https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • b

    bitter-island-28909

    02/01/2019, 4:03 PM
    Is there any way to use Pulumi’s config & secrets-management facility to securely manage and check in files that are a bit too large to comfortably fit in the config itself? I’m thinking of private keys, etc.
    w
    • 2
    • 1
  • e

    early-musician-41645

    02/01/2019, 10:33 PM
    I'm having some difficulties with Pulumi update not being consistent. I have automated tests that run the same code each time but I'm starting to get errors and can only resolve them for about 12 hours before it fails again. Here's the latest such error (not, nothing has changed except for time):
    $ node -v
    v8.14.0
    $ npm -v
    6.4.1
    Any ideas?
  • e

    early-musician-41645

    02/01/2019, 10:33 PM
    -.sh
  • e

    early-musician-41645

    02/01/2019, 10:37 PM
    Latest code change was 17 hours ago and had 2 consecutive test successes over 6 hours, then failures started about 2 hours ago.
    g
    w
    • 3
    • 42
  • e

    early-musician-41645

    02/01/2019, 10:58 PM
    Separate question - is there an example of how to create a k8s ClusterRole?
    g
    • 2
    • 3
  • e

    early-musician-41645

    02/01/2019, 11:23 PM
    I'd like to bootstrap a cluster with a few namespaces. I've configured them, pulumi says they're created, but I verified they are not. What's wrong with this code?
    // Create some namespaces
    for (let name of config.require("dev-namespaces").split(",")) {
      console.log(name);
      let ns = new k8s.core.v1.Namespace("mustang-"+name, {
        metadata: {
          name: name,
          labels: {
            name: name,
          },
        },
      }, {provider: cluster.provider});
    }
    c
    • 2
    • 19
  • i

    important-carpenter-15282

    02/02/2019, 1:57 AM
    Hey Pulumi folks, I'm running into an interesting problem. I've got a k8s cluster that I'm deploying some things to with Pulumi, and the pod has a volume claim for some block storage, provided by Rook/Ceph. The storage is ReadWriteOnce, which is a Rook limitation. Right now, when I update the stack, I'm seeing a new Replica Set created, which I believe is Pulumi-specific behavior--simply editing the deployment would not do this, IIRC. The end result is that the new pod can't create, because it can't get a volume mount--the existing pod isn't torn down first, so it keeps holding the volume. What's the right solution to this? Is there a way for me to tell Pulumi it's OK to tear down the existing pod/replica set?
    w
    • 2
    • 3
  • f

    full-dress-10026

    02/02/2019, 4:23 PM
    Is it possible to use a different AWS profile for a specific stack?
    s
    • 2
    • 8
  • c

    chilly-photographer-60932

    02/02/2019, 5:44 PM
    I am trying to create a global
    waf
    rule in
    aws
    .
    function wafRuleToAllowIpAddress(ipCIDRBlock: string, name: string) {
      const aws_waf_ipset_ipset = new aws.waf.IpSet("ipset", {
        ipSetDescriptors: [
          {
            type: "IPV4",
            value: ipCIDRBlock
          }
        ],
        name: "tfIPSet"
      });
      const aws_waf_rule_wafrule = new aws.waf.Rule(
        "wafrule",
        {
          metricName: "tfWAFRule",
          name: "tfWAFRule",
          predicates: [
            {
              dataId: aws_waf_ipset_ipset.id,
              negated: false,
              type: "IPMatch"
            }
          ]
        },
        { dependsOn: [aws_waf_ipset_ipset] }
      );
    
      return aws_waf_rule_wafrule;
    }
    This is to apply to the
    Cloudfront
    . But the issue is it is creating it in a region and the
    cloudfront
    is global.
    w
    • 2
    • 6
  • t

    tall-librarian-49374

    02/02/2019, 8:42 PM
    Presented a 25-min Pulumi talk at FOSDEM / TypeScript room today. Based on the hallway discussion afterward, I think I got you at least two new trial customers 🙂 One IT-pro working with Terraform and a dev team with TypeScript-based stack, the other coming from AWS-cloudformation background. Good questions and nodding, so I'm satisfied.
    👍 5
    👏 5
    s
    • 2
    • 2
  • b

    brainy-magician-83981

    02/02/2019, 11:10 PM
    Hello, doing a
    brew upgrade pulumi
    ... and I'm getting upgraded to v0.16.12. So the warning error shows up on pulumi commands that v0.16.14 is available for upgrade.
    w
    • 2
    • 4
  • f

    full-dress-10026

    02/03/2019, 1:27 AM
    I've noticed after deploying my app many, many times with Pulumi, I get a huge buildup of Docker images on my computer. Is there an easy way to clean the old ones up with Pulumi?
    g
    • 2
    • 1
  • t

    tall-librarian-49374

    02/04/2019, 5:18 PM
    Hi. I wrote a high-level article about the role of pulumi as I see it, 3k words with pictures and code. Would somebody have time to read it and give me feedback before I publish? I would DM a link to google docs. Thanks!
    👏 4
    g
    a
    +5
    • 8
    • 9
  • h

    helpful-ice-5738

    02/04/2019, 6:32 PM
    Is there a way/plan to have a way to pass arguments that belong to aws.lambda.Function to classes like HttpServer?
    l
    i
    • 3
    • 41
  • e

    early-musician-41645

    02/04/2019, 10:00 PM
    Anyone seen this yet?
    E0204 13:58:59.709463  351850 memcache.go:126] couldn't get current server API group list; will keep using cached value. (Unauthorized)
    g
    c
    i
    • 4
    • 68
  • e

    early-musician-41645

    02/04/2019, 11:02 PM
    I'm currently blocked in using
    pulumi up
    ,
    destroy
    , or
    refresh
    on a stack (as tracked in the thread above ^). Is there a way to force destroy all resources and skip any errors?
    w
    • 2
    • 3
  • e

    early-musician-41645

    02/04/2019, 11:02 PM
    or just disregard errors and continue anyway?
    w
    • 2
    • 1
  • s

    sparse-tiger-67367

    02/04/2019, 11:10 PM
    Hey I'm working with go/aws and having trouble getting an EIP and NATGateway to work together. I have the EIP being created and the NATGateway taking the EIP's AllocationID as a param but pulumi is blowing up saying the AllocaitonID is a missing argument
    w
    • 2
    • 6
  • o

    orange-tailor-85423

    02/04/2019, 11:16 PM
    Google KMS keys and keyrings:
  • o

    orange-tailor-85423

    02/04/2019, 11:16 PM
    -.ts
  • o

    orange-tailor-85423

    02/04/2019, 11:17 PM
    How are y'all managing something like this
  • f

    full-dress-10026

    02/04/2019, 11:45 PM
    Can I use Pulumi to just build and deploy a docker image to ECR - no service attached?
    w
    l
    • 3
    • 10
  • b

    brainy-magician-83981

    02/05/2019, 5:35 AM
    Is there a way to convert pulumi stacks to Terraform? This is just for backup purposes ... as part of the transition migration to pulumi ...
  • s

    stocky-spoon-28903

    02/05/2019, 11:17 AM
    @brainy-magician-83981 the code or the state?
  • s

    stocky-spoon-28903

    02/05/2019, 11:17 AM
    The code you can use tf2pulumi, but I don’t think there’s a good answer for state right now.
  • b

    brainy-magician-83981

    02/05/2019, 4:27 PM
    thanks @stocky-spoon-28903! I'm actually looking for the other way around pulumi -> tf ... it may take to time to fully migrate to pulumi ... so some folks want a way should we encounter problems with pulumi ... to have the backup to tf
  • s

    stocky-spoon-28903

    02/05/2019, 4:29 PM
    Ah, hmm I don’t even think that’s necessarily possible since a pulumi program and terraform config need not use the same naming format.
  • s

    stocky-spoon-28903

    02/05/2019, 4:30 PM
    Is this for a one off “break glass emergency” type thing?
  • b

    brainy-magician-83981

    02/05/2019, 5:16 PM
    It's part of the adoption process ... for example, should my team decide after awhile that pulumi isn't better than terraform ... then they'd like to be able to easily go back to terraform .... tho IMO Pulumi is definitely a better than terraform 🙂
  • s

    stocky-spoon-28903

    02/05/2019, 5:40 PM
    I think to do this effectively, you’d need to ensure the mapping between names is the same for both types of code. You can reconstitute terraform state with import and ID only refresh as a last resort
    b
    • 2
    • 4
Powered by Linen
Title
s

stocky-spoon-28903

02/05/2019, 5:40 PM
I think to do this effectively, you’d need to ensure the mapping between names is the same for both types of code. You can reconstitute terraform state with import and ID only refresh as a last resort
b

brainy-magician-83981

02/05/2019, 9:25 PM
Thanks! Yes, the solution will involve
terraform import
. It probably doesn't exists ... but a script that can read a pulumi export state file and execute the appropriate
terraform import
for all the resources to generate the terraform files. This in theory should work I believe 🙂
s

stocky-spoon-28903

02/05/2019, 11:06 PM
It would work - but will need the name mapping to be useful
b

brainy-magician-83981

02/08/2019, 4:53 PM
thanks @stocky-spoon-28903! Just providing an update here ... my team really likes Pulumi but we're not ready to completely drop Terraform ... as with anything, it takes some to evaluate, experiment, and adopt ... and then transition from the old to the new. So a tool that can translate Pulumi stacks to Terraform files will be very useful 🙂
For example, a workflow I'm trying out is as follows: 1) Develop and test with Pulumi for new projects, and 2) Then, create the equivalent Terraform files when we're ready to deploy into production. The Terraform files are stored in our master github repo for all our infrastructure.
View count: 1