pulumi-community #general

Channels

general

powerful-ram-56107

09/18/2019, 3:11 PM

I got yet another

pulumi

question: I want to use GCP beta features (specifically this one: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#Cluster.ConsumptionMeteringConfig). From the documentation and blog posts it seems

pulumi

supports GCP beta features, but the Typescript types in

pulumi/gcp@1.0.0

do not support it. Is it that it's just a bit behind GCP? If yes, how much?

swift-painter-31084

09/18/2019, 6:29 PM

Are there any limits or practical edges as to the size of a stack? I'm looking at combining two stacks into one that would put us at about 160 resources. Who's got the biggest stack? 🙂

chilly-photographer-60932

09/18/2019, 7:13 PM

We would like to use https://docs.aws.amazon.com/eks/latest/userguide/calico.html

cni

along with

eks

using https://github.com/pulumi/pulumi-eks . How can we override the default CNI which gets installed with

pulumi-eks

billowy-laptop-45963

09/18/2019, 9:32 PM

pulumi is telling me incorrect password even tho it's correct. I have no encrypted secrets and just wanna pulumi destroy. Is there a way around this?

worried-city-86458

09/19/2019, 2:49 AM

aws:route53:Record (Dev-Eks-nodeInternalElbDns):
    error: Plan apply failed: AccessDenied: User: <arn> is not authorized to access this resource
        status code: 403, request id: ba3a64a7-d984-4bd7-be97-12624890e903

powerful-ram-56107

09/19/2019, 7:49 AM

Good morning. Yet another question: Is there a way to make

pulumi

"accept" pre-existing objects with the same name/ID as described in the sources into the current stack? I mean similar to

pulumi refresh

, but without the resources being present in the stack already. I imagine a workflow where one does: 1.

pulumi accept

, which writes the objects into the stack as is; strongly suggesting to continue with step 2 afterwards 2.

pulumi up --expect-no-changes

, until the code fits the current stack state again

rhythmic-finland-36256

09/19/2019, 12:36 PM

Question: How to create database specific users when using

azure.sql.SQLServer

and inside of it some `azure.sql.Database`s with pulumi?

fresh-summer-65887

09/19/2019, 3:36 PM

How do I set the GitHub repo url in projects/stacks? Some of my projects have it set and others don't. I sincerely can't find anything in the docs... thx

billowy-laptop-45963

09/19/2019, 5:09 PM

how do you guys work with component repos like pulumi-awsx / pulumi-cloud during development. Currently I'm looking to develop a similar library of reusable components. If I were writing python I would just pip install --editable in order to work in two different projects at the same time with going through some kind of install phase. I'd like to develop the components directly in the component repo as I'm building out the new program testing in a development stack.

incalculable-engineer-92975

09/19/2019, 8:46 PM

I have a task that creates an aws alb. It does this as a "side-effect" of deploying k8s yaml files. So when I do a destroy, the ALB isn't deleted. Is there a way to trigger additional work when a destroy is run?

purple-appointment-43233

09/19/2019, 9:05 PM

hello all, anyone here worked with AWS Lambda and Lambda Layers in Pulumi? I think I have found a bug but would like to run it by someone who has worked with this before.

worried-city-86458

09/20/2019, 12:08 AM

Say I've got a large yaml file / text I don't want to initially convert to pulumi objects. What's the best way to deploy this to k8s as is?

worried-city-86458

09/20/2019, 12:11 AM

Is there an on-ramp to using kubectl? This would be a nice escape hatch where the details of "shell out" using the generated kubeconfig are taken care of.

worried-city-86458

09/20/2019, 12:28 AM

On the other hand, I don't suppose there's a tool that converts k8s yaml to pulumi code? 😛

worried-city-86458

09/20/2019, 3:19 AM

const fluentBit = new k8s.yaml.ConfigFile("fluent-bit.yml", {}, { parent: cluster, provider: cluster.provider });

I had to specify the provider too - I would've thought it could deduce that from the parent?

worried-city-86458

09/20/2019, 3:21 AM

At least it would be nice if it did that

damp-room-71337

09/20/2019, 10:49 AM

is anyone using the pulumi CircleCI orb? https://circleci.com/orbs/registry/orb/pulumi/pulumi

damp-room-71337

09/20/2019, 10:50 AM

what’s the best way to handle specifying config? I want to be able to do

pulumi up --config myAppImageTag=${CIRCLE_SHA}

but that doesn’t seem to be supported. Do

pulumi config set ...

outside the orb first or something?

brash-plastic-65797

09/20/2019, 4:37 PM

If an aurora instance has autoMinorVersionUpgrade set to true, and an auto upgrade happens, will that require a pulumi refresh to get the state back in sync? will we also have to update the engineVersion in our pulumi script to match the upgrade that happened outside pulumi?

incalculable-diamond-5088

09/20/2019, 5:50 PM

stable/prometheus-redis-exporter

helm chart fails to install

ServiceMonitor

. Probably because of the following line:

{{- if and ( .Capabilities.APIVersions.Has "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>" ) ( .Values.serviceMonitor.enabled ) }}

in https://github.com/helm/charts/blob/master/stable/prometheus-redis-exporter/templates/servicemonitor.yaml Is there a workaruond?

quaint-queen-45003

09/20/2019, 6:35 PM

so im an idiot and deleted an EKS cluster from the aws UI and now my pulumi stack is busted. is there any way of recovering this?

brash-plastic-65797

09/20/2019, 6:54 PM

it seems that aws.rds.Cluster and aws.rds.ClusterInstance require that engineVersion is set (and set to the same value) when creating an Aurora DB cluster. but when it comes time to upgrade to a new version of aurora, if you set the new version on both the Cluster and the ClusterInstance, pulumi up will fail. But if you only change the version on the Cluster (and leave the Cluster Instance on the older version) the upgrade will happen correctly. Subsequent updates will still succeed even though in the pulumi code the versions are now miss matched. This behavior seems odd, so I was wondering if their was an explanation.

worried-engineer-33884

09/20/2019, 7:04 PM

For a dynamic resource, is it possible to prevent a replace operation when the provider (__provider) changes? We are using the dynamic resource tool to create SNS topic subscriptions in AWS, and do not want users to be resubscribed whenever the provider changes e.g. when we upgrade dependencies like pulumi-aws, etc. cc @dazzling-memory-8548

adamant-dress-73325

09/20/2019, 8:36 PM

Is there a way to invoke

task.run({ cluster });

on a FargateTaskDefinition at the top-level of our pulumi program during update? We are trying to run a one-off task inside a container, without needing lambda like in https://www.pulumi.com/docs/guides/crosswalk/aws/ecs/#running-fire-and-forget-tasks .

colossal-room-15708

09/21/2019, 7:51 AM

Just deployed some resources (including AKS and CosmosDB) and ran

pulumi preview

right after it successfully deployed the stack and it's now saying that it wants to replace the cosmosDB database. Why is that? Looks like this all starts because the

consistencyPolicy

needs updating?!

cosmos_db_account = Account(
    "cosmosdbaccount",
    consistency_policy={
        "consistencyLevel": "Strong",
        "maxIntervalInSeconds": 5,
        "maxStalenessPrefix": 10
    },
    geo_locations=[
        {
        "location": resource_group.location,
        "failoverPriority":0
        }
    ],
    kind="GlobalDocumentDB",
    location=resource_group.location,
    offer_type="Standard",
    resource_group_name=resource_group.name
)

I check the consistency setting in the Azure portal and it shows that it's set to "Strong", so no idea why pulumi thinks it has to reconfigure it to "Strong" and then replace all the other resources. When I execute

pulumi up

it applies a change to cosmosDB, not to any of the other resources it said it would. Once done, I can run

pulumi preview

again and I get the same output as before where pulumi thinks it has to update and even replace multiple resources.

big-nail-28315

09/21/2019, 7:53 PM

I am building Elastic Beanstalk environments...every time I run pulumi, even if I don't change anything with the environment settings, pulumi updates the environments...any particular reason why?

thankful-optician-22583

09/23/2019, 4:58 PM

Hi guys for pulumi in kubernetes, how do I create a service before the deployment?

thankful-optician-22583

09/23/2019, 4:58 PM

My container needs the service to be available before being deployed

thankful-optician-22583

09/23/2019, 5:04 PM

Is there dependency field we could add

billowy-laptop-45963

09/23/2019, 6:14 PM

Is there a way of dealing with circular dependencies such as Create an aws role in account A that can assume a role in account B, create that role in account B and allow it's trust policy to only be assumable by the role created in account A?

Title

billowy-laptop-45963

09/23/2019, 6:14 PM

white-balloon-205

09/23/2019, 7:13 PM

In general most of the AWS resources that have this problem have a separate resource that you can use to break the cycle - like RolePolicyAttachment which can be created later than the Role. The specifics would depend on your exact use case. If it so happens that there are not available resources for your case - I’d be interested to understand it - but the solution then may be to conditionally create some of the resources and then need a two-step deployment process. But that shouldn’t be necessary.

billowy-laptop-45963

09/23/2019, 9:02 PM

makes sense, thanks!

View count: 1