F

Flyte enables you to build & deploy data & ML pipelines, hassle-free. The infinitely scalable and flexible workflow orchestration platform that seamlessly unifies data, ML and analytics stacks. Explore and Join the Flyte Community!

Service Account Issues in Flyte Deployment

Summary

The user examined the default service account in the "flytesnacks-development" namespace and found it missing labels and secrets. They added AWS access keys and noted the need for an EKS role ARN annotation, which they expected to be automated by the Helm chart. After hardcoding the role, adding a label, and redeploying Helm, the issue continued. The user confirmed their cluster_resources setup followed a tutorial and referenced an error log from the Flyte pod indicating a failure to create the service account due to permission issues. The service account "system:serviceaccount:flyte:flyte-backend-flyte-binary" lacked the necessary permissions to create service accounts in the "flytesnacks-development" namespace. The user noted that the tutorial did not mention creating a service account, which seemed to be an oversight, although it had worked for others. They questioned if the Helm chart was meant to manage the cluster role configurations. To resolve the issue, the user edited the cluster role to include permissions for service accounts and performed a rollout restart of the deployment, which fixed the problem. They requested a fix for the tutorial.

Status
resolved
Tags
    Source
    #flyte-deployment