https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • p

    powerful-ram-56107

    09/18/2019, 3:11 PM
    I got yet another
    pulumi
    question: I want to use GCP beta features (specifically this one: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#Cluster.ConsumptionMeteringConfig). From the documentation and blog posts it seems
    pulumi
    supports GCP beta features, but the Typescript types in
    pulumi/gcp@1.0.0
    do not support it. Is it that it's just a bit behind GCP? If yes, how much?
    w
    • 2
    • 3
  • s

    swift-painter-31084

    09/18/2019, 6:29 PM
    Are there any limits or practical edges as to the size of a stack? I'm looking at combining two stacks into one that would put us at about 160 resources. Who's got the biggest stack? 🙂
    f
    c
    +2
    • 5
    • 8
  • c

    chilly-photographer-60932

    09/18/2019, 7:13 PM
    We would like to use https://docs.aws.amazon.com/eks/latest/userguide/calico.html
    cni
    along with
    eks
    using https://github.com/pulumi/pulumi-eks . How can we override the default CNI which gets installed with
    pulumi-eks
    ?
    w
    • 2
    • 3
  • b

    billowy-laptop-45963

    09/18/2019, 9:32 PM
    pulumi is telling me incorrect password even tho it's correct. I have no encrypted secrets and just wanna pulumi destroy. Is there a way around this?
    w
    • 2
    • 3
  • w

    worried-city-86458

    09/19/2019, 2:49 AM
    aws:route53:Record (Dev-Eks-nodeInternalElbDns):
        error: Plan apply failed: AccessDenied: User: <arn> is not authorized to access this resource
            status code: 403, request id: ba3a64a7-d984-4bd7-be97-12624890e903
    g
    • 2
    • 5
  • p

    powerful-ram-56107

    09/19/2019, 7:49 AM
    Good morning. Yet another question: Is there a way to make
    pulumi
    "accept" pre-existing objects with the same name/ID as described in the sources into the current stack? I mean similar to
    pulumi refresh
    , but without the resources being present in the stack already. I imagine a workflow where one does: 1.
    pulumi accept
    , which writes the objects into the stack as is; strongly suggesting to continue with step 2 afterwards 2.
    pulumi up --expect-no-changes
    , until the code fits the current stack state again
    t
    r
    g
    • 4
    • 7
  • r

    rhythmic-finland-36256

    09/19/2019, 12:36 PM
    Question: How to create database specific users when using
    azure.sql.SQLServer
    and inside of it some `azure.sql.Database`s with pulumi?
    t
    b
    • 3
    • 22
  • f

    fresh-summer-65887

    09/19/2019, 3:36 PM
    How do I set the GitHub repo url in projects/stacks? Some of my projects have it set and others don't. I sincerely can't find anything in the docs... thx
    c
    • 2
    • 2
  • b

    billowy-laptop-45963

    09/19/2019, 5:09 PM
    how do you guys work with component repos like pulumi-awsx / pulumi-cloud during development. Currently I'm looking to develop a similar library of reusable components. If I were writing python I would just pip install --editable in order to work in two different projects at the same time with going through some kind of install phase. I'd like to develop the components directly in the component repo as I'm building out the new program testing in a development stack.
    b
    b
    b
    • 4
    • 9
  • i

    incalculable-engineer-92975

    09/19/2019, 8:46 PM
    I have a task that creates an aws alb. It does this as a "side-effect" of deploying k8s yaml files. So when I do a destroy, the ALB isn't deleted. Is there a way to trigger additional work when a destroy is run?
  • p

    purple-appointment-43233

    09/19/2019, 9:05 PM
    hello all, anyone here worked with AWS Lambda and Lambda Layers in Pulumi? I think I have found a bug but would like to run it by someone who has worked with this before.
    b
    • 2
    • 2
  • w

    worried-city-86458

    09/20/2019, 12:08 AM
    Say I've got a large yaml file / text I don't want to initially convert to pulumi objects. What's the best way to deploy this to k8s as is?
    w
    • 2
    • 10
  • w

    worried-city-86458

    09/20/2019, 12:11 AM
    Is there an on-ramp to using kubectl? This would be a nice escape hatch where the details of "shell out" using the generated kubeconfig are taken care of.
  • w

    worried-city-86458

    09/20/2019, 12:28 AM
    On the other hand, I don't suppose there's a tool that converts k8s yaml to pulumi code? 😛
  • w

    worried-city-86458

    09/20/2019, 3:19 AM
    const fluentBit = new k8s.yaml.ConfigFile("fluent-bit.yml", {}, { parent: cluster, provider: cluster.provider });
    I had to specify the provider too - I would've thought it could deduce that from the parent?
    w
    • 2
    • 3
  • w

    worried-city-86458

    09/20/2019, 3:21 AM
    At least it would be nice if it did that
  • d

    damp-room-71337

    09/20/2019, 10:49 AM
    is anyone using the pulumi CircleCI orb? https://circleci.com/orbs/registry/orb/pulumi/pulumi
  • d

    damp-room-71337

    09/20/2019, 10:50 AM
    what’s the best way to handle specifying config? I want to be able to do
    pulumi up --config myAppImageTag=${CIRCLE_SHA}
    but that doesn’t seem to be supported. Do
    pulumi config set ...
    outside the orb first or something?
    t
    w
    c
    • 4
    • 8
  • b

    brash-plastic-65797

    09/20/2019, 4:37 PM
    If an aurora instance has autoMinorVersionUpgrade set to true, and an auto upgrade happens, will that require a pulumi refresh to get the state back in sync? will we also have to update the engineVersion in our pulumi script to match the upgrade that happened outside pulumi?
    c
    • 2
    • 3
  • i

    incalculable-diamond-5088

    09/20/2019, 5:50 PM
    stable/prometheus-redis-exporter
    helm chart fails to install
    ServiceMonitor
    . Probably because of the following line:
    {{- if and ( .Capabilities.APIVersions.Has "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>" ) ( .Values.serviceMonitor.enabled ) }}
    in https://github.com/helm/charts/blob/master/stable/prometheus-redis-exporter/templates/servicemonitor.yaml Is there a workaruond?
    g
    • 2
    • 3
  • q

    quaint-queen-45003

    09/20/2019, 6:35 PM
    so im an idiot and deleted an EKS cluster from the aws UI and now my pulumi stack is busted. is there any way of recovering this?
    b
    c
    w
    • 4
    • 17
  • b

    brash-plastic-65797

    09/20/2019, 6:54 PM
    it seems that aws.rds.Cluster and aws.rds.ClusterInstance require that engineVersion is set (and set to the same value) when creating an Aurora DB cluster. but when it comes time to upgrade to a new version of aurora, if you set the new version on both the Cluster and the ClusterInstance, pulumi up will fail. But if you only change the version on the Cluster (and leave the Cluster Instance on the older version) the upgrade will happen correctly. Subsequent updates will still succeed even though in the pulumi code the versions are now miss matched. This behavior seems odd, so I was wondering if their was an explanation.
    w
    • 2
    • 4
  • w

    worried-engineer-33884

    09/20/2019, 7:04 PM
    For a dynamic resource, is it possible to prevent a replace operation when the provider (__provider) changes? We are using the dynamic resource tool to create SNS topic subscriptions in AWS, and do not want users to be resubscribed whenever the provider changes e.g. when we upgrade dependencies like pulumi-aws, etc. cc @dazzling-memory-8548
    g
    w
    • 3
    • 17
  • a

    adamant-dress-73325

    09/20/2019, 8:36 PM
    Is there a way to invoke
    task.run({ cluster });
    on a FargateTaskDefinition at the top-level of our pulumi program during update? We are trying to run a one-off task inside a container, without needing lambda like in https://www.pulumi.com/docs/guides/crosswalk/aws/ecs/#running-fire-and-forget-tasks .
    • 1
    • 1
  • c

    colossal-room-15708

    09/21/2019, 7:51 AM
    Just deployed some resources (including AKS and CosmosDB) and ran
    pulumi preview
    right after it successfully deployed the stack and it's now saying that it wants to replace the cosmosDB database. Why is that? Looks like this all starts because the
    consistencyPolicy
    needs updating?!
    cosmos_db_account = Account(
        "cosmosdbaccount",
        consistency_policy={
            "consistencyLevel": "Strong",
            "maxIntervalInSeconds": 5,
            "maxStalenessPrefix": 10
        },
        geo_locations=[
            {
            "location": resource_group.location,
            "failoverPriority":0
            }
        ],
        kind="GlobalDocumentDB",
        location=resource_group.location,
        offer_type="Standard",
        resource_group_name=resource_group.name
    )
    I check the consistency setting in the Azure portal and it shows that it's set to "Strong", so no idea why pulumi thinks it has to reconfigure it to "Strong" and then replace all the other resources. When I execute
    pulumi up
    it applies a change to cosmosDB, not to any of the other resources it said it would. Once done, I can run
    pulumi preview
    again and I get the same output as before where pulumi thinks it has to update and even replace multiple resources.
    t
    b
    • 3
    • 4
  • b

    big-nail-28315

    09/21/2019, 7:53 PM
    I am building Elastic Beanstalk environments...every time I run pulumi, even if I don't change anything with the environment settings, pulumi updates the environments...any particular reason why?
    w
    • 2
    • 13
  • t

    thankful-optician-22583

    09/23/2019, 4:58 PM
    Hi guys for pulumi in kubernetes, how do I create a service before the deployment?
  • t

    thankful-optician-22583

    09/23/2019, 4:58 PM
    My container needs the service to be available before being deployed
  • t

    thankful-optician-22583

    09/23/2019, 5:04 PM
    Is there dependency field we could add
    w
    • 2
    • 2
  • b

    billowy-laptop-45963

    09/23/2019, 6:14 PM
    Is there a way of dealing with circular dependencies such as Create an aws role in account A that can assume a role in account B, create that role in account B and allow it's trust policy to only be assumable by the role created in account A?
    w
    • 2
    • 2
Powered by Linen
Title
b

billowy-laptop-45963

09/23/2019, 6:14 PM
Is there a way of dealing with circular dependencies such as Create an aws role in account A that can assume a role in account B, create that role in account B and allow it's trust policy to only be assumable by the role created in account A?
w

white-balloon-205

09/23/2019, 7:13 PM
In general most of the AWS resources that have this problem have a separate resource that you can use to break the cycle - like RolePolicyAttachment which can be created later than the Role. The specifics would depend on your exact use case. If it so happens that there are not available resources for your case - I’d be interested to understand it - but the solution then may be to conditionally create some of the resources and then need a two-step deployment process. But that shouldn’t be necessary.
b

billowy-laptop-45963

09/23/2019, 9:02 PM
makes sense, thanks!
View count: 1