Troubleshooting PCF on GCP
Page last updated:
This topic describes how to troubleshoot known issues when deploying Pivotal Cloud Foundry (PCF) on Google Cloud Platform (GCP).
Users may be unable to connect to applications running on PCF using SSO.
SSO does not support multi-subnets.
Ensure that you have configured only one subnet. See the Preparing the GCP Environment for Deployment topic for information.
Uploading the Elastic Runtime (ERT) tile causes the Ops Manager Rails application to crash.
In compressed format, the ERT tile is 5 GB in size. However, when uncompressed during installation, the ERT tile requires additional disk space that can exhaust the space allocated to the boot disk.
Ensure that the boot disk is allocated at least 50 GB of space. See Step 3: Create the Ops Manager VM Instance for more information.
Deploying Diego for Windows as described in fails with a
PSSecurity Unauthorized Access error.
.\setup.ps1 : File C:\Users\username\Downloads\DiegoWindows\setup.ps1 cannot be loaded. The file C:\Users\username\Downloads\DiegoWindows\setup.ps1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + .\setup.ps1 + ~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) , PSSecurityException + FullyQualifiedErrorId : UnauthorizedAccess
On GCP, deploying Diego for Windows requires elevated PowerShell privileges.
As a workaround, execute the following cmdlet before running the
For more information about this cmdlet, see Using the Set-ExecutionPolicy Cmdlet.
During installation of the Elastic Runtime tile, the replication-canary job fails to start. The error reported in the installation log resembles the following:
Started updating job mysql_monitor > mysql_monitor/0 (48e7ec82-3cdf-41af-9d0f-90d1f12683c8) (canary). Failed: 'mysql_monitor/0 (48e7ec82-3cdf-41af-9d0f-90d1f12683c8)' is not running after update. Review logs for failed jobs: replication-canary (00:05:13) Error 400007: 'mysql_monitor/0 (48e7ec82-3cdf-41af-9d0f-90d1f12683c8)' is not running after update. Review logs for failed jobs: replication-canary
This error can appear as a result of incorrect configuration of network traffic and missed communication between the Gorouter and a load balancer.
- Make sure you have selected the Forward SSL to Elastic Runtime Router option in your Elastic Runtime Network Configuration.
- Verify that you have configured the firewall rules properly and that TCP ports
8080are accessible on your GCP load balancers. See Create Firewall Rules for the Network.
- Verify that you have configured the proper SSL certificates on your HTTP(S) load balancer in GCP.
- If necessary, re-upload a new certificate and update any required SSL Certificate and SSH Key fields in your Elastic Runtime network configuration.
Upgrade issues can be caused when the external database user used for the network policy DB is given insufficient permissions. To avoid this upgrade issue, ensure that the networkpolicyserver database user has the
ALL PRIVILEGES permission.