https://pulumi.com logo
Powered by
#general
  • i

    important-leather-28796

    05/16/2019, 11:08 PM
    I’ve got a production problem with rolling deployments. Our version of 
    api
    failed to deploy (never ready), but 
    web
    which 
    dependsOn: [api]
    continued, and in fact it seems the pulumi command did not error in any way.
    w
    l
    • 3
    • 96
  • p

    prehistoric-kangaroo-30397

    05/16/2019, 11:19 PM
    Hey guys giving pulumi a go today - does anyone know if the brew package is going to be upgraded anytime soon? it installs 0.17.11 by default and it doesnt appear 0.17.12 is an option. am i ok to manually update to 0.17.12
    w
    • 2
    • 1
  • q

    quick-action-34599

    05/17/2019, 2:35 AM
    Is there a way to programmatically kick of a pulumi update rather than from the command line?
    c
    • 2
    • 3
  • c

    creamy-jelly-91590

    05/17/2019, 11:19 AM
    I am trying to use a 
    Output<string>
    as a 
    kubeconfig
    for the 
    k8s.Provider
    and I am getting this. If I instead 
    pulumi stack output --show-secrets kubeconfig | pbcopy
    and then paste it in as a string literal in my TS code, then it works.
  • c

    creamy-jelly-91590

    05/17/2019, 11:23 AM
    Copy code
    export const kubeconfig = pulumi.secret(
  pulumi
    .all([cluster.name, cluster.endpoint, cluster.masterAuth, config.project])
    .apply(([clusterName, clusterEndpoint, clusterAuth, project]) =>
      createKubeconfig({
        project,
        region,
        clusterCaCertificate: clusterAuth.clusterCaCertificate,
        clusterEndpoint: clusterEndpoint,
        clusterName: clusterName
      })
    )
);

const k8sProvider = new k8s.Provider(name, {
  kubeconfig
});

export function createKubeconfig(ctx: {
  project: string;
  region: string;
  clusterName: string;
  clusterEndpoint: string;
  clusterCaCertificate: string;
}) {
  const context = `${ctx.project}_${ctx.region}_${ctx.clusterName}`;

  return `apiVersion: v1
clusters:
- name: ${context}
  cluster:
    certificate-authority-data: ${ctx.clusterCaCertificate}
    server: https://${ctx.clusterEndpoint}
contexts:
- name: ${context}
  context:
    cluster: ${context}
    user: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      name: gcp
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
`;
}
    c
    • 2
    • 5
  • b

    busy-air-16359

    05/17/2019, 12:30 PM
    I’m trying to create an EKS cluster with private endpoints, but I’m not finding any information how to configure that. Has anybody succeeded with that?
  • b

    busy-air-16359

    05/17/2019, 12:33 PM
    I found 
    aws.eks.Cluster
    which lets me configure 
    endpointPrivateAccess
    and 
    endpointPublicAccess
    but it seems to be a low level API and I’m not finding anyone using it
    r
    w
    • 3
    • 6
  • f

    few-dog-41530

    05/17/2019, 1:32 PM
    Hello! I’d like to know if there is a comprehensive example for deploying a multi repository / multi tech stack application portfolio to a single cloud provider leveraging multiple cloud native technologies and services
  • o

    orange-tailor-85423

    05/17/2019, 3:05 PM
    anybody else tried the 
    --secrets-provider string
    flag? I’m failing to find documentation on that the valid options are for this. The release notes mention pluggable encryption is now a thing but I’m failing at finding an example other than setting a passphrase.
    w
    • 2
    • 2
  • b

    billowy-garage-68819

    05/17/2019, 3:36 PM
    may need to bump up default timeouts on gke node pools, I keep getting timed out on waiting on resource delete
  • e

    early-musician-41645

    05/17/2019, 5:15 PM
    Is there a Pulumi provider for Octopus Deploy? A way to manage octopus via Pulumi? The terraform provider is officially supported, but looks like it's still alpha-ish: https://github.com/OctopusDeploy/terraform-provider-octopusdeploy
    s
    • 2
    • 2
  • i

    important-leather-28796

    05/17/2019, 6:31 PM
    Trying to update cert-manager to 0.7.2 from the raw yml from 0.7.0, has anyone else encountered:
    Copy code
    Diagnostics:
  kubernetes:<http://apiextensions.k8s.io:CustomResourceDefinition|apiextensions.k8s.io:CustomResourceDefinition> (<http://certificates.certmanager.k8s.io|certificates.certmanager.k8s.io>):
    error: Plan apply failed: 1 error occurred:
        * expected kind, but got map
 
  kubernetes:<http://apiextensions.k8s.io:CustomResourceDefinition|apiextensions.k8s.io:CustomResourceDefinition> (<http://clusterissuers.certmanager.k8s.io|clusterissuers.certmanager.k8s.io>):
    error: Plan apply failed: 1 error occurred:
        * expected kind, but got map
 
  kubernetes:<http://apiextensions.k8s.io:CustomResourceDefinition|apiextensions.k8s.io:CustomResourceDefinition> (<http://issuers.certmanager.k8s.io|issuers.certmanager.k8s.io>):
    error: Plan apply failed: 1 error occurred:
        * expected kind, but got map
    https://raw.githubusercontent.com/jetstack/cert-manager/release-0.7/deploy/manifests/cert-manager.yaml
    f
    c
    • 3
    • 4
  • f

    faint-vegetable-61837

    05/17/2019, 7:13 PM
    Hi, how can I move a stack with secrets from Pulumi backend to a local backend (s3). I am getting
    Copy code
    could not import deployment: unknown secrets provider type
    w
    b
    • 3
    • 6
  • f

    faint-vegetable-61837

    05/17/2019, 7:34 PM
    Also, is there any way to view secret output values? Running
    Copy code
    pulumi stack output --show-secrets
    Still shows an encrypted value
    c
    b
    • 3
    • 4
  • f

    full-dress-10026

    05/17/2019, 7:36 PM
    Can you create a Container Registry in GCP using Pulumi? I can't seem to find a resource that will do that.
    b
    w
    • 3
    • 5
  • w

    white-balloon-205

    05/17/2019, 11:04 PM
  • l

    little-garage-43399

    05/18/2019, 3:27 PM
    Hi guys! I want to get the outputs for a stack from an HTTP API, not using the command line (running in serverless/node js app), is there any way supported?
    a
    s
    • 3
    • 9
  • c

    colossal-room-15708

    05/19/2019, 5:41 AM
    Error messages like this that reference Terraform are still strange to see. Also, I created the app service plan via pulumi, made a change that should've caused a replace. Why didn't it destroy the resource and replace with a new one, but instead throw this strange error?
    s
    • 2
    • 6
  • c

    creamy-jelly-91590

    05/19/2019, 10:29 AM
    Does Pulumi have a Vault Provider?
    s
    • 2
    • 13
  • c

    creamy-jelly-91590

    05/19/2019, 11:40 AM
    While this was probably not a good idea, the fact that it works is pretty cool 😂 Sets up a GCP Target Pool with the instances from the created GKE Node Pool:
    Copy code
    const target = new gcp.compute.TargetPool("node-pool-target", {
  sessionAffinity: "CLIENT_IP",
  project,
  region: location,
  instances: defaultNodePool.instanceGroupUrls
    .apply(groups =>
      groups.map(group => {
        const splat = group.split("/");
        const idxZones = splat.indexOf("zones");
        const zone = splat[idxZones + 1];
        const groupId = splat[idxZones + 3];
        return { group: groupId, zone };
      })
    )
    .apply(groups =>
      Promise.all(
        groups.map(group =>
          gcp.compute
            .getInstanceGroup({ project, name: group.group, zone: group.zone })
            .then(r => r.instances)
        )
      ).then(flatten)
    )
});
  • c

    creamy-jelly-91590

    05/19/2019, 11:42 AM
    I think it's probably a bad idea because by using explicit instance IDs, if an instance is trashed and a new one spun up outside of Pulumi, it probably wouldn't be updated
    s
    • 2
    • 4
  • c

    creamy-jelly-91590

    05/19/2019, 12:01 PM
    Is it possible to set a `gcp.container.NodePool`s 
    named ports
    ? For this: https://cloud.google.com/load-balancing/docs/backend-service#named_ports
  • c

    creamy-jelly-91590

    05/19/2019, 12:03 PM
    Basically I am trying to manage a Global HTTP(S) LB instead of having GKE do it, because I'd like to have a single IP that routes to multiple clusters
  • c

    creamy-jelly-91590

    05/19/2019, 12:39 PM
    ^ Used the GCloud Node SDK to do it.
  • a

    average-dream-51210

    05/19/2019, 7:33 PM
    Hey i'm evaluating whether to use the Python SDK or Javascript SDK
  • a

    average-dream-51210

    05/19/2019, 7:33 PM
    Which one has better support?
    b
    • 2
    • 1
  • a

    average-dream-51210

    05/19/2019, 7:33 PM
    I see an AWSX library for Javascript but none for Python
  • a

    average-dream-51210

    05/19/2019, 7:51 PM
    Hm, if the team is transitioning from managing AWS by hand, to Pulumi, what if we had some infrastructure on Pulumi, and then some configs were messed around with in the AWS GUI Console, is there a way to sync up what was changed in the AWS GUI to Pulumi code?
    w
    • 2
    • 4
  • a

    average-dream-51210

    05/19/2019, 8:03 PM
    Hm with the awsx cloud api thing, is there a way to reference a folder to bundle up for a lambda upload? We have Python Lambdas and if we wanted to use javascript we'd have to reference the location of the python lambdas 😮
    b
    • 2
    • 6
  • w

    witty-alarm-17249

    05/20/2019, 10:40 AM
    Hi all
1...148149150...592Latest