pulumi-community #general

general

polite-zoo-73142

05/16/2019, 7:36 PM

Hello there, just discovered Pulumi as well and loving it. To follow up with the last question about setting up a microservice with the function code living on a separate file - is it possible to have that file be a git branch? In other words, how can I set up a Lambda function with code that lives on a specified branch of a GitHub repo?

full-dress-10026

05/16/2019, 7:52 PM

Are there any examples on using Azure's App Service to deploy a Docker container? i.e. https://docs.microsoft.com/en-us/azure/app-service/containers/tutorial-custom-docker-image. I'm finding it quite difficult to map the instructions in the Azure docs to what I'd write in Pulumi.

colossal-room-15708

05/16/2019, 8:14 PM

Is there any write-up available comparing AWS CDK to pulumi?

cool-kite-89497

05/16/2019, 9:34 PM

What's the status on resource importing? I've got some Cloudflare resources that I'd like to get into a stack without going down for a bit and cleaning the slate before up'ing the stack.

important-leather-28796

05/16/2019, 11:08 PM

I’ve got a production problem with rolling deployments. Our version of

api

failed to deploy (never ready), but

web

which

dependsOn: [api]

continued, and in fact it seems the pulumi command did not error in any way.

prehistoric-kangaroo-30397

05/16/2019, 11:19 PM

Hey guys giving pulumi a go today - does anyone know if the brew package is going to be upgraded anytime soon? it installs 0.17.11 by default and it doesnt appear 0.17.12 is an option. am i ok to manually update to 0.17.12

quick-action-34599

05/17/2019, 2:35 AM

Is there a way to programmatically kick of a pulumi update rather than from the command line?

creamy-jelly-91590

05/17/2019, 11:19 AM

I am trying to use a

Output<string>

as a

kubeconfig

for the

k8s.Provider

and I am getting this. If I instead

pulumi stack output --show-secrets kubeconfig | pbcopy

and then paste it in as a string literal in my TS code, then it works.

creamy-jelly-91590

05/17/2019, 11:23 AM

export const kubeconfig = pulumi.secret(
  pulumi
    .all([cluster.name, cluster.endpoint, cluster.masterAuth, config.project])
    .apply(([clusterName, clusterEndpoint, clusterAuth, project]) =>
      createKubeconfig({
        project,
        region,
        clusterCaCertificate: clusterAuth.clusterCaCertificate,
        clusterEndpoint: clusterEndpoint,
        clusterName: clusterName
      })
    )
);

const k8sProvider = new k8s.Provider(name, {
  kubeconfig
});

export function createKubeconfig(ctx: {
  project: string;
  region: string;
  clusterName: string;
  clusterEndpoint: string;
  clusterCaCertificate: string;
}) {
  const context = `${ctx.project}_${ctx.region}_${ctx.clusterName}`;

  return `apiVersion: v1
clusters:
- name: ${context}
  cluster:
    certificate-authority-data: ${ctx.clusterCaCertificate}
    server: https://${ctx.clusterEndpoint}
contexts:
- name: ${context}
  context:
    cluster: ${context}
    user: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      name: gcp
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
`;
}

busy-air-16359

05/17/2019, 12:30 PM

I’m trying to create an EKS cluster with private endpoints, but I’m not finding any information how to configure that. Has anybody succeeded with that?

busy-air-16359

05/17/2019, 12:33 PM

I found

aws.eks.Cluster

which lets me configure

endpointPrivateAccess

and

endpointPublicAccess

but it seems to be a low level API and I’m not finding anyone using it

few-dog-41530

05/17/2019, 1:32 PM

Hello! I’d like to know if there is a comprehensive example for deploying a multi repository / multi tech stack application portfolio to a single cloud provider leveraging multiple cloud native technologies and services

orange-tailor-85423

05/17/2019, 3:05 PM

anybody else tried the

--secrets-provider string

flag? I’m failing to find documentation on that the valid options are for this. The release notes mention pluggable encryption is now a thing but I’m failing at finding an example other than setting a passphrase.

billowy-garage-68819

05/17/2019, 3:36 PM

may need to bump up default timeouts on gke node pools, I keep getting timed out on waiting on resource delete

early-musician-41645

05/17/2019, 5:15 PM

Is there a Pulumi provider for Octopus Deploy? A way to manage octopus via Pulumi? The terraform provider is officially supported, but looks like it's still alpha-ish: https://github.com/OctopusDeploy/terraform-provider-octopusdeploy

important-leather-28796

05/17/2019, 6:31 PM

Trying to update cert-manager to 0.7.2 from the raw yml from 0.7.0, has anyone else encountered:

Diagnostics:
  kubernetes:<http://apiextensions.k8s.io:CustomResourceDefinition|apiextensions.k8s.io:CustomResourceDefinition> (<http://certificates.certmanager.k8s.io|certificates.certmanager.k8s.io>):
    error: Plan apply failed: 1 error occurred:
        * expected kind, but got map
 
  kubernetes:<http://apiextensions.k8s.io:CustomResourceDefinition|apiextensions.k8s.io:CustomResourceDefinition> (<http://clusterissuers.certmanager.k8s.io|clusterissuers.certmanager.k8s.io>):
    error: Plan apply failed: 1 error occurred:
        * expected kind, but got map
 
  kubernetes:<http://apiextensions.k8s.io:CustomResourceDefinition|apiextensions.k8s.io:CustomResourceDefinition> (<http://issuers.certmanager.k8s.io|issuers.certmanager.k8s.io>):
    error: Plan apply failed: 1 error occurred:
        * expected kind, but got map

https://raw.githubusercontent.com/jetstack/cert-manager/release-0.7/deploy/manifests/cert-manager.yaml

faint-vegetable-61837

05/17/2019, 7:13 PM

Hi, how can I move a stack with secrets from Pulumi backend to a local backend (s3). I am getting

could not import deployment: unknown secrets provider type

faint-vegetable-61837

05/17/2019, 7:34 PM

Also, is there any way to view secret output values? Running

pulumi stack output --show-secrets

Still shows an encrypted value

full-dress-10026

05/17/2019, 7:36 PM

Can you create a Container Registry in GCP using Pulumi? I can't seem to find a resource that will do that.

white-balloon-205

05/17/2019, 11:04 PM

FYI https://pulumi-community.slack.com/archives/CB36DSVSA/p1558133992018000

🔒 1

👏 1

little-garage-43399

05/18/2019, 3:27 PM

Hi guys! I want to get the outputs for a stack from an HTTP API, not using the command line (running in serverless/node js app), is there any way supported?

colossal-room-15708

05/19/2019, 5:41 AM

Error messages like this that reference Terraform are still strange to see. Also, I created the app service plan via pulumi, made a change that should've caused a replace. Why didn't it destroy the resource and replace with a new one, but instead throw this strange error?

creamy-jelly-91590

05/19/2019, 10:29 AM

Does Pulumi have a Vault Provider?

creamy-jelly-91590

05/19/2019, 11:40 AM

While this was probably not a good idea, the fact that it works is pretty cool 😂 Sets up a GCP Target Pool with the instances from the created GKE Node Pool:

const target = new gcp.compute.TargetPool("node-pool-target", {
  sessionAffinity: "CLIENT_IP",
  project,
  region: location,
  instances: defaultNodePool.instanceGroupUrls
    .apply(groups =>
      groups.map(group => {
        const splat = group.split("/");
        const idxZones = splat.indexOf("zones");
        const zone = splat[idxZones + 1];
        const groupId = splat[idxZones + 3];
        return { group: groupId, zone };
      })
    )
    .apply(groups =>
      Promise.all(
        groups.map(group =>
          gcp.compute
            .getInstanceGroup({ project, name: group.group, zone: group.zone })
            .then(r => r.instances)
        )
      ).then(flatten)
    )
});

creamy-jelly-91590

05/19/2019, 11:42 AM

I think it's probably a bad idea because by using explicit instance IDs, if an instance is trashed and a new one spun up outside of Pulumi, it probably wouldn't be updated

creamy-jelly-91590

05/19/2019, 12:01 PM

Is it possible to set a `gcp.container.NodePool`s

named ports

? For this: https://cloud.google.com/load-balancing/docs/backend-service#named_ports

creamy-jelly-91590

05/19/2019, 12:03 PM

Basically I am trying to manage a Global HTTP(S) LB instead of having GKE do it, because I'd like to have a single IP that routes to multiple clusters

creamy-jelly-91590

05/19/2019, 12:39 PM

^ Used the GCloud Node SDK to do it.

average-dream-51210

05/19/2019, 7:33 PM

Hey i'm evaluating whether to use the Python SDK or Javascript SDK

average-dream-51210

05/19/2019, 7:33 PM

Which one has better support?

Title

average-dream-51210

05/19/2019, 7:33 PM

Which one has better support?

big-piano-35669

05/19/2019, 9:03 PM

The language SDKs themselves are roughly on par with one another (with a handful of exceptions that we're actively working to address). As you note, however, the packages are where the biggest differences remain. https://github.com/pulumi/pulumi/issues/2430 is on our backlog. The goal here is to enable cross-language package sharing. Until then, I'd recommend erring on the side of the Node.js SDK if you want to leverage libraries like AWSX.

View count: 1