Channels
#ask-the-community
Title
# ask-the-community
f
Fhuad Balogun
02/21/2023, 11:49 AMHello guys
I've set up Kubernetes and Flyte on AWS and then port forwarded to my local machine.
However, when I try to register a workflow, I get this error:
error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBERd
David Espejo (he/him)
02/21/2023, 4:34 PMHi @Fhuad Balogun
can you share your current
config.yamly
Yee
02/21/2023, 4:35 PM
if you’re port forwarded you might not need ssl… try insecure: true?
f
Fhuad Balogun
02/22/2023, 10:02 AMYea, it later worked. I port forwarded it. The config.yaml had the client port so I changed it to 8089.
Thanks guys. Great job you're all doing.
n
Nan Qin
03/30/2023, 4:14 PMHi I am having similar issues with port-forwarding flyte from eks. Here is my config.yaml
Copy code
admin:
# For GRPC endpoints you might want to use dns:///flyte.myexample.com
endpoint: dns:///localhost:8089
authType: Pkce
insecure: true
logger:
show-source: true
level: 0 Copy code
details: failed to connect to all addresses; last error: UNKNOWN: ipv4:127.0.0.1:8089: Failed to connect to remote host: Connection refusedport-forwarding:
y
Yee
03/30/2023, 4:17 PM
what’s your port forward command btw?
n
Nan Qin
03/30/2023, 4:18 PMi used k9s to pf. it should be equivalent to
k port-forward flyte-pod 8089:8089 8088:8088y
Yee
03/30/2023, 4:22 PM
that should work… try http first?
localhost:8088/api/v1/projects
n
Nan Qin
03/30/2023, 4:23 PMyeah that works
Copy code
{"projects":[{"id":"flytesnacks","name":"flytesnacks","domains":[{"id":"development","name":"development"},{"id":"staging","name":"staging"},{"id":"production","name":"production"}],"description":"flytesnacks description"}]}%y
Yee
03/30/2023, 4:23 PM
so http works and grpc doesn’t?
try flytectl
maybe it’s a flytekit only issue
both flytekit and flytectl use grpc
n
Nan Qin
03/30/2023, 4:24 PMyeah with http on 8088 I am getting the
routines:OPENSSL_internal:WRONG_VERSION_NUMBERpyflyte registery
Yee
03/30/2023, 4:24 PM
why ssl?
you have ssl turned on?
n
Nan Qin
03/30/2023, 4:26 PMso, if I change my config to
Copy code
admin:
# For GRPC endpoints you might want to use dns:///flyte.myexample.com
endpoint: localhost:8088
authType: Pkce
insecure: true
logger:
show-source: true
level: 0I get
Copy code
details: failed to connect to all addresses; last error: INTERNAL: ipv4:127.0.0.1:8088: Trying to connect an http1.x servery
Yee
03/30/2023, 4:27 PM
oh you need 8089 for grpc
http is 8088
grpc is 8089
both should be insecure
unless you host the cert and terminate ssl in admin
which is typically not the case
n
Nan Qin
03/30/2023, 4:27 PMyeah, with grpc I am getting
Copy code
details: failed to connect to all addresses; last error: UNKNOWN: ipv4:127.0.0.1:8089: Failed to connect to remote host: Connection refusedy
Yee
03/30/2023, 4:28 PM
what do logs on the flyte side say?
n
Nan Qin
03/30/2023, 4:32 PMno log on flyte side...
let me double check the port forwarding
y
Yee
03/30/2023, 4:34 PM
can you run kubectl portforward directly?
maybe it offers more information than k9s
n
Nan Qin
03/30/2023, 4:38 PMyeah
kubectl port-forward Copy code
Failed with Exception: Reason: SYSTEM:Unknown
RPC Failed, with Status: StatusCode.INTERNAL
details: failed to create a signed url. Error: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
status code: 403, request id: d4c6c3e4-d015-4c74-9d07-5962b0bce16ay
Yee
03/30/2023, 4:38 PM
what command are you running?
n
Nan Qin
03/30/2023, 4:39 PM Copy code
pyflyte -c ~/.flyte/config.yaml register workflows --image IMAGE:TAGy
Yee
03/30/2023, 4:39 PM
oh this is unrelated
this is a perms issue
n
Nan Qin
03/30/2023, 4:39 PMshould I use a service account with pyflyte command?
y
Yee
03/30/2023, 4:40 PM
let’s start a new thread
55 Views