New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dev.kubeflow.org 502s #545
Comments
Now I get
Because IAP is disabled. |
The initContainer on the envoy pods are what re-enable IAP. Deleting the envoy deployment and running ks apply again should reconfigure it. |
@danisla Thanks just figured that out. It looks like when @ankushagarwal ks apply didn't cause the envoy containers to get restarted. |
If the ingress or service spec is what changed, we might be able to add a coupling in the jsonnet spec that rolls the pods whenever the ingress or service changes. This is done in Helm with an annotation and a checksum. |
Would it make sense to turn the script into an agent that periodically runs a bunch of checks? This would be more work I think. |
Its working now that I kicked one of the envoy pods. |
If the liveness probe on the pod was somehow coupled to the JWT_AUDIENCE being correct, then k8s would automatically restart the pods when it changed and self-correct. |
Lets use #550 to figure out a better fix. |
Signed-off-by: Ce Gao <gaoce@caicloud.io>
Signed-off-by: Anna Jung (VMware) <antheaj@vmware.com>
I'm getting 502s on deve.kubeflow.org
I believe @ankushagarwal just redeployed the latest Kubeflow.
Following iap.md
My conjecture is when we redeployed all the backend settings got reset and we didn't reinitialize
/cc @danisla @ankushagarwal
The text was updated successfully, but these errors were encountered: