Ketan (kumare3)
Justin Tyberg
02/16/2022, 7:25 PMcommon.adminServer.server.security.useAuth: false
)
• custom backend-configs for the Flyte GKE services, with GCP IAP enabled
What IS working
• OK: custom backend configs and Google health checks from external HTTPS load balancer to Flyte services running on HTTP port 80
• OK: IAP authorization to Flyte HTTPS workloads through the browser
What IS NOT working
• FAIL: Google backend configs and health checks to gRPC service endpoint.
◦ GCP: use only TCP for grpc health checks: “For backend services that use the gRPC protocol, use only gRPC or TCP health checks. Do not use HTTP(S) or HTTP/2 health checks.”
◦ GKE ingress: you can only use HTTP, HTTPS, or HTTP/2 for health checks: “PROTOCOL used by probe systems for health checking. The BackendConfig
only supports creating health checks using the HTTP, HTTPS, or HTTP2 protocols.”
• FAIL: flytectl
CLI connecting to flyteadmin
behind GCP external HTTPS load balanceraustin
02/16/2022, 7:49 PMKetan (kumare3)
austin
02/16/2022, 7:59 PMNicholas LoFaso
02/16/2022, 8:05 PMKetan (kumare3)
We will provision multiple GKE clusters, each with their own Flyte installation.
You can use the same Flyte control plane with multiple GKE clusters and allow each project / domain etc to be routed to a specific clusterJustin Tyberg
02/16/2022, 9:36 PMKetan (kumare3)
Justin Tyberg
02/16/2022, 10:40 PMKetan (kumare3)
Pradithya Aria Pura
02/17/2022, 1:56 AMKetan (kumare3)
Arief Rahmansyah
02/17/2022, 2:46 AMKetan (kumare3)
austin
02/18/2022, 5:31 PMGuillaume Perchais
02/21/2022, 7:36 PMKetan (kumare3)