proud-art-41399
02/12/2021, 6:31 AMflat-insurance-25294
02/12/2021, 8:19 AMbig-state-95297
02/12/2021, 9:00 AMEncryptionConfigKeyArn
to eks cluster configuration fails in replacing eks cluster with the following error:
- ├─ aws:ec2:LaunchConfiguration eks-cluster-nodeLaunchConfiguration **deleting failed** 1 error
└─ aws:eks:Cluster eks-cluster-eksCluster
Diagnostics:
aws:ec2:LaunchConfiguration (eks-cluster-nodeLaunchConfiguration):
error: deleting urn:pulumi:dev::inferencio::eks:index:Cluster$aws:ec2/launchConfiguration:LaunchConfiguration::eks-cluster-nodeLaunchConfiguration: 1 error occurred:
* error deleting Autoscaling Launch Configuration (eks-cluster-nodeLaunchConfiguration-3bbda96): ResourceInUse: Cannot delete launch configuration eks-cluster-nodeLaunchConfiguration-3bbda96 because it is attached to AutoScalingGroup eks-cluster-bcd4ea99-NodeGroup-1Q6K169TLRD57
status code: 400, request id: c1e24bce-aced-45b1-bdad-47d2d4f89a8e
pulumi:pulumi:Stack (inferencio-dev):
error: update failed
I'm using the new pulumi-eki
sdk for cluster creation.
Will appreciate any help. Thanks!faint-motherboard-95438
02/12/2021, 10:58 AMpulumi-aws
just trashed all my main zone without any reason (in production, else that’s not fun), while i didn’t change anything for ages related to this zone or its records (i was updating something else in the stack):
+-aws:route53/zone:Zone: (replace)
[id=[REDACTED]]
[urn=urn:pulumi:main::core::[REDACTED]:aws:Zone$aws:route53/zone:Zone::[REDACTED]-zone]
[provider: urn:pulumi:main::core::pulumi:providers:aws::default_2_13_1::d1d769bc-62a1-45ba-b339-e706b31a6fbd => urn:pulumi:main::core::pulumi:providers:aws::default_3_23_0::0800a252-acfa-4069-ad32-aa0ee18ebb0e]
~ name: "[REDACTED]." => "[REDACTED]"
++aws:route53/zone:Zone: (create-replacement)
[id=[REDACTED]]
[urn=urn:pulumi:main::core::[REDACTED]:aws:Zone$aws:route53/zone:Zone::[REDACTED]-zone]
[provider: urn:pulumi:main::core::pulumi:providers:aws::default_2_13_1::d1d769bc-62a1-45ba-b339-e706b31a6fbd => urn:pulumi:main::core::pulumi:providers:aws::default_3_23_0::0800a252-acfa-4069-ad32-aa0ee18ebb0e]
~ name: "[REDACTED]." => "[REDACTED]"
+-aws:route53/record:Record: (replace)
[id=[REDACTED]_TXT]
[urn=urn:pulumi:main::core::[REDACTED]:aws:Zone$aws:route53/record:Record::[REDACTED]-record-3-TXT]
[provider: urn:pulumi:main::core::pulumi:providers:aws::default_2_13_1::d1d769bc-62a1-45ba-b339-e706b31a6fbd => urn:pulumi:main::core::pulumi:providers:aws::default_3_23_0::0800a252-acfa-4069-ad32-aa0ee18ebb0e]
~ zoneId : "[REDACTED]" => output<string>
Since most of the time it just wants to update some props related to zone or records (that’s weird btw), I didn’t pay attention (my fault), but this time it trashed all my records, trying to replace them without any reason nor changes, and failed when it tried to delete the main zone (obviously since it’s not empty). Now it’s stuck deleting the records & the zone and preventing me to recreate them !
I had to quickly recreate everything by hand and now I have a stack completely stale, desync and unusable…
I suppose that’s related to the update of pulumi-aws
, but even trying to downgrade to 2.x
it still wants to delete the zone by renaming it zone.tld.
=> zone.tld
(which does not make sense to me since I didn’t put a trailing dot in the domain name in the first place nor change anything in that regard)
That’s impossible to maintain a production stack when it wants to delete / replace something as critical as your main NS zone, I don’t see the point here and it does not seem there’s any way to prevent it.
What should I have done and how can I save the stack now (without deleting the zone) ?flat-insurance-25294
02/12/2021, 12:36 PMflaky-flower-13459
02/14/2021, 12:25 PMpulumi import aws:ec2/keyPair:KeyPair deployer deployer-key
as documented here: https://www.pulumi.com/docs/reference/pkg/aws/ec2/keypair/#import
but it fails with:
Diagnostics:
pulumi:pulumi:Stack (myproject_name-mystackname_dev):
error: preview failed
aws:ec2:KeyPair (dev_keypair):
error: aws:ec2/keyPair:KeyPair resource 'dev_keypair' has a problem: Required attribute is not set
error: Preview failed: one or more inputs failed to validate
hallowed-mouse-70261
02/15/2021, 7:46 PMconst gateway = new awsx.apigateway.API(
`my-lambda-gateway`,
{
routes: [
{
path: '/myLambdaFunction',
method: 'POST',
eventHandler: myLambdaFunction
}
]
}
);
and get the error:
Diagnostics:
pulumi:pulumi:Stack (my-stack-development):
error: update failed
aws:apigateway:RestApi (my-lambda-gateway):
error: 1 error occurred:
* creating urn:pulumi:development::my-stack::aws:apigateway:x:API$aws:apigateway/restApi:RestApi::my-lambda-gateway: 1 error occurred:
* error creating API Gateway specification: BadRequestException: Errors found during import:
Unable to put integration on 'POST' for resource at path '/myLambdaFunction': Invalid ARN specified in the request
This is odd because I can confirm that myLambdaFunction
does in fact have a valid arn that is currently working on an api-gateway set up outside of this test in the same way. Any ideas?little-cartoon-10569
02/15/2021, 8:09 PMvictorious-sugar-42620
02/15/2021, 10:09 PMlimited-pager-46264
02/16/2021, 11:44 AMexample = aws.ec2.SecurityGroupRule(
"example",
type="ingress",
from_port=443,
to_port=443,
protocol="tcp",
cidr_blocks=["1.1.1.1/32"],
security_group_id=allow_tls.id,
opts=pulumi.ResourceOptions(parent=allow_tls))
I then added another ip to the cidr list of the SG rule:
example = aws.ec2.SecurityGroupRule(
"example",
type="ingress",
from_port=443,
to_port=443,
protocol="tcp",
cidr_blocks=["1.1.1.1/32","2.2.2.2/32"],
security_group_id=allow_tls.id,
opts=pulumi.ResourceOptions(parent=allow_tls))
That resulted in the following error:
Previewing update (test):
~ pulumi:pulumi:Stack: (refresh)
[urn=urn:pulumi:test::Experiment::pulumi:pulumi:Stack::Experiment-test]
pulumi:pulumi:Stack: (same)
[urn=urn:pulumi:test::Experiment::pulumi:pulumi:Stack::Experiment-test]
+-aws:ec2/securityGroupRule:SecurityGroupRule: (replace)
[id=sgrule-3919269017]
[urn=urn:pulumi:test::Experiment::aws:ec2/securityGroup:SecurityGroup$aws:ec2/securityGroupRule:SecurityGroupRule::example]
[provider=urn:pulumi:test::Experiment::pulumi:providers:aws::default_3_29_0::1d8ffca5-685c-4b69-8ddd-3883e405d97f]
~ cidrBlocks: [
[0]: <null>
+ [1]: "2.2.2.2/32"
]
Resources:
+-1 to replace
2 unchanged
Permalink: file:///Users/sibu/test/state/.pulumi/stacks/test.json
Do you want to perform this update? yes
Updating (test):
~ pulumi:pulumi:Stack: (refresh)
[urn=urn:pulumi:test::Experiment::pulumi:pulumi:Stack::Experiment-test]
pulumi:pulumi:Stack: (same)
[urn=urn:pulumi:test::Experiment::pulumi:pulumi:Stack::Experiment-test]
error: 1 error occurred:
* [WARN] A duplicate Security Group rule was found on (sg-0acf2e4ef3c4ab3ee). This may be
a side effect of a now-fixed Terraform issue causing two security groups with
identical attributes but different source_security_group_ids to overwrite each
other in the state. See <https://github.com/hashicorp/terraform/pull/2376> for more
information and instructions for recovery. Error message: the specified rule "peer: 1.1.1.1/32, TCP, from port: 443, to port: 443, ALLOW" already exists
error: update failed
Isn’t it possible to update the cidr_block?salmon-ghost-86211
02/16/2021, 5:15 PMgp3
EBS volumes be supported in EKS? Right now GP2 is hard-coded.
https://github.com/pulumi/pulumi-eks/blob/259ac98f687c83af5d70d34802c893c835b62813/nodejs/eks/nodegroup.ts#L499
volumeType: "gp2", // default is "standard"
big-potato-91793
02/16/2021, 7:28 PMerror: 1 error occurred:
* error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
Please see <https://registry.terraform.io/providers/hashicorp/aws>
for more information about providing credentials.
Error: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
Getting this error?
But we are passing the aws:profile
to a good value. What should cause this?flat-insurance-25294
02/16/2021, 9:03 PMuserMapping
property on eks.Cluster()
1) Is it dynamically updating if it were to change between calls?
2) Does it allow the same user be added two times in different groups
?flat-insurance-25294
02/16/2021, 9:13 PMflat-insurance-25294
02/16/2021, 10:58 PMbuildAndPushImage
always build and push?
I am wondering how this works with digests on images when using K8 imagePullPolicies
.flat-insurance-25294
02/17/2021, 12:44 PMdb-subnet-group
?millions-market-17062
02/17/2021, 12:59 PMbrief-printer-34348
02/18/2021, 8:22 PMAmazonS3FullAccess
it appears there’s a few scenarios where the PolicyWon’t be correctly attached to a role. As an example if I rename the resource name of the policy attachment it appears that it “creates” and then “deletes” the policy attachment leaving the attachment empty. There’s a few other ways that this seems to occur. What’s the best strategy to ensure the expected policy is always attached to a role?stale-glass-57649
02/18/2021, 11:32 PMambitious-rainbow-88588
02/19/2021, 4:53 AMsparse-intern-71089
02/19/2021, 10:25 PMambitious-rainbow-88588
02/20/2021, 3:44 AMwide-boots-22590
02/20/2021, 11:46 AMaverage-kilobyte-47828
02/20/2021, 1:08 PMaverage-kilobyte-47828
02/20/2021, 1:08 PMlemon-machine-35564
02/22/2021, 6:31 PMdeleteBeforeReplace: true
to an API Gateway deployment created via Crosswalk? Don’t see it as possible via deploymentArgs
alert-raincoat-81485
02/22/2021, 9:57 PMaws:ec2:VolumeAttachment (ebsatt1-asg03):
error: deleting urn:pulumi:asg-ex-03::asg::aws:ec2/volumeAttachment:VolumeAttachment::ebsatt1-asg03: 1 error occurred:
* Failed to detach Volume (vol-*********) from Instance (i-*******): IncorrectState: Volume 'vol-*******' is in the 'available' state.
status code: 400, request id: 80154710-********
While checking it from the Ui, it shows the volumes are already detached from the instances, also instances are terminated.
I deleted the volumes manually, but showing the same error messages while running pulumi destroy. Can someone explain the issue here?cold-yacht-45876
02/23/2021, 12:42 PMvictorious-sugar-42620
02/24/2021, 2:46 AMgentle-monitor-55086
02/24/2021, 7:23 PMpulumi up
every time i want to run the code?
it's not super painful but it's not ideal.