clever-vegetable-6086
08/11/2022, 4:39 PMflytectl
config set and be able to interact with the cluster via the command line with a minimum configuration before doing those two things.
my minimal config looks like this
admin:
endpoint: dns:///admin.flyte.us3.predictap.com
insecure: true
my flytectl version
output is this
{
"App": "flytectl",
"Build": "62b86f6",
"Version": "0.6.7",
"BuildTime": "2022-08-11 11:33:31.781304 -0500 CDT m=+0.021446651"
}%
i think my config is good enough, i ran flytectl config validate
chrisantenesse@Chriss-MacBook-Pro-2 ~ % flytectl config validate
Couldn't find a config file.
Validated config file successfully.
but when i do something like flytectl get projects
, i’m getting this
{"json":{},"level":"error","msg":"failed to initialize token source provider. Err: failed to fetch auth metadata. Error: rpc error: code = Unavailable desc = connection closed","ts":"2022-08-11T11:35:12-05:00"}
{"json":{},"level":"warning","msg":"Starting an unauthenticated client because: can't create authenticated channel without a TokenSourceProvider","ts":"2022-08-11T11:35:12-05:00"}
{"json":{},"level":"info","msg":"Initialized Admin client","ts":"2022-08-11T11:35:12-05:00"}
Error: rpc error: code = Unavailable desc = connection closed
{"json":{},"level":"error","msg":"rpc error: code = Unavailable desc = connection closed","ts":"2022-08-11T11:35:12-05:00"}
i jumped on both flyteadmin pods shell and was able to confirm that traffic coming through the ingress was actually hitting the pods. basically ran watch -n1 netstat -anp
and watched a connection get established. i also ran tcpdump
locally and watched my local machine make the outbound request, etc. so i dont think this is due to a misconfiguration in the k8s side of things.
i ran a kubectl logs …
on both pods, but never saw entries from the flyteadmin server indicating that something happened (good or bad).
im new to the flyte world and appreciate the help in advance!great-school-54368
08/11/2022, 5:42 PMkubectl get ingress,pod -n flyte
clever-vegetable-6086
08/11/2022, 5:43 PMclever-vegetable-6086
08/11/2022, 5:43 PMgreat-school-54368
08/11/2022, 5:44 PMkubectl get ingress,pod -n flyte
?clever-vegetable-6086
08/11/2022, 5:44 PMkubectl get ingress,pod -n flyte
NAME CLASS HOSTS ADDRESS PORTS AGE
<http://ingress.networking.k8s.io/flyte-core|ingress.networking.k8s.io/flyte-core> <none> <http://admin.flyte.us3.predictap.com|admin.flyte.us3.predictap.com> <http://a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com|a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com> 80 26m
<http://ingress.networking.k8s.io/flyte-core-grpc|ingress.networking.k8s.io/flyte-core-grpc> <none> <http://admin.flyte.us3.predictap.com|admin.flyte.us3.predictap.com> <http://a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com|a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com> 80 26m
NAME READY STATUS RESTARTS AGE
pod/datacatalog-ff6d66cf5-vc8lt 1/1 Running 0 26m
pod/datacatalog-ff6d66cf5-zwfq6 1/1 Running 0 26m
pod/flyte-pod-webhook-595f7b6858-62fjn 1/1 Running 0 26m
pod/flyteadmin-7f5d5ffc47-7ht64 1/1 Running 0 26m
pod/flyteadmin-7f5d5ffc47-7w8t5 1/1 Running 0 26m
pod/flyteconsole-565d6765b9-6vwln 1/1 Running 0 26m
pod/flyteconsole-565d6765b9-kwdrv 1/1 Running 0 26m
pod/flytepropeller-74bf956f6c-8x2f4 1/1 Running 0 26m
pod/flytepropeller-74bf956f6c-qdczb 1/1 Running 0 26m
pod/flytescheduler-65597b6ccf-8thg5 1/1 Running 0 26m
pod/syncresources-5457d6d655-5vkjs 1/1 Running 0 26m
great-school-54368
08/11/2022, 5:44 PMkubectl get ingress -oyaml -n flyte
clever-vegetable-6086
08/11/2022, 5:45 PMapiVersion: v1
items:
- apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: Ingress
metadata:
annotations:
<http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>: nginx
<http://meta.helm.sh/release-name|meta.helm.sh/release-name>: flyte
<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: flyte
<http://nginx.ingress.kubernetes.io/app-root|nginx.ingress.kubernetes.io/app-root>: /console
creationTimestamp: "2022-08-11T17:17:30Z"
generation: 1
labels:
<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>: Helm
name: flyte-core
namespace: flyte
resourceVersion: "8414401"
uid: dfda6080-dbde-434d-bb2d-a2e7657b7cc5
spec:
rules:
- host: <http://admin.flyte.us3.predictap.com|admin.flyte.us3.predictap.com>
http:
paths:
- backend:
service:
name: ssl-redirect
port:
name: use-annotation
path: /*
pathType: ImplementationSpecific
- backend:
service:
name: flyteconsole
port:
number: 80
path: /console
pathType: ImplementationSpecific
- backend:
service:
name: flyteconsole
port:
number: 80
path: /console/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /api
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /api/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /healthcheck
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /v1/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /.well-known
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /.well-known/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /login
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /login/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /logout
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /logout/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /callback
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /callback/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /me
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /config
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /config/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /oauth2
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /oauth2/*
pathType: ImplementationSpecific
status:
loadBalancer:
ingress:
- hostname: <http://a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com|a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com>
- apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: Ingress
metadata:
annotations:
<http://alb.ingress.kubernetes.io/backend-protocol-version|alb.ingress.kubernetes.io/backend-protocol-version>: HTTP2
<http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>: nginx
<http://meta.helm.sh/release-name|meta.helm.sh/release-name>: flyte
<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: flyte
<http://nginx.ingress.kubernetes.io/app-root|nginx.ingress.kubernetes.io/app-root>: /console
<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>: GRPC
creationTimestamp: "2022-08-11T17:17:30Z"
generation: 3
labels:
<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>: Helm
name: flyte-core-grpc
namespace: flyte
resourceVersion: "8420898"
uid: d222f010-bf87-4ddc-ac10-9b05ce59c9f0
spec:
rules:
- host: <http://admin.flyte.us3.predictap.com|admin.flyte.us3.predictap.com>
http:
paths:
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.AdminService
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.AdminService/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.DataProxyService
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.DataProxyService/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.AuthMetadataService
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.AuthMetadataService/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.IdentityService
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.IdentityService/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /grpc.health.v1.Health
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /grpc.health.v1.Health/*
pathType: ImplementationSpecific
status:
loadBalancer:
ingress:
- hostname: <http://a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com|a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com>
kind: List
metadata:
resourceVersion: ""
selfLink: ""
great-school-54368
08/11/2022, 5:47 PM<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>: GRPC
to <http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>: HTTP2
clever-vegetable-6086
08/11/2022, 5:48 PMclever-vegetable-6086
08/11/2022, 5:48 PMclever-vegetable-6086
08/11/2022, 5:56 PMclever-vegetable-6086
08/11/2022, 5:56 PMclever-vegetable-6086
08/11/2022, 5:57 PMapiVersion: v1
items:
- apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: Ingress
metadata:
annotations:
<http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>: nginx
<http://meta.helm.sh/release-name|meta.helm.sh/release-name>: flyte
<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: flyte
<http://nginx.ingress.kubernetes.io/app-root|nginx.ingress.kubernetes.io/app-root>: /console
creationTimestamp: "2022-08-11T17:17:30Z"
generation: 1
labels:
<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>: Helm
name: flyte-core
namespace: flyte
resourceVersion: "8414401"
uid: dfda6080-dbde-434d-bb2d-a2e7657b7cc5
spec:
rules:
- host: <http://admin.flyte.us3.predictap.com|admin.flyte.us3.predictap.com>
http:
paths:
- backend:
service:
name: ssl-redirect
port:
name: use-annotation
path: /*
pathType: ImplementationSpecific
- backend:
service:
name: flyteconsole
port:
number: 80
path: /console
pathType: ImplementationSpecific
- backend:
service:
name: flyteconsole
port:
number: 80
path: /console/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /api
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /api/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /healthcheck
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /v1/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /.well-known
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /.well-known/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /login
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /login/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /logout
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /logout/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /callback
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /callback/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /me
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /config
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /config/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /oauth2
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 80
path: /oauth2/*
pathType: ImplementationSpecific
status:
loadBalancer:
ingress:
- hostname: <http://a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com|a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com>
- apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: Ingress
metadata:
annotations:
<http://alb.ingress.kubernetes.io/backend-protocol-version|alb.ingress.kubernetes.io/backend-protocol-version>: HTTP2
<http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>: nginx
<http://meta.helm.sh/release-name|meta.helm.sh/release-name>: flyte
<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: flyte
<http://nginx.ingress.kubernetes.io/app-root|nginx.ingress.kubernetes.io/app-root>: /console
<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>: HTTP2
creationTimestamp: "2022-08-11T17:17:30Z"
generation: 3
labels:
<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>: Helm
name: flyte-core-grpc
namespace: flyte
resourceVersion: "8421910"
uid: d222f010-bf87-4ddc-ac10-9b05ce59c9f0
spec:
rules:
- host: <http://admin.flyte.us3.predictap.com|admin.flyte.us3.predictap.com>
http:
paths:
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.AdminService
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.AdminService/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.DataProxyService
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.DataProxyService/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.AuthMetadataService
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.AuthMetadataService/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.IdentityService
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /flyteidl.service.IdentityService/*
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /grpc.health.v1.Health
pathType: ImplementationSpecific
- backend:
service:
name: flyteadmin
port:
number: 81
path: /grpc.health.v1.Health/*
pathType: ImplementationSpecific
status:
loadBalancer:
ingress:
- hostname: <http://a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com|a1fe6821b1e9c47eca9b9a18b2379e34-1655614568.us-east-1.elb.amazonaws.com>
kind: List
metadata:
resourceVersion: ""
selfLink: ""
glamorous-artist-35470
08/11/2022, 6:41 PMcold-wolf-19802
10/06/2022, 1:38 AMflytectl register files --force --project flytesnacks --domain development --archive flyte-package.tgz --version 1
results in the following at the ingress
99.153.68.49 - - [06/Oct/2022:01:31:01 +0000] "PRI * HTTP/2.0" 400 150 "-" "-" 0 0.000 [] [] - - - - eec91dddcd78fe41fb8702e5392cb06c
99.153.68.49 - - [06/Oct/2022:01:31:02 +0000] "PRI * HTTP/2.0" 400 150 "-" "-" 0 0.001 [] [] - - - - ab7ae5a0bf016f903df955dd87fd1928
99.153.68.49 - - [06/Oct/2022:01:31:02 +0000] "PRI * HTTP/2.0" 400 150 "-" "-" 0 0.001 [] [] - - - - c2a233d50e7eeb6964b7e488bd9d9bd8
99.153.68.49 - - [06/Oct/2022:01:31:02 +0000] "PRI * HTTP/2.0" 400 150 "-" "-" 0 0.000 [] [] - - - - 355b47d9585ff0e89c80f2eeca9233ac
99.153.68.49 - - [06/Oct/2022:01:31:02 +0000] "PRI * HTTP/2.0" 400 150 "-" "-" 0 0.000 [] [] - - - - d87e5edbb620f7bf82d2a945b27179d3
99.153.68.49 - - [06/Oct/2022:01:31:02 +0000] "PRI * HTTP/2.0" 400 150 "-" "-" 0 0.000 [] [] - - - - c7a11b9533a865382c7022bd14335263
99.153.68.49 - - [06/Oct/2022:01:31:02 +0000] "PRI * HTTP/2.0" 400 150 "-" "-" 0 0.000 [] [] - - - - 764f6f65d294fee42c5dc14445fe7a92
I am running the separate ingress and have tried both
<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>: HTTP2
and <http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>: GRPC
but both give the above 400scold-wolf-19802
10/06/2022, 2:44 PM