使用 CeleryExecutor 访问登录气流时访问 Forbidden
Access Forbidden while accessing log in airflow with CeleryExecutor
我正在尝试使用 celery Executor 在 kubernetes(在 Azure Kubernetes 服务上)上部署 Airflow。但是,任务完成后,我在尝试访问其日志时收到以下错误:
*** Log file does not exist: /opt/airflow/logs/maintenance/clean_events/2021-08-23T14:46:18.953030+00:00/1.log
*** Fetching from: http://airflow-worker-0.airflow-worker.airflow.svc.cluster.local:8793/log/maintenance/clean_events/2021-08-23T14:46:18.953030+00:00/1.log
*** Failed to fetch log file from worker. 403 Client Error: FORBIDDEN for url: http://airflow-worker-0.airflow-worker.airflow.svc.cluster.local:8793/log/maintenance/clean_events/2021-08-23T14:46:18.953030+00:00/1.log
For more information check: https://httpstatuses.com/403
我的charts.yaml很简单
---
airflow:
image:
repository: myrepo.azurecr.io/maintenance-scripts
tag: latest
pullPolicy: Always
pullSecret: "secret"
executor: CeleryExecutor
config:
AIRFLOW__CORE__LOAD_EXAMPLES: "True"
AIRFLOW__KUBERNETES__DELETE_WORKER_PODS: "False"
users:
- username: admin
password: password
role: Admin
email: admin@example.com
firstName: admin
lastName: admin
rbac:
create: true
serviceAccount:
create: true
#postgresql:
# enabled: true
workers:
enabled: true
redis:
enabled: true
flower:
enabled: false
global:
postgresql: {
storageClass: managed
}
persistence:
fixPermissions: true
storageClassName: managed
我没能解决这个问题,它似乎是你可以在气流上使用的最基本的配置,有人知道这可能来自哪里吗?
非常感谢
您需要为网络服务器和工作人员配置相同的网络服务器密码:https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#secret-key
它最近已被修复为潜在的安全漏洞 - 现在您需要知道密钥才能检索日志(之前未经身份验证)。
我正在尝试使用 celery Executor 在 kubernetes(在 Azure Kubernetes 服务上)上部署 Airflow。但是,任务完成后,我在尝试访问其日志时收到以下错误:
*** Log file does not exist: /opt/airflow/logs/maintenance/clean_events/2021-08-23T14:46:18.953030+00:00/1.log
*** Fetching from: http://airflow-worker-0.airflow-worker.airflow.svc.cluster.local:8793/log/maintenance/clean_events/2021-08-23T14:46:18.953030+00:00/1.log
*** Failed to fetch log file from worker. 403 Client Error: FORBIDDEN for url: http://airflow-worker-0.airflow-worker.airflow.svc.cluster.local:8793/log/maintenance/clean_events/2021-08-23T14:46:18.953030+00:00/1.log
For more information check: https://httpstatuses.com/403
我的charts.yaml很简单
---
airflow:
image:
repository: myrepo.azurecr.io/maintenance-scripts
tag: latest
pullPolicy: Always
pullSecret: "secret"
executor: CeleryExecutor
config:
AIRFLOW__CORE__LOAD_EXAMPLES: "True"
AIRFLOW__KUBERNETES__DELETE_WORKER_PODS: "False"
users:
- username: admin
password: password
role: Admin
email: admin@example.com
firstName: admin
lastName: admin
rbac:
create: true
serviceAccount:
create: true
#postgresql:
# enabled: true
workers:
enabled: true
redis:
enabled: true
flower:
enabled: false
global:
postgresql: {
storageClass: managed
}
persistence:
fixPermissions: true
storageClassName: managed
我没能解决这个问题,它似乎是你可以在气流上使用的最基本的配置,有人知道这可能来自哪里吗?
非常感谢
您需要为网络服务器和工作人员配置相同的网络服务器密码:https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#secret-key
它最近已被修复为潜在的安全漏洞 - 现在您需要知道密钥才能检索日志(之前未经身份验证)。