https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • b

    better-rainbow-14549

    03/11/2019, 1:08 PM
    getting
    error: could not load plugin for azure provider 'urn:pulumi:development::development::pulumi:providers:azure::default': failed to locate compatible plugin
  • b

    better-rainbow-14549

    03/11/2019, 1:08 PM
    any ideas please?
    c
    i
    f
    • 4
    • 9
  • b

    better-rainbow-14549

    03/11/2019, 1:27 PM
    works on windows, that error message on linux
  • i

    important-leather-28796

    03/11/2019, 3:18 PM
    With a certmanager installation, we need to install the custom CRDs before running the helm chart. Is there a pulumi-way of doing things here?
    ## IMPORTANT: you MUST install the cert-manager CRDs **before** installing the
    ## cert-manager Helm chart
    $ kubectl apply \
        -f <https://raw.githubusercontent.com/jetstack/cert-manager/release-0.6/deploy/manifests/00-crds.yaml>
    https://github.com/helm/charts/tree/master/stable/cert-manager#installing-the-chart
    b
    c
    c
    • 4
    • 22
  • b

    better-rainbow-14549

    03/11/2019, 4:42 PM
    the kubernetes JobTemplateSpec is weird, it lets you put volumes and volumeMounts in loads of different places. I got them in the wrong ones.
    c
    • 2
    • 1
  • b

    busy-pizza-73563

    03/11/2019, 5:20 PM
    Is there a way for a (kubernetes) resource to depend on a
    Promise<void>
    (i.e. it doesn't return anything, it only waits for a condition), other than doing something like
    new k8s.some.v1.Resource(name, {
      metadata: {
        annotations: {
          someDummyAnnotation: waitForCondition() // should return Promise<string>
        }
      }
    });
    ?
    c
    w
    • 3
    • 9
  • t

    tall-librarian-49374

    03/11/2019, 5:37 PM
    Aloha Pulumi people! I'll be in Seattle (Microsoft campus) next week for the MVP Summit. Is that somewhat reachable from your HQ? Would love to meet IRL for a coffee or whatever.
  • s

    stocky-spoon-28903

    03/11/2019, 5:39 PM
    I’ll also be in Seattle next week!
    🥃 1
  • w

    white-balloon-205

    03/11/2019, 6:11 PM
    @tall-librarian-49374 (and anyone else in town for the Microsoft MVP Summit) - yes - we'd love to meet up while you are here. We're in downtown Seattle - so if you have an afternoon free anytime and are in Seattle - drop me a note and we'll find some time.
    👍 1
  • i

    important-leather-28796

    03/11/2019, 6:33 PM
    I’m trying to setup cert manager and think I’m on my last hurdle. I’m using a restricted gcp service account for app deployments (from kube the prod way) and I’m bumping into:
    <http://clusterroles.rbac.authorization.k8s.io|clusterroles.rbac.authorization.k8s.io> is forbidden: User "<mailto:ci-app@xxx.iam.gserviceaccount.com|ci-app@xxx.iam.gserviceaccount.com>" cannot create resource "clusterroles" in API group "<http://rbac.authorization.k8s.io|rbac.authorization.k8s.io>" at the cluster scope
    I assume I have to run the equivalent of:
    kubectl create clusterrolebinding cluster-admin-binding \
    --clusterrole cluster-admin --user [USER_ACCOUNT]
    But isn’t that the same as just granting gcp
    roles/container.clusterAdmin
    ? Here’s a gist of the current setup: https://gist.github.com/rosskevin/e80dabe6347fa34c179b3885e4f4a3a0 I’m a bit confused as to the right thing to do here and keep with the minimal permissions for the service account.
    c
    b
    m
    • 4
    • 91
  • m

    millions-judge-24978

    03/11/2019, 6:43 PM
    Plugins are installed automatically correct? I am somehow running into an issue running in CI (Jenkins) where I get the error
    error: could not load plugin for aws provider
    when trying to do a
    pulumi preview
    .
    i
    • 2
    • 41
  • i

    important-leather-28796

    03/11/2019, 6:49 PM
    I need to add a label to an existing namespace, the kubectl equivalent:
    kubectl label namespace <deployment-namespace> <http://certmanager.k8s.io/disable-validation=%22true%22|certmanager.k8s.io/disable-validation="true">
    How can I add I mutate the namespace labels from my pulumi code?
    c
    • 2
    • 5
  • i

    important-leather-28796

    03/11/2019, 9:15 PM
    I’ve got some issues with the
    dependsOn
    mechanism, it seems like it is not being respected by a helm chart that is the child of my
    Component
    . Details inside ->
    c
    m
    b
    • 4
    • 43
  • k

    kind-ambulance-33034

    03/11/2019, 9:54 PM
    Hi I was wondering if there is a way to map a port. I have something like this:``` let service = new cloud.Service("MyService", { containers: { Api: { image: "MY_IMAGE", memory: 256, ports: [{ port: 8081 }], }, }, replicas: 1, });``` I am willing to use the port 80 instead of 8081 which is the port exposed by the container.
    c
    l
    • 3
    • 5
  • o

    orange-tailor-85423

    03/11/2019, 10:22 PM
    Any Azure DevOps users? Are you able to see the nicely colorized output of pulumi runs in ADO pipelines?
    c
    • 2
    • 9
  • i

    important-leather-28796

    03/11/2019, 11:07 PM
    Getting dreaded
    Calling [toString] on an [Output<T>] is not supported
    in my transformer. The transformer is shared code and may be used with a namespace instance or string. What have I messed up here:
    /**
     * May be needed to get helm to behave.
     *
     *  Usage: `transformations: [createTransformAddNamespace(namespace)]`
     *
     * @see <https://github.com/pulumi/pulumi-kubernetes/issues/217#issuecomment-459105809>
     * @see <https://github.com/pulumi/pulumi-kubernetes/issues/415#issuecomment-469118560>
     */
    export function createTransformAddNamespace(
      namespaceStringOrResource: string | k8s.core.v1.Namespace,
    ) {
      return <T extends { metadata?: Input<meta.v1.ObjectMeta> }>(o: T) => {
        let namespace: Input<string>
        if (typeof namespaceStringOrResource === 'string') {
          namespace = namespaceStringOrResource
        } else {
          namespace = namespaceStringOrResource.metadata.name.apply(v => v)
        }
    
        if (o) {
          if (o.metadata !== undefined) {
            o.metadata['namespace'] = namespace
          } else {
            o.metadata = { namespace: namespace }
          }
        }
      }
    }
    m
    c
    +2
    • 5
    • 5
  • f

    full-dress-10026

    03/11/2019, 11:10 PM
    I need to
    pulumi.all
    several different items. When I add more than 8 items to my
    pulumi.all
    , I get a Typescript error about numbers not being assignable to strings. Looking at the source for
    pulumi.all
    , I see signatures for calls with up to 8 types. I tried switching to a map format as well but it has the same problem. How can you create a single Output object from more than 8 Input objects given Input Objects having varying types?
    m
    l
    • 3
    • 7
  • f

    full-dress-10026

    03/12/2019, 1:41 AM
    I'm testing out Pulumi with k8s and am running into an issue with using a Docker image from ECR. After running
    pulumi up
    , I get this failure output:
    * Timeout occurred for 'app-ions'
        * [MinimumReplicasUnavailable] Deployment does not have minimum availability.
        * Minimum number of live Pods was not attained
        * 2 Pods failed to run because: [ImagePullBackOff] Back-off pulling image "<http://734247230719.dkr.ecr.us-west-2.amazonaws.com/my-image:my-tag|734247230719.dkr.ecr.us-west-2.amazonaws.com/my-image:my-tag>"
    Does Pulumi k8s work with ECR?
    c
    b
    • 3
    • 11
  • c

    cuddly-lizard-88530

    03/12/2019, 2:11 AM
    How is it recommended to deploy a new cluster? Would you install all helm charts via Pulumi or via CLI and then use Pulumi only for app deployments?
    c
    • 2
    • 2
  • f

    flaky-cricket-26098

    03/12/2019, 8:35 AM
    Hi Community, I am new here. Where would it be most logical to post a job here? Announcements or in general? Or is there a special channel for jobs, that I dont see? We want to automate our multitenant project with Pulumi.
    g
    • 2
    • 1
  • b

    better-rainbow-14549

    03/12/2019, 4:21 PM
    i'm trying to follow this guide but i don't understand how i can remove the built in role assignment against a new service principal. https://docs.cert-manager.io/en/latest/tasks/acme/configuring-dns01/azuredns.html - any ideas?
    • 1
    • 1
  • i

    incalculable-sundown-82514

    03/12/2019, 5:27 PM
    Heads up folks, if anyone is running Pulumi in their CI systems and you see an error containing “failed to locate compatible plugin”, we’re tracking the issue here: https://github.com/pulumi/pulumi-azure/issues/200#issuecomment-472099761. There’s a workaround in this post that you can add to your CI system until Pulumi ships a fix.
    👍 3
    ❤️ 1
  • a

    able-zoo-58396

    03/12/2019, 9:30 PM
    Can anyone here help me with a container issue? I'm trying to setup my container with Pulumi in a way that allows me to SSH into the container once it's launched. I have set
    cloud-aws:ecsAutoClusterPublicKey
    to the value from my
    ~/.ssh/id_rsa.pub
    file And then my container deploys like this:
    new cloud.Service("container", {
      containers: {
        api: {
          build: ".",
          memory: 1638,
          cpu: 716, 
          ports: [{
            port: 443,
            targetPort: 3333,
            protocol: 'https'
          }]
        },
      }
    });
    This successfully launched my container, and the web interface is running correctly, but when I try to SSH into the instance, I get
    ssh: connect to XXXXX port 22: Connection refused
    w
    • 2
    • 2
  • i

    important-leather-28796

    03/12/2019, 10:51 PM
    After struggling with two different helm charts (cert-manager and kubernetes-dashboard), I’m finding that it is far easier to take the approach of using the
    ConfigFile
    with the published manifests, and optionally using a
    transformation
    . I had assumed the helm approach to be easier - but surprised to find it the other way around. If anyone has issues with those two components, let me know. I put in quite a bit of time learning the ins-and-outs of pulumi with them and getting them running properly, which actually ended up being quite easy in hindsight. My new approach to anything will be to look at the component and manifests first, then go from there.
    c
    o
    m
    • 4
    • 53
  • e

    early-musician-41645

    03/12/2019, 11:55 PM
    Hi folks, how do we define multiple node groups for a single EKS cluster? Is there documentation and examples on how to do it with the
    @pulumi/eks
    package? The code currently uses
    new eks.Cluster
    but that only creates a single node group. We need to define some more node groups to add in to the cluster for differently-sized instances/node types, and with different sets of node annotations (i.e. for taints/tolerations)
    w
    • 2
    • 3
  • f

    flaky-cricket-26098

    03/13/2019, 9:11 AM
    Hi everybody! We are looking for DevOps engineer to automate our app deployment and infrastructure with Pulumi. Any takers? Pls see the project description here: https://www.upwork.com/jobs/~0197126531f338aab1
    👍 1
  • o

    orange-tailor-85423

    03/13/2019, 4:18 PM
    Would like to be able to delete the default network in a GCP project. I’m not finding any delete methods exposed. Am I going to need to craft my own API call to do this?
  • o

    orange-tailor-85423

    03/13/2019, 4:18 PM
    https://cloud.google.com/compute/docs/reference/rest/v1/networks/delete
  • o

    orange-tailor-85423

    03/13/2019, 4:20 PM
    we’ve moved to private clusters, bastion host and gateway and our security team wants the default network gone
  • o

    orange-tailor-85423

    03/13/2019, 4:20 PM
    granted we won’t rebuild projects often or ever so removing it once manually is fine I guess but wanted to check
Powered by Linen
Title
o

orange-tailor-85423

03/13/2019, 4:20 PM
granted we won’t rebuild projects often or ever so removing it once manually is fine I guess but wanted to check
View count: 1