershell world as well.

6

PR: docs: Add information about whitelist IPs by rahulgurnani · Pull Request #154 · dgraph-io/pydgraph · GitHub