Hi there,
We're trying to put together a clustere...
# flyte-supporth
high-gold-37421
08/01/2023, 12:32 PMHi there,
We're trying to put together a clustered environment on a baremetal microk8s cluster. We've provisioned our postgresql server and our minio server and we're trying to work with the flyte-binary helm chart. We've configured the necessary
configuration.databaseconfiguration.storage.providerConfig Copy code
configuration.database.host = "postgres-svc"
configuration.database.username = "postgres"
configuration.database.password = "<passwd>"
configuration.storage.metadataContainer = "bucket1"
configuration.storage.userDataContainer = "bucket1"
configuration.storage.providerConfig.s3.endpoint = "minio-svc"
configuration.storage.providerConfig.s3.authType = "acceskey"
configuration.storage.providerConfig.s3.accessKey = "flyteuser"
configuration.storage.providerConfig.s3.secretKey = "<flyteuserpasswd>"
configuration.storage.providerConfig.s3.disableSSL = true Copy code
│ │ _execute_task │ ││ │ │ │
│ │ ❱ 362 │ │ _handle_annotated_task(ctx, _task_def, inputs, output_prefix) │ │
│ │ │ │
│ │ /opt/venv/lib/python3.8/site-packages/flytekit/bin/entrypoint.py:304 in │ │
│ │ _handle_annotated_task │ ││ │ │ │
│ │ ❱ 304 │ _dispatch_execute(ctx, task_def, inputs, output_prefix) │ │
│ │ │ │
│ │ /opt/venv/lib/python3.8/site-packages/flytekit/bin/entrypoint.py:160 in │ │
│ │ _dispatch_execute │ │
│ │ │ │
│ │ ❱ 160 │ ctx.file_access.put_data(ctx.execution_state.engine_dir, output_pr │ │
│ │ │ │
│ │ /opt/venv/lib/python3.8/site-packages/flytekit/core/data_persistence.py:320 │ │
│ │ in put_data │ │
│ │ │ │
│ │ ❱ 320 │ │ │ raise FlyteAssertion( │ │
│ ╰──────────────────────────────────────────────────────────────────────────────╯ │
│ FlyteAssertion: Failed to put data from │
│ /tmp/flyte-erp4nnjc/sandbox/local_flytekit/engine_dir to │
│ <s3://flyte/metadata/propeller/flytesnacks-development-fa6db7ab7ed90473588b/n0/da> │
│ ta/0 (recursive=True). │
│ │
│ Original exception: Unable to locate credentialsf
freezing-boots-56761
08/01/2023, 3:01 PM
We would need to set default environment variables for the tasks pointing to the internal minio cluster. You can see how we do this for sandbox for instance. If you need more control over the task pod, take a look at https://docs.flyte.org/en/latest/deployment/configuration/general.html#id1. Also check out #C05EZCLUCAF
h
high-gold-37421
08/01/2023, 3:32 PMThanks for your response. Actually the inline configuration allows for setting this although the environment variables forwarded to the task pod is all lower case thus it fails to authenticate to minio. Probably it’s gonna be the podtemplate approach we go for.
f
freezing-boots-56761
08/01/2023, 3:38 PM
Sorry i don’t understand. Can you paste a redacted snippet?
h
high-gold-37421
08/02/2023, 6:48 AMWhen the
configuration.inline.plugins.k8s.default-env-varsFLYTE_AWS_ENDPOINTFLYTE_AWS_ACCESS_KEY_IDFLYTE_AWS_SECRET_ACCESS_KEYhigh-gold-37421
08/02/2023, 9:24 AMAlso, what if I want to hide the sensitive values regarding a pog? I need to mount a secret resource to the pod but it seems a bit dumb to create the secret resources in every project domain k8s namespace just to do so. Any suggestions for this?
f
freezing-boots-56761
08/02/2023, 4:28 PM
these environment variables were propagated to the task's pod with their lowercase variantswow. that is really surprising for propagating secrets, i believe we can use cluster resource templates for this. that would automatically create the secret when a new project is provisioned.
25 Views