-
Notifications
You must be signed in to change notification settings - Fork 869
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
400: Bad request; unsupported request method. Can't connect the Pipelines SDK to Kubeflow Pipelines with Kind for Kubeflow 1.9 #2844
Comments
Hello, the website documentation is outdated. CC @diegolovison Please check the following The instructions are in
Afterwards all insecure/dangerous username+password based programatic access documentation should be removed. These are anyway only hacky workarounds that try to emulate a webbrowser instead of providing a proper solution @diego Lovison. |
@juliusvonkohout I just want to say, there is nothing inherently wrong with using a username and password as a token. There are many situations in which using a full JWT (either from the Kubernetes API server, or any other issuer trusted by oauth2-proxy), may not be feasible, or worth the effort. |
@thesuperzapper what do you propose then? It is still a hacky script that tries to use user sessions for machine to machine communication. We now have oauth2-proxy as a proper solution. |
@juliusvonkohout The most logical thing is to show how to use both options on the website. Either way, in the immediate future we need to provide a fix for users who are using the Dex flow, as the current script no longer works because we introduced an OIDC "approve grant" page into the login flow. Luckily, I have a new script ready that will work for 1.9.0, and we are proposing to add it to the website in: PS: we should remove the strange "grant prompt" in 1.9.1 because it makes no sense as we control both PSS: If users just want to try out the updated code, see the preview docs site here. |
Sounds like a plan. CC @kromanow94 |
Thanks @juliusvonkohout, and @thesuperzapper for the useful discussions, and pointers!
I've tried this out, and it works like a charm — many thanks! |
Alright then i will close it after kubeflow/website#3795, since i somehow cannot link them. |
The PR has been merged :-) |
Validation Checklist
Version
1.9
Describe your issue
After deploying Kubeflow 1.9 onto the Kind cluster as detailed in the README, I'm having trouble submitting an example pipeline from the documentation via the Python SDK using the "Full Kubeflow (from outside cluster)" guide. I'm running this locally on an Intel iMac on macOS 13 with Docker Desktop 4.33.0.
I can manually upload the pipeline to the Central Dashboard, and it runs successfully. However, when I run through the "Full Kubeflow (from outside cluster)" guide, listing pipelines/experiments returns:
even though there's an existing pipeline/experiment that was manually generated. The "Full Kubeflow (from outside cluster)" docs don't include a namespace, but adding this (
kubeflow-user-example-com
) has the same effect.As soon as I switch to
kfp.Client.create_run_from_pipeline_package
I get the following 400 message:All pods are running, but occasionally I see the
kubeflow-m2m-oidc-configurator
appear, go intoCrashLoopBackOff
, and then disappear; its logs are:Steps to reproduce the issue
Install Kind
Install Kubeflow 1.9 with a single command
Wait for all pods to be in a running state
Connect to the cluster using the port forwarding command listed in the
README
Login using the default username (
user@example.com
), and password (12341234
), and verify the Central Dashboard looks goodRun a slightly modified (includes
namespace
) version of the "Full Kubeflow (from outside cluster)" guide using the example pipeline:This should fail as described.
Manually upload
pipeline.yaml
generated from Step 6, and run it in the Central Dashboard — this should workRe-run Step 6; this should still fail, and
client.list_experiments
should still return withNone
s despite Step 7 creating an experiment.Put here any screenshots or videos (optional)
No response
The text was updated successfully, but these errors were encountered: