better-rainbow-14549
03/11/2019, 4:42 PMbusy-pizza-73563
03/11/2019, 5:20 PMPromise<void>
(i.e. it doesn't return anything, it only waits for a condition), other than doing something like
new k8s.some.v1.Resource(name, {
metadata: {
annotations: {
someDummyAnnotation: waitForCondition() // should return Promise<string>
}
}
});
?tall-librarian-49374
03/11/2019, 5:37 PMstocky-spoon-28903
03/11/2019, 5:39 PMwhite-balloon-205
important-leather-28796
03/11/2019, 6:33 PM<http://clusterroles.rbac.authorization.k8s.io|clusterroles.rbac.authorization.k8s.io> is forbidden: User "<mailto:ci-app@xxx.iam.gserviceaccount.com|ci-app@xxx.iam.gserviceaccount.com>" cannot create resource "clusterroles" in API group "<http://rbac.authorization.k8s.io|rbac.authorization.k8s.io>" at the cluster scope
I assume I have to run the equivalent of:
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin --user [USER_ACCOUNT]
But isn’t that the same as just granting gcp roles/container.clusterAdmin
?
Here’s a gist of the current setup: https://gist.github.com/rosskevin/e80dabe6347fa34c179b3885e4f4a3a0
I’m a bit confused as to the right thing to do here and keep with the minimal permissions for the service account.millions-judge-24978
03/11/2019, 6:43 PMerror: could not load plugin for aws provider
when trying to do a pulumi preview
.important-leather-28796
03/11/2019, 6:49 PMkubectl label namespace <deployment-namespace> <http://certmanager.k8s.io/disable-validation=%22true%22|certmanager.k8s.io/disable-validation="true">
How can I add I mutate the namespace labels from my pulumi code?important-leather-28796
03/11/2019, 9:15 PMdependsOn
mechanism, it seems like it is not being respected by a helm chart that is the child of my Component
. Details inside ->kind-ambulance-33034
03/11/2019, 9:54 PMorange-tailor-85423
03/11/2019, 10:22 PMimportant-leather-28796
03/11/2019, 11:07 PMCalling [toString] on an [Output<T>] is not supported
in my transformer. The transformer is shared code and may be used with a namespace instance or string. What have I messed up here:
/**
* May be needed to get helm to behave.
*
* Usage: `transformations: [createTransformAddNamespace(namespace)]`
*
* @see <https://github.com/pulumi/pulumi-kubernetes/issues/217#issuecomment-459105809>
* @see <https://github.com/pulumi/pulumi-kubernetes/issues/415#issuecomment-469118560>
*/
export function createTransformAddNamespace(
namespaceStringOrResource: string | k8s.core.v1.Namespace,
) {
return <T extends { metadata?: Input<meta.v1.ObjectMeta> }>(o: T) => {
let namespace: Input<string>
if (typeof namespaceStringOrResource === 'string') {
namespace = namespaceStringOrResource
} else {
namespace = namespaceStringOrResource.metadata.name.apply(v => v)
}
if (o) {
if (o.metadata !== undefined) {
o.metadata['namespace'] = namespace
} else {
o.metadata = { namespace: namespace }
}
}
}
}
full-dress-10026
03/11/2019, 11:10 PMpulumi.all
several different items. When I add more than 8 items to my pulumi.all
, I get a Typescript error about numbers not being assignable to strings. Looking at the source for pulumi.all
, I see signatures for calls with up to 8 types. I tried switching to a map format as well but it has the same problem. How can you create a single Output object from more than 8 Input objects given Input Objects having varying types?full-dress-10026
03/12/2019, 1:41 AMpulumi up
, I get this failure output:
* Timeout occurred for 'app-ions'
* [MinimumReplicasUnavailable] Deployment does not have minimum availability.
* Minimum number of live Pods was not attained
* 2 Pods failed to run because: [ImagePullBackOff] Back-off pulling image "<http://734247230719.dkr.ecr.us-west-2.amazonaws.com/my-image:my-tag|734247230719.dkr.ecr.us-west-2.amazonaws.com/my-image:my-tag>"
Does Pulumi k8s work with ECR?cuddly-lizard-88530
03/12/2019, 2:11 AMflaky-cricket-26098
03/12/2019, 8:35 AMbetter-rainbow-14549
03/12/2019, 4:21 PMincalculable-sundown-82514
03/12/2019, 5:27 PMable-zoo-58396
03/12/2019, 9:30 PMcloud-aws:ecsAutoClusterPublicKey
to the value from my ~/.ssh/id_rsa.pub
file
And then my container deploys like this:
new cloud.Service("container", {
containers: {
api: {
build: ".",
memory: 1638,
cpu: 716,
ports: [{
port: 443,
targetPort: 3333,
protocol: 'https'
}]
},
}
});
This successfully launched my container, and the web interface is running correctly, but when I try to SSH into the instance, I get ssh: connect to XXXXX port 22: Connection refused
important-leather-28796
03/12/2019, 10:51 PMConfigFile
with the published manifests, and optionally using a transformation
. I had assumed the helm approach to be easier - but surprised to find it the other way around. If anyone has issues with those two components, let me know. I put in quite a bit of time learning the ins-and-outs of pulumi with them and getting them running properly, which actually ended up being quite easy in hindsight. My new approach to anything will be to look at the component and manifests first, then go from there.early-musician-41645
03/12/2019, 11:55 PM@pulumi/eks
package?
The code currently uses new eks.Cluster
but that only creates a single node group. We need to define some more node groups to add in to the cluster for differently-sized instances/node types, and with different sets of node annotations (i.e. for taints/tolerations)flaky-cricket-26098
03/13/2019, 9:11 AMorange-tailor-85423
03/13/2019, 4:18 PMorange-tailor-85423
03/13/2019, 4:18 PMorange-tailor-85423
03/13/2019, 4:20 PMorange-tailor-85423
03/13/2019, 4:20 PMstocky-spoon-28903
03/13/2019, 4:21 PMget
first then converting it to a real resource), but the work on importing resources that @microscopic-florist-22719 is doing at the moment is the real way to do thisstocky-spoon-28903
03/13/2019, 4:21 PMgcloud
command - it’s not like it’s a repeatable thing you want codifiedorange-tailor-85423
03/13/2019, 4:21 PMorange-tailor-85423
03/13/2019, 4:22 PM