Hello guys I've set up Kubernetes and Flyte on AW...
# ask-the-community
f
Hello guys I've set up Kubernetes and Flyte on AWS and then port forwarded to my local machine. However, when I try to register a workflow, I get this error:
error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER
d
Hi @Fhuad Balogun can you share your current
config.yaml
?
y
if you’re port forwarded you might not need ssl… try insecure: true?
f
Yea, it later worked. I port forwarded it. The config.yaml had the client port so I changed it to 8089. Thanks guys. Great job you're all doing.
n
Hi I am having similar issues with port-forwarding flyte from eks. Here is my config.yaml
Copy code
admin:
  # For GRPC endpoints you might want to use dns:///flyte.myexample.com
  endpoint: dns:///localhost:8089
  authType: Pkce
  insecure: true
logger:
  show-source: true
  level: 0
I am getting
Copy code
details: failed to connect to all addresses; last error: UNKNOWN: ipv4:127.0.0.1:8089: Failed to connect to remote host: Connection refused
port-forwarding:
y
what’s your port forward command btw?
n
i used k9s to pf. it should be equivalent to
k port-forward flyte-pod 8089:8089 8088:8088
y
that should work… try http first?
localhost:8088/api/v1/projects
n
yeah that works
Copy code
{"projects":[{"id":"flytesnacks","name":"flytesnacks","domains":[{"id":"development","name":"development"},{"id":"staging","name":"staging"},{"id":"production","name":"production"}],"description":"flytesnacks description"}]}%
y
so http works and grpc doesn’t?
try flytectl
maybe it’s a flytekit only issue
both flytekit and flytectl use grpc
n
yeah with http on 8088 I am getting the
routines:OPENSSL_internal:WRONG_VERSION_NUMBER
error when running
pyflyte register
y
why ssl?
you have ssl turned on?
n
so, if I change my config to
Copy code
admin:
  # For GRPC endpoints you might want to use dns:///flyte.myexample.com
  endpoint: localhost:8088
  authType: Pkce
  insecure: true
logger:
  show-source: true
  level: 0
I get
Copy code
details: failed to connect to all addresses; last error: INTERNAL: ipv4:127.0.0.1:8088: Trying to connect an http1.x server
y
oh you need 8089 for grpc
http is 8088
grpc is 8089
both should be insecure
unless you host the cert and terminate ssl in admin
which is typically not the case
n
yeah, with grpc I am getting
Copy code
details: failed to connect to all addresses; last error: UNKNOWN: ipv4:127.0.0.1:8089: Failed to connect to remote host: Connection refused
y
what do logs on the flyte side say?
n
no log on flyte side...
let me double check the port forwarding
y
can you run kubectl portforward directly?
maybe it offers more information than k9s
n
yeah
kubectl port-forward
is handling the request. Now I am getting
Copy code
Failed with Exception: Reason: SYSTEM:Unknown
RPC Failed, with Status: StatusCode.INTERNAL
        details: failed to create a signed url. Error: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
        status code: 403, request id: d4c6c3e4-d015-4c74-9d07-5962b0bce16a
y
what command are you running?
n
Copy code
pyflyte -c ~/.flyte/config.yaml register workflows --image IMAGE:TAG
y
oh this is unrelated
this is a perms issue
n
should I use a service account with pyflyte command?
y
let’s start a new thread
235 Views