Jay Phan
04/13/2023, 2:55 PMkubectl -n flyte port-forward service/flyteadmin 8080:81
Forwarding from 127.0.0.1:8080 -> 8089
Forwarding from [::1]:8080 -> 8089
Handling connection for 8080
Handling connection for 8080
Handling connection for 8080
Handling connection for 8080
Handling connection for 8080
Handling connection for 8080
Then I try to create a new project using flytecltl create project but got this error:
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [storage] updated. No update handler registered.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [root] updated. No update handler registered.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"viper.go:400"},"level":"debug","msg":"Config section [admin] updated. Firing updated event.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"client.go:63"},"level":"info","msg":"Initialized Admin client","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"auth_interceptor.go:67"},"level":"debug","msg":"Request failed due to [rpc error: code = Unauthenticated desc = token parse error [JWT_VERIFICATION_FAILED] Could not retrieve id token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with IDToken]. If it's an unauthenticated error, we will attempt to establish an authenticated context.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"auth_interceptor.go:72"},"level":"debug","msg":"Request failed due to [Unauthenticated]. Attempting to establish an authenticated connection and trying again.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"token_source_provider.go:148"},"level":"warning","msg":"Failed fetching from cache. Will restart the flow. Error: no token found in the cache","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"auth_flow_orchestrator.go:77"},"level":"info","msg":"Opening the browser at <https://localhost:30081/oauth2/authorize?client_id=flytectl>\u0026redirect_uri=http%3A%2F%2Flocalhost%3A53593%2Fcallback\u0026response_type=code\u0026scope=offline+all\u0026code_challenge=0LjChZP0Ue1pBqIO70DXdLu4yDBLALSifR5TVQhlp3s\u0026code_challenge_method=S256\u0026nonce=OXpndnp0ZDloY3ZneGY3MnB6azVtenpuZmZrbjVtZnY\u0026state=anBydGNiZjV3aHdxeGt2ZmZrbWh0cTU3cmdycHJzZGo","ts":"2023-04-13T11:06:33-04:00"}
Any idea what specific auth error this is and how to fix it?David Espejo (he/him)
04/13/2023, 5:30 PMJay Phan
04/13/2023, 5:39 PMkubectl -n flyte port-forward service/flyteadmin 8080:8088 8089:8089
error: Service flyteadmin does not have a service port 8088
~ % kubectl describe service flyteadmin -n flyte
Name: flyteadmin
Namespace: flyte
Labels: <http://app.kubernetes.io/instance=service-flyte-helmchart|app.kubernetes.io/instance=service-flyte-helmchart>
<http://app.kubernetes.io/managed-by=Helm|app.kubernetes.io/managed-by=Helm>
<http://app.kubernetes.io/name=flyteadmin|app.kubernetes.io/name=flyteadmin>
<http://helm.sh/chart=flyte-core-v0.1.10|helm.sh/chart=flyte-core-v0.1.10>
Annotations: <http://meta.helm.sh/release-name|meta.helm.sh/release-name>: service-flyte-helmchart
<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: flyte
<http://projectcontour.io/upstream-protocol.h2c|projectcontour.io/upstream-protocol.h2c>: grpc
Selector: <http://app.kubernetes.io/instance=service-flyte-helmchart,app.kubernetes.io/name=flyteadmin|app.kubernetes.io/instance=service-flyte-helmchart,app.kubernetes.io/name=flyteadmin>
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 172.20.184.239
IPs: 172.20.184.239
Port: http 80/TCP
TargetPort: 8088/TCP
Endpoints: 10.0.132.170:8088,10.0.151.209:8088
Port: grpc 81/TCP
TargetPort: 8089/TCP
Endpoints: 10.0.132.170:8089,10.0.151.209:8089
Port: redoc 87/TCP
TargetPort: 8087/TCP
Endpoints: 10.0.132.170:8087,10.0.151.209:8087
Port: http-metrics 10254/TCP
TargetPort: 10254/TCP
Endpoints: 10.0.132.170:10254,10.0.151.209:10254
Session Affinity: None
Events: <none>
kubectl -n flyte port-forward service/flyteadmin 8080:80 8081:81
Forwarding from 127.0.0.1:8080 -> 8088
Forwarding from [::1]:8080 -> 8088
But I still get the errror:
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [storage] updated. No update handler registered.","ts":"2023-04-13T13:45:36-04:00"}
{"json":{"src":"client.go:63"},"level":"info","msg":"Initialized Admin client","ts":"2023-04-13T13:45:36-04:00"}
{"json":{"src":"auth_interceptor.go:67"},"level":"debug","msg":"Request failed due to [rpc error: code = Unavailable desc = connection closed before server preface received]. If it's an unauthenticated error, we will attempt to establish an authenticated context.","ts":"2023-04-13T13:45:36-04:00"}
Error: Connection Info: [Endpoint: dns:///127.0.0.1:8080, InsecureConnection?: true, AuthMode: Pkce]: rpc error: code = Unavailable desc = connection closed before server preface received
{"json":{"src":"main.go:13"},"level":"error","msg":"Connection Info: [Endpoint: dns:///127.0.0.1:8080, InsecureConnection?: true, AuthMode: Pkce]: rpc error: code = Unavailable desc = connection closed before server preface received","ts":"2023-04-13T13:45:36-04:00"}
David Espejo (he/him)
04/13/2023, 5:54 PMport-forward
structure is containerPort:localPort
As you can also see, the Endpoints are exposing 8088 and 8089 port, so you should be able to do
kubectl -n flyte port-forward service/flyte-binary 8088:8088 8089:8089