https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • b

    better-rainbow-14549

    05/01/2019, 2:22 PM
    also, on 0.17.8:
    An error occurred: unknown flag: --json
    WARNING: Pulumi Preview failed.
  • b

    better-rainbow-14549

    05/01/2019, 2:23 PM
    yet it's in the changelog https://github.com/pulumi/pulumi/blob/master/CHANGELOG.md#0178-released-april-23-2019
    w
    • 2
    • 1
  • o

    orange-tailor-85423

    05/01/2019, 6:13 PM
    pulumi RBAC - I just set it up so base access is READ by default and only our CI/CD account has WRITE
  • o

    orange-tailor-85423

    05/01/2019, 6:13 PM
    but it just let me modify a stack BUT it did not let my coworker
  • o

    orange-tailor-85423

    05/01/2019, 6:14 PM
    because I’m an Admin in the slack org is it inferring/granting me something I can’t see?
    w
    c
    c
    • 4
    • 14
  • d

    damp-book-35965

    05/01/2019, 8:04 PM
    Are there any docs/examples of how
    ignoreChanges
    works ?
    w
    • 2
    • 2
  • s

    strong-belgium-23055

    05/01/2019, 8:09 PM
    Hi, in a project I made changes to less than 20 lambda that are handling http requests from cloud-aws API. The pulumi update command I started took almost 30 minutes, and one other I did earlier took ~45 min (but had more changed attached). A pulumi up with no changes took 1 minute. Do you know if there is a reason for that to take to so much time, or do you think the reason is on my end ? I never had this issue before on this project. (pulumi v0.17.8 and node.js v12.1.0)
    w
    • 2
    • 5
  • e

    early-musician-41645

    05/01/2019, 9:44 PM
    I ran
    refresh
    on an AWS stack and was logged into the wrong account. For some reason I said "yes, delete all those things from my state" before realizing the mistake. Is there a way to recover a previous state, e.g. from yesterday or from before the last refresh?
    g
    g
    • 3
    • 3
  • f

    fierce-dinner-20116

    05/01/2019, 10:29 PM
    Has anyone successfully deployed
    v.0.7.2
    of
    cert-manager
    via Pulumi https://github.com/jetstack/cert-manager/releases/tag/v0.7.2 ? (I’m trying to deploy 0.7.2, but I’ve seen this issue with
    v.0.7.0
    ). Whenever I run
    pulumi up
    with the
    certManager
    k8s.yaml.ConfigGroup
    , I get this error:
    kubernetes:apiregistration:APIService (<http://v1beta1.admission.certmanager.k8s.io|v1beta1.admission.certmanager.k8s.io>):
        error: failed to determine if the following GVK is namespaced: apiregistration/v1beta1, Kind=APIService
    kubectl apply --dry-run -f cert-manager.yaml
    doesn’t complain at all.
    g
    p
    • 3
    • 4
  • d

    dry-garden-50738

    05/02/2019, 6:47 AM
    Hi all! I came across an issue with lambda permissions yesterday. Made a PR to
    awsx
    https://github.com/pulumi/pulumi-awsx/pull/262 🙂 do I have to sign a CLM or anything to get it merged?
    t
    l
    • 3
    • 4
  • c

    cold-coat-35200

    05/02/2019, 1:13 PM
    Hi, I'm creating an ec2 instance, then an ebs volume and a volume attachment, which looks like:
    new aws.ec2.VolumeAttachment(`wordpress-content-attachment`, {
        instanceId: ec2Instance.id,
        volumeId: dataVolume.id,
        deviceName: '/dev/xvdc',
        forceDetach: true
      })
    When something changed in the instance, it will trigger a volume attachment replace too. You can see in the code sample how it's handled by pulumi, nothing changed in the code between the commands. Basically first it's say that volume in use, looks like it ignores forceDetach, then the second time realizes, that it's detached from the previous one, therefore unable to detach it and after a refresh everything is good. Is it normal?
    -.sh
    w
    • 2
    • 7
  • g

    gorgeous-egg-16927

    05/02/2019, 5:06 PM
    Kudos to @fierce-dinner-20116 for putting together such an excellent bug report! https://github.com/pulumi/pulumi-kubernetes/issues/553#issue-439375032 Having a full reproduction ready to go makes tracking down the cause so much faster. 🐛 🔨
    💯 4
    😛artypus-8bit: 6
  • p

    powerful-london-34081

    05/02/2019, 5:27 PM
    @gorgeous-egg-16927 and to you for a swift fix 🙂 I thought that fix would alleviate my issue as well, but I was wrong. Basically getting the same error message, but perhaps due to namespace/other transformations I have to do due to missing helm capabilities. Should I create a new issue or do you know of an existing one it makes sense to tag onto?
    g
    • 2
    • 6
  • m

    magnificent-businessperson-11122

    05/02/2019, 8:22 PM
    Is there existing support for AWS amplify in pulumi?
    w
    • 2
    • 2
  • i

    icy-dress-83371

    05/02/2019, 9:27 PM
    Anyone else having issues with the new remote backends? It is probably just me, but I am trying to use an S3 bucket and getting issues:
    could not create stack: An IO error occurred during the current operation: blob (code=Unknown): MissingRegion: could not find region configuration
    h
    • 2
    • 5
  • g

    gray-elephant-37695

    05/03/2019, 6:26 AM
    I just noticed some interesting behavior around PolicyAttachment. It feels a little unexpected to me but maybe it's a misunderstanding on my part. I have an Administrator group in my AWS account with the admin policy attached to it. I wrote some Pulumi code to attach the admin policy to a role I created - in doing so I did not specify the existing group in the attachment - my expectation was there could be multiple attachments for a single policy - but it looks as though it behaves as though there is a single attachment resource for a policy and within that resource all the roles, groups, and users that you want linked to the policy must be specified. What happened is after deploying the Pulumi specified infra, my admin policy was removed from my Admin group and applied to the role. So it seems using attachments can have side effects on resources not created by Pulumi...?
    • 1
    • 1
  • d

    dry-garden-50738

    05/03/2019, 3:31 PM
    hi all, has anybody found a good workflow for local development of http lambda functions? Similar to what
    serverless-offline
    offers?
    q
    • 2
    • 1
  • d

    dry-garden-50738

    05/03/2019, 3:31 PM
    ^ before I go down the path of writing my own.
  • q

    quick-action-34599

    05/03/2019, 3:48 PM
    Similarly, does anyone have a good way of speeding up deployment of lambda code changes? Right now I’m sitting at ~35 seconds
    g
    • 2
    • 3
  • q

    quick-action-34599

    05/03/2019, 3:48 PM
    I can’t remember what apex/up or serverless were
  • m

    millions-judge-24978

    05/03/2019, 6:35 PM
    Is there a way (for CI) to get the CLI to output the nice pretty graph output, but without running in interactive mode? In other words, just print out the nice output at the end state of running.
    f
    w
    • 3
    • 7
  • f

    fierce-dinner-20116

    05/03/2019, 9:09 PM
    I don’t know typescript super well, but is there a way to avoid having to do all these null checks when making changes to k8s yaml files via pulumi: https://pulumi.io/quickstart/aws/tutorial-eks.html#running-off-the-shelf-guestbook-yaml ? I still write k8s yaml for most things because we ship that yaml for our users to run (and other tooling is able to injest yaml), but I’d like to be able to “sprinkle” in things like secrets / env vars via pulumi. For instance in that example, there is a section where they’re changing the type of a service to a Loadbalancer:
    // Make the 'frontend' Service public by setting it to be of type
                    // LoadBalancer
                    if (obj.kind == "Service" && obj.metadata.name == "frontend") {
                        if (obj.spec) {
                            obj.spec.type = "LoadBalancer"
                        }
                    }
    Is there a way to just tell the compiler that
    obj
    is a k8s
    Service
    , and just assign obj.spec.type=Loadbalancer directly without needing to check to see if
    spec
    is a field on
    obj
    at all?
    w
    • 2
    • 7
  • q

    quick-action-34599

    05/03/2019, 10:19 PM
    I have a gcloud function that needs to call an aws lambda
  • q

    quick-action-34599

    05/03/2019, 10:20 PM
    What’s the correct way to use the dynamic endpoint output from the lambda when creating the gcloud function (which right now is a pub/sub topic onMessagePublished handler).
  • q

    quick-action-34599

    05/03/2019, 10:20 PM
    I am doing it by using endpointString.apply(…) and sometimes it gets created, sometimes it gets deleted
    w
    • 2
    • 19
  • s

    shy-army-45455

    05/04/2019, 7:41 AM
    Any way to helm init from within Pulumi? The examples I find all seem to require running helm init manually before pulumi up. Would really to init tiller, etc. on pulumi up.
    c
    • 2
    • 2
  • s

    strong-belgium-23055

    05/04/2019, 12:57 PM
    Hello, I have a stupid question and I’m not sure it is directly linked to Pulumi, but I’m sure you must have faced simiral issues 😄. I have a project with an API created by API from pulumi/cloud-aws. At the beginning everything was fine, I could get Json responses to my call. But now I face CORS issues, so I tried to solve it by adding headers to my all my responses, and returning 204 to every call OPTIONS (It’s not great but I’m just trying to make things work for a small PoC) Now every route seems fine, I don’t have the same issues as before, but all my responses body are Json, base 64 encoded 🙃. Do you know why it that and how could I go back to a state of having Json body as responses ? I always use Response.status().json(myObject) in my controllers The headers I added are the following : ‘Access-Control-Allow-Origin’ -> ‘*’ ‘Access-Control-Allow-Headers’ -> ‘Origin, X-Requested-With, Content-Type, Accept, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Cache-Control, Access-Control-Request-Headers, devToken, email’ ‘Access-Control-Allow-Methods’ -> ‘POST, GET, OPTIONS, PUT, DELETE’
    c
    • 2
    • 2
  • a

    adamant-intern-63433

    05/04/2019, 5:54 PM
    Hi all! I'm having an issue with helm chart module and was wondering if this is a known issue or is there a workaround. Basically, I get
    error: YAMLException: bad indentation of a mapping entry at line 47, column 9:
                    - 1.1.1.1
                    ^
    with the
    values
    config below.
    // `<https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-config>`
    new k8s.helm.v2.Chart("certmanager",
                {
                    ...
                    values: {
                        podDnsPolicy: "None",
                        podDnsConfig: {
                            nameservers: ["1.1.1.1", "8.8.8.8"]
                        }
                    }
                },
                { providers: { kubernetes: this.k8sProvider } });
    This seems to be about underlying yaml parser of the module or I'm trying to set the values in a wrong way and missing something very basic here. Has anyone bumped into anything similar before?
  • o

    orange-policeman-59119

    05/04/2019, 7:13 PM
    @adamant-intern-63433 I suspect that's a problem with the underlying chart. Can you show us the snippet of code where
    .Values.podDnsConfig.nameservers
    is referenced in the chart?
    a
    • 2
    • 17
  • g

    glamorous-printer-14057

    05/05/2019, 3:55 PM
    hey, would love some advice on getting started w/ Pulumi on GCP. Specifically, I’m trying to set up an MVP with GKE + Cloud SQL. Per this https://cloud.google.com/sql/docs/mysql/connect-kubernetes-engine#private-ip I set up a VPC-native GKE cluster, and now I’m trying to get Cloud SQL up and running. I saw https://github.com/pulumi/examples/tree/master/gcp-ts-k8s-ruby-on-rails-postgresql but it exposes Cloud SQL on
    0.0.0.0/0
    which is clearly not production-ready. I also saw instructions here https://pulumi.io/reference/pkg/nodejs/@pulumi/gcp/sql/#private-ip-instance, but this ends up creating a new Cloud SQL VPC separate from
    default
    . Is the best path to do this and then set up VPC peering with my GKE VPC?
Powered by Linen
Title
g

glamorous-printer-14057

05/05/2019, 3:55 PM
hey, would love some advice on getting started w/ Pulumi on GCP. Specifically, I’m trying to set up an MVP with GKE + Cloud SQL. Per this https://cloud.google.com/sql/docs/mysql/connect-kubernetes-engine#private-ip I set up a VPC-native GKE cluster, and now I’m trying to get Cloud SQL up and running. I saw https://github.com/pulumi/examples/tree/master/gcp-ts-k8s-ruby-on-rails-postgresql but it exposes Cloud SQL on
0.0.0.0/0
which is clearly not production-ready. I also saw instructions here https://pulumi.io/reference/pkg/nodejs/@pulumi/gcp/sql/#private-ip-instance, but this ends up creating a new Cloud SQL VPC separate from
default
. Is the best path to do this and then set up VPC peering with my GKE VPC?
View count: 1