Ketan (kumare3)
Ketan (kumare3)
Ketan (kumare3)
Justin Tyberg
02/16/2022, 7:25 PMcommon.adminServer.server.security.useAuth: false
)
• custom backend-configs for the Flyte GKE services, with GCP IAP enabled
What IS working
• OK: custom backend configs and Google health checks from external HTTPS load balancer to Flyte services running on HTTP port 80
• OK: IAP authorization to Flyte HTTPS workloads through the browser
What IS NOT working
• FAIL: Google backend configs and health checks to gRPC service endpoint.
◦ GCP: use only TCP for grpc health checks: “For backend services that use the gRPC protocol, use only gRPC or TCP health checks. Do not use HTTP(S) or HTTP/2 health checks.”
◦ GKE ingress: you can only use HTTP, HTTPS, or HTTP/2 for health checks: “PROTOCOL used by probe systems for health checking. The BackendConfig
only supports creating health checks using the HTTP, HTTPS, or HTTP2 protocols.”
• FAIL: flytectl
CLI connecting to flyteadmin
behind GCP external HTTPS load balanceraustin
02/16/2022, 7:49 PMKetan (kumare3)
austin
02/16/2022, 7:59 PMNicholas LoFaso
02/16/2022, 8:05 PMKetan (kumare3)
Ketan (kumare3)
We will provision multiple GKE clusters, each with their own Flyte installation.
You can use the same Flyte control plane with multiple GKE clusters and allow each project / domain etc to be routed to a specific clusterKetan (kumare3)
Justin Tyberg
02/16/2022, 9:36 PMJustin Tyberg
02/16/2022, 9:37 PMJustin Tyberg
02/16/2022, 9:38 PMKetan (kumare3)
Justin Tyberg
02/16/2022, 10:40 PMKetan (kumare3)
Ketan (kumare3)
Ketan (kumare3)
Pradithya Aria Pura
02/17/2022, 1:56 AMKetan (kumare3)
Arief Rahmansyah
02/17/2022, 2:46 AMKetan (kumare3)
Ketan (kumare3)
austin
02/18/2022, 5:31 PMGuillaume Perchais
02/21/2022, 7:36 PMKetan (kumare3)