https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • d

    damp-book-35965

    03/26/2019, 7:11 PM
    I'm trying to use the rolename which is the cluster.instanceRole of an EKS cluster which is of type OutputInstance<Role>..is it very misleading that when i do:
    cluster.instanceRole.apply(role => role.arn)
    This fails as empty or undefined in case of console.log(role.arn) It shows me all the aws.iam.Role properties fields but none of them exist other than the role itself which is actually a string. So I'm wondering If it's wrongly characterized and just should be a string ?
  • d

    damp-book-35965

    03/26/2019, 7:12 PM
    Figured it out when I did :
    clusterInstanceRole.apply(role =>
        console.log(role)
    );
  • d

    damp-book-35965

    03/26/2019, 7:38 PM
    FYI: https://github.com/pulumi/pulumi-eks/issues/83
  • f

    full-dress-10026

    03/26/2019, 7:52 PM
    I seem to be running into this failure a lot:
    error: Plan apply failed: [WARN] A duplicate Security Group rule was found on (sg-002c2846717345a56). This may be
        a side effect of a now-fixed Terraform issue causing two security groups with
        identical attributes but different source_security_group_ids to overwrite each
        other in the state. See <https://github.com/hashicorp/terraform/pull/2376> for more
        information and instructions for recovery. Error message: the specified rule "peer: 0.0.0.0/0, TCP, from port: 8880, to port: 8880, ALLOW" already exists
    It has something to do with
    awsx.elasticloadbalancingv2.ApplicationLoadBalancer
    , passing in
    securityGroups
    , and changing said security groups.
    s
    b
    • 3
    • 9
  • o

    orange-tailor-85423

    03/26/2019, 9:24 PM
    any one-liner pulumi commands that will give me just the stack name?
  • o

    orange-tailor-85423

    03/26/2019, 9:24 PM
    not all the output, resources etc … just stack name
    i
    • 2
    • 1
  • o

    orange-tailor-85423

    03/26/2019, 9:25 PM
    I’m not good with grep etc. but it comes out in columns etc so not sure
  • i

    incalculable-sundown-82514

    03/26/2019, 9:27 PM
    If you’re OK with `jq`…
    ▶ p stack ls --json | jq '.[] | select(.current == true) | .name'
    "webs"
    👍 1
    c
    • 2
    • 1
  • o

    orange-tailor-85423

    03/26/2019, 9:30 PM
    ok nice - sorry, missed the json output option
  • i

    incalculable-sundown-82514

    03/26/2019, 9:31 PM
    no worries! 🙂
  • i

    incalculable-sundown-82514

    03/26/2019, 9:34 PM
    i love JQ, it’s great.
    👍 2
  • o

    orange-tailor-85423

    03/26/2019, 9:38 PM
    I want to make a little powerlevel9k snippet so I can see what stack I’m operating on at my prompt
    💯 1
  • o

    orange-tailor-85423

    03/26/2019, 11:31 PM
    -.sh
    💯 2
    ❤️ 2
  • b

    brainy-psychiatrist-41826

    03/27/2019, 1:23 AM
    im trying to use pulumi while also following along to this gke tutorial (https://cloud.google.com/kubernetes-engine/docs/tutorials/connect-to-cloud-pubsub-via-service-broker), which relies on a service catalog. I see a service catalog for aws (https://pulumi.io/reference/pkg/python/pulumi_aws/servicecatalog/), but im not sure if that'd work for this tutorial from google
    c
    w
    • 3
    • 4
  • b

    busy-pizza-73563

    03/27/2019, 11:29 AM
    Any idea whether these warnings are expected?
    Diagnostics:
      pulumi:pulumi:Stack (aws-infra-aws-infra-dev):
        Method handler checkConfig for /pulumirpc.ResourceProvider/CheckConfig expected but not provided
        Method handler diffConfig for /pulumirpc.ResourceProvider/DiffConfig expected but not provided
    Everything's working fine, they're just a bit annoying. 🙂
    b
    • 2
    • 2
  • b

    busy-pizza-73563

    03/27/2019, 11:53 AM
    Also, shouldn't
    k8s.Provider
    have a
    kubeconfig
    field? I'm now forced to do
    const cluster = new eks.Cluster('cluster', { ... });
    export const kubeconfig = (<any>cluster.provider).kubeconfig;
  • b

    billions-lock-73409

    03/27/2019, 3:51 PM
    Any way to get the URI for a ECR image if it was created with
    awsx.ecs.Image.fromDockerBuild
    ?
    l
    • 2
    • 16
  • f

    faint-vegetable-61837

    03/27/2019, 5:14 PM
    Just wondering if Helm resource honours "helm.sh" helm hooks annotations, like "crd-install" to install crds before any other resources in the chart?
  • c

    creamy-potato-29402

    03/27/2019, 5:15 PM
    it uses helm template. so mostly yes.
  • f

    faint-vegetable-61837

    03/27/2019, 5:20 PM
    My understanding that besides generating templates, helm will wait until resource with helm.sh/hook: crd-install" annotations are successfully created before creating other resources, eg it defines implicit dependency:
    Hooks allow you, the chart developer, an opportunity to perform operations at strategic points in a release lifecycle
    This is done on Tiller - is pulumi doing the same?
  • c

    creamy-potato-29402

    03/27/2019, 5:22 PM
    helm kind of does this but it's almost unusably immature. I'm on phone but I can link to docs in a bit. we do something stupider, but more effective: we retry cr creates when they fail to give operators time to create crds.
  • f

    faint-vegetable-61837

    03/27/2019, 5:23 PM
    Do you retry deletes as well? I noticed that CRD deletion fails quite often
  • c

    creamy-potato-29402

    03/27/2019, 5:24 PM
    we've tested this on many thorny helm charts and at this point the sorts of bugs we encounter are basically all with charts themselves.
  • c

    creamy-potato-29402

    03/27/2019, 5:25 PM
    I believe we do. but most of the time crd deletes fail it's a bug in the chart.
  • c

    creamy-potato-29402

    03/27/2019, 5:25 PM
    eg the chart does not attempt to clean up. Prometheus operator is a good example.
  • c

    creamy-potato-29402

    03/27/2019, 5:31 PM
    if you have a counterexample I'd be happy to take a look
  • b

    busy-pizza-73563

    03/27/2019, 5:34 PM
    AWS noob here, is there a way to pin resources in a sub-zone? E.g. if I have
    aws:region
    set to
    eu-central-1
    , how can I pin resources to
    eu-central-1b
    , specifically?
  • s

    stocky-spoon-28903

    03/27/2019, 5:35 PM
    @bored-dusk-76298 That depends on the resource.
  • s

    stocky-spoon-28903

    03/27/2019, 5:36 PM
    Many are not zone or region specific - things like IAM policies. The primary way you constrain things to individual AZs is via placement into subnets which are in those AZs
  • b

    busy-pizza-73563

    03/27/2019, 5:37 PM
    I'm doing
    const cluster = new eks.Cluster('cluster', {
      skipDefaultNodeGroup: true,
      ...
    });
    cluster.createNodeGroup('worker', {
    ...
    });
Powered by Linen
Title
b

busy-pizza-73563

03/27/2019, 5:37 PM
I'm doing
const cluster = new eks.Cluster('cluster', {
  skipDefaultNodeGroup: true,
  ...
});
cluster.createNodeGroup('worker', {
...
});
View count: 1