https://flyte.org logo
Join Slack
Powered by
Hi, I’m Erik Dao, machine learning engineer, curre...
# introductions
w
Hi, I’m Erik Dao, machine learning engineer, currently based in Stockholm, Sweden 🇸🇪 I’ve got to use Flyte at my work. And I’ve been struggling to setup the latest Flyte version on GCP GKE without authentication 🫡
f
😞
Firstly welcome to the community. So you have been using Flyte?
c
What are the problems you are having with GCP/GKE?
We run Flyte on GKE as well, if you paste error messages I’m happy to take a look at them.
gratitude thank you 4
w
Hi @freezing-airport-6809 and @cool-lifeguard-49380 First off, thank you very much for your willingness to help. Really appreciate it. Basically, I’ve deployed the 
flyte-binary
Helm chart to my GKE cluster, with
Copy code
auth:
  enabled: false
  selfAuthServer: false

ingress:
  create: true
  ingressClassName: nginx
  host: flyte-console.mycompany.domain
There is no TLS setup in the ingress, the domain is setup with TLS via the domain manager. Then, I’ve been trying to execute workflows in a Jupyter notebook. The JupyterHub is deployed in the same cluster with Flyte.
Copy code
remote = FlyteRemote(
    config=Config(
        platform=PlatformConfig(
            endpoint="flyte-console.mycompany.domain",
            insecure=True,
            insecure_skip_verify=True,
            auth_mode="Pkce",
        )
    ),
    default_project="flytesnacks",
    default_domain="development",
    data_upload_location="<s3a://flyte-storage/>"
)

# The workflow is from Flyte's tutorial
execution = remote.execute_local_workflow(training_workflow, inputs={"C": 0.1})
And I’ve faced with this error
Copy code
InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
        status = StatusCode.UNAVAILABLE
        details = "failed to connect to all addresses; last error: INTERNAL: ipv4:<some_ip_address>:443: Trying to 
connect an http1.x server"
        debug_error_string = "UNKNOWN:failed to connect to all addresses; last error: INTERNAL: 
ipv4:<some_ip_address>:443: Trying to connect an http1.x server {created_time:"2023-05-25T05:23:30.814940018+00:00", 
grpc_status:14}"
I can access the Flyte console at https://flyte-console.mycompany.domain so I’m assuming that my Flyte deployment is working to some extent.
c
Just to be sure:
Copy code
auth:
  enabled: false
Does this mean your flyte deployment is publicly in the internet without auth? That would be dangerous potentially!
Copy code
remote = FlyteRemote(
    config=Config(
        platform=PlatformConfig(
            endpoint="flyte-console.mycompany.domain",
            insecure=True,
            insecure_skip_verify=True,
            auth_mode="Pkce",
        )
    ),
auth_mode="Pkce"
I think would only work in case you enabled auth in your flyte deployment. Since the jupyter hub is running in the same cluster, you might just use the flyte admin k8s service as the endpoint to make the communication purely internal to the cluster?
w
@cool-lifeguard-49380 Yes, my Flyte deployment is “public”, but it isn’t available to the public internet as it’s within the company VPN. So only several employees in the company have the access. It’s a fine setup for our scope at the moment.
👍 1
And yes. I’m trying to use the k8s service endpoint. I’ll update if it works.
c
Ok sounds good, just wanted to make sure 🙂
w
@cool-lifeguard-49380 Thank you very much for your suggestion. It's working now. I have some other problems with my workflow failed, but at least no security errors anymore 😄
c
Happy to hear 🙂
Any other issues with the GCP/GKE configuration or is it in python user code now?
w
I don't think there is any errors related to configuration now. I've got 
ValueError: Empty module name
when I execute a workflow via FlyteRemote on the jupyter notebook. But I get it's something different. I'll ask proper question in the #CP2HDHKE1 channel. Thank you very much for your help.
👍 1
🙂 1
6 Views
Open in Slack
PreviousNext
Powered by