full-sugar-56177
01/11/2022, 8:52 PMlemon-salesclerk-6224
01/11/2022, 10:07 PMaws.lambda.Function()
that name gets used exactly when the lambda is spun up, but when I pass a name to aws.lambda.CallbackFunction()
a hash is appended to the end of the name? For example if I pass test-callback
to the callback function, the lambda spun up from the callback function will be something like test-callback-9283a32
nice-pharmacist-5320
01/12/2022, 5:57 AMalb
which brings up a loadbalancer in AWS with dns name something like <http://k8s-kubesyst-octestal-f8d469242e-698581751.ap-south-1.elb.amazonaws.com|k8s-kubesyst-octestal-f8d469242e-698581751.ap-south-1.elb.amazonaws.com>
const albIngress = new k8s.networking.v1beta1.Ingress(`${projectName}-alb-ingress`, {
metadata: {
name: `${projectName}-alb-ingress`,
namespace: 'kube-system',
annotations: {
'<http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>': 'alb',
'<http://alb.ingress.kubernetes.io/scheme|alb.ingress.kubernetes.io/scheme>': 'internet-facing',
'<http://alb.ingress.kubernetes.io/target-type|alb.ingress.kubernetes.io/target-type>': 'ip',
},
},
spec: {
rules: [
{
http: {
paths: [
{
path: '/*',
backend: { serviceName: ingressNginxService.metadata.name, servicePort: 80 }
}
]
}
}
]
},
}, { provider: cluster.provider });
const www = new aws.route53.Record("www", {
zoneId: '<Redacted>',
name: 'dev-server',
type: 'A',
aliases: [{
name: albIngress.status.loadBalancer.ingress[0].hostname, // <http://k8s-kubesyst-octestal-f8d469242e-698581751.ap-south-1.elb.amazonaws.com|k8s-kubesyst-octestal-f8d469242e-698581751.ap-south-1.elb.amazonaws.com>
zoneId: exampleZone.zoneId, // <---------------------------------- how do i get the zone id?
evaluateTargetHealth: true,
}],
});
The problem is when creating a route53 record for this loadbalancer, i need a zoneId
, where do i get it from? Any help is appreciatedmagnificent-lifeguard-15082
01/12/2022, 9:41 PMcolossal-boots-62227
01/13/2022, 8:34 AMserial-number
and token-code
when assuming a role in the AWS Classic provider? It does not appear so from the Pulumi AWS installation-configuration and provider documentation. This is to allow using YubiKey MFA to assume more privileged role as described in this AWS tutorial.magnificent-lifeguard-15082
01/13/2022, 3:44 PMsourceHash
on s3.BucketObject
? Is pulumi overriding it with the FileArchive
source
reference? The path (ie. the .zip) I pass is not deterministic so this is a little bit of an issue.swift-ambulance-7102
01/14/2022, 7:43 PMfast-river-57630
01/14/2022, 8:29 PMnew awsx.ec2.Vpc('...', {vpc})
. (ExistingVpcArgs) but the cluster won't provision because the subnets I've configured arent part of the compatible vpc (awsx) object. Oh I can probably use ExistingVpcIdArgs and pass it my existing privateSubnetIds/publicSubnetIds.ripe-shampoo-80285
01/14/2022, 10:36 PMripe-shampoo-80285
01/14/2022, 10:36 PMripe-shampoo-80285
01/14/2022, 11:18 PMripe-shampoo-80285
01/14/2022, 11:18 PMripe-shampoo-80285
01/14/2022, 11:30 PMswift-ambulance-7102
01/15/2022, 8:59 PMstale-king-21470
01/16/2022, 5:41 PM#5 29.97 Collecting pip
#5 30.17 Downloading <https://files.pythonhosted.org/packages/da/f6/c83229dcc3635cdeb51874184241a9508ada15d8baa337a41093fab58011/pip-21.3.1.tar.gz> (1.7MB)
#5 30.79 Complete output from command python setup.py egg_info:
#5 30.79 Traceback (most recent call last):
#5 30.79 File "<string>", line 1, in <module>
#5 30.79 File "/tmp/pip-build-hQd70M/pip/setup.py", line 7
#5 30.79 def read(rel_path: str) -> str:
#5 30.79 ^
#5 30.79 SyntaxError: invalid syntax
#5 30.79
#5 30.79 ----------------------------------------
#5 30.82 Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-hQd70M/pip/
#5 31.38 You are using pip version 8.1.1, however version 21.3.1 is available.
#5 31.38 You should consider upgrading via the 'pip install --upgrade pip' command.
#5 ERROR: executor failed running [/bin/sh -c apt-get update && apt-get install python-dev python-pip -y && apt-get clean && pip install --upgrade pip]: exit code: 1
------
> [2/4] RUN apt-get update && apt-get install python-dev python-pip -y && apt-get clean && pip install --upgrade pip:
------
executor failed running [/bin/sh -c apt-get update && apt-get install python-dev python-pip -y && apt-get clean && pip install --upgrade pip]: exit code: 1
My code is identical to the one in the article, Docker is running, I'm on MacOS 12.1.little-cartoon-10569
01/16/2022, 9:30 PMError: invocation of aws:index/getRegion:getRegion returned an error: unable to discover AWS AccessKeyID and/or SecretAccessKey - see <https://pulumi.io/install/aws.html> for details on configuration
nice-pharmacist-5320
01/17/2022, 10:09 AMgreen-daybreak-91402
01/17/2022, 6:48 PMmagnificent-lifeguard-15082
01/18/2022, 10:55 AMvalue: number
is here.incalculable-midnight-8291
01/18/2022, 1:03 PMgreen-daybreak-91402
01/19/2022, 2:42 PMwide-finland-25364
01/20/2022, 7:19 AMpulumi up
, the certs in Secrets kube-system/aws-load-balancer-tls
get replaced. I even tried "keepTLSSecret: true," but no-go.
I see that kubernetes:<http://admissionregistration.k8s.io/v1:MutatingWebhookConfiguration|admissionregistration.k8s.io/v1:MutatingWebhookConfiguration>
and kubernetes:<http://admissionregistration.k8s.io/v1:ValidatingWebhookConfiguration|admissionregistration.k8s.io/v1:ValidatingWebhookConfiguration>
gets updated too. Is there a way to mitigate this? This is the code
// Install AWS Load Balancer Controller via Helm chart
const awslbcontroller = new k8s.helm.v3.Chart("aws-load-balancer-controller", {
chart: "aws-load-balancer-controller",
version: "1.3.3",
namespace: "kube-system",
fetchOpts:{
repo: "<https://aws.github.io/eks-charts>",
},
values: {
clusterName: clusterName,
keepTLSSecret: true,
}
}, {provider: cluster.provider});
brainy-window-77332
01/20/2022, 2:14 PMstale-king-21470
01/20/2022, 8:56 PMhigh-grass-3103
01/21/2022, 12:56 AMexport const infra_public = new awsn.ec2.Subnet('infra_public', {
tags: nativeTags({ ...tags, Name: `infra_pub` }),
cidrBlock: '10.0.0.16/28',
vpcId,
availabilityZone,
mapPublicIpOnLaunch: true,
});
But when I launch an instance:
const nic0 = new aws.ec2.NetworkInterface('nic0', {
subnetId: infra_public.id,
tags,
securityGroups: [sg_ssh.id],
});
const nic1 = new aws.ec2.NetworkInterface('nic1', {
subnetId: infra_private.id,
tags,
securityGroups: [sg_priv.id],
});
const bastion_node = new aws.ec2.Instance('bastion', {
keyName,
tags: { ...tags, Name: `${pulumi.getStack()}-bastion` },
instanceType: aws.ec2.InstanceType.T4g_Nano,
ami: ami.id,
networkInterfaces: [
{
deviceIndex: 0,
networkInterfaceId: nic0.id,
}, {
deviceIndex: 1,
networkInterfaceId: nic1.id,
}
],
creditSpecification: { cpuCredits: 'standard' },
monitoring: true,
availabilityZone,
});
the AWS console reports NO public IPv4 address. Am I missing something?future-window-78560
01/21/2022, 9:28 AMfuture-window-78560
01/21/2022, 12:35 PMbig-potato-91793
01/21/2022, 7:40 PMripe-shampoo-80285
01/22/2022, 11:12 PMripe-shampoo-80285
01/22/2022, 11:12 PMripe-shampoo-80285
01/22/2022, 11:12 PM