Hey Folks, I was able to connect to a kubenete clu...
# ask-the-community
j
Hey Folks, I was able to connect to a kubenete cluster with flyte deployed Forward the port to 80
Copy code
kubectl -n flyte port-forward service/flyteadmin 8080:81
Forwarding from 127.0.0.1:8080 -> 8089
Forwarding from [::1]:8080 -> 8089
Handling connection for 8080
Handling connection for 8080
Handling connection for 8080
Handling connection for 8080
Handling connection for 8080
Handling connection for 8080
Then I try to create a new project using flytecltl create project but got this error:
Copy code
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [storage] updated. No update handler registered.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [root] updated. No update handler registered.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"viper.go:400"},"level":"debug","msg":"Config section [admin] updated. Firing updated event.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"client.go:63"},"level":"info","msg":"Initialized Admin client","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"auth_interceptor.go:67"},"level":"debug","msg":"Request failed due to [rpc error: code = Unauthenticated desc = token parse error [JWT_VERIFICATION_FAILED] Could not retrieve id token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with IDToken]. If it's an unauthenticated error, we will attempt to establish an authenticated context.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"auth_interceptor.go:72"},"level":"debug","msg":"Request failed due to [Unauthenticated]. Attempting to establish an authenticated connection and trying again.","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"token_source_provider.go:148"},"level":"warning","msg":"Failed fetching from cache. Will restart the flow. Error: no token found in the cache","ts":"2023-04-13T11:06:33-04:00"}
{"json":{"src":"auth_flow_orchestrator.go:77"},"level":"info","msg":"Opening the browser at <https://localhost:30081/oauth2/authorize?client_id=flytectl>\u0026redirect_uri=http%3A%2F%2Flocalhost%3A53593%2Fcallback\u0026response_type=code\u0026scope=offline+all\u0026code_challenge=0LjChZP0Ue1pBqIO70DXdLu4yDBLALSifR5TVQhlp3s\u0026code_challenge_method=S256\u0026nonce=OXpndnp0ZDloY3ZneGY3MnB6azVtenpuZmZrbjVtZnY\u0026state=anBydGNiZjV3aHdxeGt2ZmZrbWh0cTU3cmdycHJzZGo","ts":"2023-04-13T11:06:33-04:00"}
Any idea what specific auth error this is and how to fix it?
d
Hi Jay, I think per the docs you need to port forward both 8088 (http) and 8089 (gRPC)
j
I can't seem to port it to 88 and 89
Copy code
kubectl -n flyte port-forward service/flyteadmin 8080:8088 8089:8089

error: Service flyteadmin does not have a service port 8088

 ~ % kubectl describe service flyteadmin -n flyte                        

Name:              flyteadmin
Namespace:         flyte
Labels:            <http://app.kubernetes.io/instance=service-flyte-helmchart|app.kubernetes.io/instance=service-flyte-helmchart>
                   <http://app.kubernetes.io/managed-by=Helm|app.kubernetes.io/managed-by=Helm>
                   <http://app.kubernetes.io/name=flyteadmin|app.kubernetes.io/name=flyteadmin>
                   <http://helm.sh/chart=flyte-core-v0.1.10|helm.sh/chart=flyte-core-v0.1.10>
Annotations:       <http://meta.helm.sh/release-name|meta.helm.sh/release-name>: service-flyte-helmchart
                   <http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: flyte
                   <http://projectcontour.io/upstream-protocol.h2c|projectcontour.io/upstream-protocol.h2c>: grpc
Selector:          <http://app.kubernetes.io/instance=service-flyte-helmchart,app.kubernetes.io/name=flyteadmin|app.kubernetes.io/instance=service-flyte-helmchart,app.kubernetes.io/name=flyteadmin>
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                172.20.184.239
IPs:               172.20.184.239
Port:              http  80/TCP
TargetPort:        8088/TCP
Endpoints:         10.0.132.170:8088,10.0.151.209:8088
Port:              grpc  81/TCP
TargetPort:        8089/TCP
Endpoints:         10.0.132.170:8089,10.0.151.209:8089
Port:              redoc  87/TCP
TargetPort:        8087/TCP
Endpoints:         10.0.132.170:8087,10.0.151.209:8087
Port:              http-metrics  10254/TCP
TargetPort:        10254/TCP
Endpoints:         10.0.132.170:10254,10.0.151.209:10254
Session Affinity:  None
Events:            <none>
I fowared it to 80 and 81
Copy code
kubectl -n flyte port-forward service/flyteadmin 8080:80 8081:81

Forwarding from 127.0.0.1:8080 -> 8088
Forwarding from [::1]:8080 -> 8088
But I still get the errror:
Copy code
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [storage] updated. No update handler registered.","ts":"2023-04-13T13:45:36-04:00"}
{"json":{"src":"client.go:63"},"level":"info","msg":"Initialized Admin client","ts":"2023-04-13T13:45:36-04:00"}
{"json":{"src":"auth_interceptor.go:67"},"level":"debug","msg":"Request failed due to [rpc error: code = Unavailable desc = connection closed before server preface received]. If it's an unauthenticated error, we will attempt to establish an authenticated context.","ts":"2023-04-13T13:45:36-04:00"}
Error: Connection Info: [Endpoint: dns:///127.0.0.1:8080, InsecureConnection?: true, AuthMode: Pkce]: rpc error: code = Unavailable desc = connection closed before server preface received
{"json":{"src":"main.go:13"},"level":"error","msg":"Connection Info: [Endpoint: dns:///127.0.0.1:8080, InsecureConnection?: true, AuthMode: Pkce]: rpc error: code = Unavailable desc = connection closed before server preface received","ts":"2023-04-13T13:45:36-04:00"}
d
in general, the
port-forward
structure is
containerPort:localPort
As you can also see, the Endpoints are exposing 8088 and 8089 port, so you should be able to do
kubectl -n flyte port-forward service/flyte-binary 8088:8088 8089:8089
101 Views