https://flyte.org logo
b

Bruno Freitas

07/28/2022, 12:33 PM
Hi, everyone. Has someone used Keycloak as an external authorization server on Flyte? I followed the Flyte doc at the https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#deployment-cluster-config-auth-setup to configure the clients and secrets and also defined the audience as mentioned in the issue (https://github.com/flyteorg/flyte/issues/2606). However, FlytePropeller has an error when I launch workflows in Flyte. I think the error is related to the FlyteAdmin events component (https://docs.flyte.org/en/latest/concepts/component_architecture/flytepropeller_architecture.html#flyteadmin-events) on FlytePropeller according to the following error message: EventSinkError: Error sending event, caused by [rpc error: code = Unauthenticated desc = transport: per-RPC creds failed due to error: oauth2: cannot fetch token:
k

Ketan (kumare3)

07/28/2022, 12:42 PM
Yes you need a client secret for propeller to be configured. Cc @Sören Brunk ? I think you have to restart propeller after you make the config change
👍 1
h

Haytham Abuelfutuh

07/28/2022, 12:48 PM
@Sören Brunk @Neal Feierabend would you be able to help?
s

Sören Brunk

07/28/2022, 12:49 PM
Yes, propeller currently does not pick up these config changes at runtime so I'd first try to restart it as @Ketan (kumare3) has suggested.
👍 1
12 Views