-
Notifications
You must be signed in to change notification settings - Fork 148
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Azure MySQL SSL Connection Configuration (Metadata Store Server) #130
Comments
The error message is not any more informative on image version
|
Duplicate issue as kubeflow/pipelines#6711 Please follow up there. |
@BrianSong the duplicate issue was filed by me and there is no traction on the issue, I've already discussed with @berndverst it cannot be fixed in KFP. Since the KFP issue is directly due to a sub-component which is |
@BrianSong I've also reached out to @hughmiao on #20 since SSL seems to be supported in MySQL backend, however I'm not able to find documentation regarding a working config. |
The SSLOptions are declare in [1]. |
@BrianSong doesn't seem to be the case, if I modify the field to be SSLOptions instead of ssl_options I observe the following error:
EDIT: |
Yeah, your original config should be correct. One possible root cause here is the [1] #20 (comment) |
Thanks @BrianSong . From the manylinux repository README it appears the |
Change the manylinux2010 to manylinux2014 could be an option, but it may lead to other bugs as ml_metadata has not been tested in manylinux2014 yet. Another option is to still use manylinux2010, but "edit the setup_environment to change its environment by installing packages, so the bazel_build after that line will have the new environment." as shown in [1]. [1] #24 (comment) |
Also, I found someone raised a similar bug in [1]. In that issue description, the same error - "ml_metadata/metadata_store/metadata_store_server_main.cc:226] Non-OK-status: status status: Internal: mysql_real_connect failed: errno: 0, error: MetadataStore cannot be created with the given connection config." seems to be triggered by kubeflow side issue. Maybe you can mention it in the kubeflow issue you opened as well. |
@andrijaperovic Had you solved the SSL issue with Azure MySQL from metadata_store_server (metadata-grpc-server of Kubeflow)? |
@mansoshaik-deloitte I have not, this issue was deprioritized, for now we have disabled required SSL connections to the backend MySQL since it goes over a private connection. Will take it up again at some point. |
@andrijaperovic Answering for other folks that might be tracking this down. I think you were really close on this. I eventually got it working with the following proto configuration. Though I did have to mount the certificate which is mentioned here in the azure mysql documentation and point to that.
|
Have tried to modify the metadata-grpc service which is packaged in https://github.com/kubeflow/pipelines to pass the following config in text protobuf format to
/bin/metadata_store_server
:Observing the following exception without much details:
To my knowledge, there is no way to enable additional verbosity on
metadata_store_server
.As part of Kubeflow Pipelines 1.7.0-alpha.1,
metadata-grpc-service
is deployed usinggcr.io/tfx-oss-public/ml_metadata_store_server:1.0.0
image.We are using Azure Database for MySQL server, MySQL Version 5.7 with SSL Connections enforced.
The text was updated successfully, but these errors were encountered: