Hi, everyone. Has someone used Keycloak as an exte...
# flyte-support
f
Hi, everyone. Has someone used Keycloak as an external authorization server on Flyte? I followed the Flyte doc at the https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#deployment-cluster-config-auth-setup to configure the clients and secrets and also defined the audience as mentioned in the issue (https://github.com/flyteorg/flyte/issues/2606). However, FlytePropeller has an error when I launch workflows in Flyte. I think the error is related to the FlyteAdmin events component (https://docs.flyte.org/en/latest/concepts/component_architecture/flytepropeller_architecture.html#flyteadmin-events) on FlytePropeller according to the following error message: EventSinkError: Error sending event, caused by [rpc error: code = Unauthenticated desc = transport: per-RPC creds failed due to error: oauth2: cannot fetch token:
f
Yes you need a client secret for propeller to be configured. Cc @boundless-pizza-95864 ? I think you have to restart propeller after you make the config change
👍 1
h
@boundless-pizza-95864 @acoustic-painting-95053 would you be able to help?
b
Yes, propeller currently does not pick up these config changes at runtime so I'd first try to restart it as @freezing-airport-6809 has suggested.
👍 1
195 Views