问题:Could not find CSRF cookie XSRF-TOKEN
kubeflow的很多组件都依赖https,如果使用http访问kubeflow,则会出现这个问题,解决方案有两种:
1. 查找配置中的APP_SECURE_COOKIES,改为false
2.使用https访问(推荐)
配置证书
kubeflow-ingressgateway-certs.yaml
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: kubeflow-ingressgateway-certs
namespace: istio-system
spec:
commonName: 192.168.6.50 # Ex) kubeflow.mydomain.com
issuerRef:
kind: ClusterIssuer
name: kubeflow-self-signing-issuer
secretName: kubeflow-ingressgateway-certs
执行:kubectl apply -f kubeflow-ingressgateway-certs.yaml 配置证书
配置网关
gateway.yaml
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: kubeflow-gateway
namespace: kubeflow
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- "*"
port:
name: http
number: 80
protocol: HTTP
# Upgrade HTTP to HTTPS
# tls:
# httpsRedirect: true
- hosts:
- "*"
port:
name: https
number: 443
protocol: HTTPS
tls:
mode: SIMPLE
credentialName: kubeflow-ingressgateway-certs
执行:kubectl apply -f gateway.yaml 开启https端口
如果执行后还是不行可以尝试:重装Istio之后再进行配置
```sh kustomize build common/istio-1-17/istio-crds/base | kubectl apply -f - kustomize build common/istio-1-17/istio-namespace/base | kubectl apply -f - kustomize build common/istio-1-17/istio-install/base | kubectl apply -f - ```