https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • r

    rhythmic-hair-33677

    12/22/2019, 5:33 AM
    Can a stack have several projects? It seems a little odd to see already existing stacks suggested for new projects (my understanding of a project is just an index file and a mapped runtime (i.e. nodejs).
    w
    e
    • 3
    • 13
  • f

    flat-insurance-25294

    12/22/2019, 3:07 PM
    Can someone help me with CI and AWS. I am a bit confused over how to deal with Roles/IAM/RBAC for setting up the infrastructure in such way that staging and dev branches are different from prod in terms of rights
    b
    • 2
    • 5
  • t

    thankful-hospital-94793

    12/23/2019, 6:29 PM
    I'm getting an odd error when trying to run `pulumi up`:
    error: Missing required configuration variable 'poc-pulumi:aws:region'
    . When I do what the error describes and set:
    pulumi config set poc-pulumi:aws:region us-east-1
    , I get another error telling me the format is invalid: `error: invalid configuration key: could not parse poc-pulumi:aws:region as a configuration key (configuration keys should be of the form
    <namespace>:<name>
    )`
    h
    g
    • 3
    • 11
  • b

    broad-boots-45639

    12/23/2019, 6:34 PM
    Digital ocean’s managed k8s service refreshes its certificates every week. I authenticate via my digital ocean access token and can still access my pods, but this isn’t working with Pulumi. I'm unable to make updates to the cluster or to my applications. When I attempt to refresh I get this error:
    unable to load schema information from the API server: the server has asked for the client to provide credentials
    From what I’ve read Pulumi auths to k8s using either ~/.kube/config or $KUBECONFIG. Given that I have a recently updated kube config and can connect to my cluster I don’t understand why Pulumi is failing. I’m thinking the issue could be with the way I export the provider in the project that creates the basic cluster:
    export const kubeconfig = cluster.kubeConfigs[0].rawConfig
    const provider = new kubernetes.Provider(project_name, { kubeconfig })
    I removed the cluster bootstrapping (container registry login stuff, etc) that was dependent upon the provider and ran
    pulumi update -v 5 --debug
    . I hoped this would update the kubeconfig being used by the other projects that deploy my apps. All I got from the attempted update was a vague error and an outputted kube config file:
    error: an unhandled error occurred: Program exited with non-zero exit code: -1
    What is the recommended way to deal with the k8s digitalocean certificate rotation, both from managing the base cluster and for the applications that will deploy to it? I took a look at the Terraform documentation here but am not sure how to translate this to Pulumi: https://www.terraform.io/docs/providers/do/r/kubernetes_cluster.html#kubernetes-terraform-provider-example I’ve been stuck on this for a while, any assistance would be greatly appreciated :-)
    g
    b
    • 3
    • 4
  • p

    plain-eye-9759

    12/23/2019, 7:03 PM
    When authenticating to Azure with a service principal, I set the required environment variables as stated in the docs, however I get this error when I run
    pulumi up
    at the stage of creating an AAD application in my pulumi code.
    error: graphrbac.ApplicationsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="Unknown" Message="Unknown service error" Details=[{"odata.error":{"code":"Authorization_RequestDenied","date":"2019-12-23T18:15:51","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":""}}]
    Please, is there any additional permission I need to give the service principal in active directory?
  • t

    thankful-hospital-94793

    12/23/2019, 7:54 PM
    Any Windows users out there? I'm running PowerShell on my mac and Pulumi doesn't seem to like how the arrow keys are handled. Pressing up or down after a plan throws this:
    Do you want to perform this update?
      yes
    > no
      details
    error: confirmation cancelled, not proceeding with the update: Unexpected Escape Sequence: ['\x1b' 'O']
    • 1
    • 1
  • t

    thankful-hospital-94793

    12/23/2019, 7:54 PM
    Wondering if this is a PowerShell + macOS thing or just PowerShell in general.
    t
    • 2
    • 1
  • b

    billowy-laptop-45963

    12/23/2019, 8:55 PM
    I noticed pulumi exposes the node aws-sdk through
    new aws.sdk.S3()
    like calls. If I have an aws.Provider with set credentials is there a way to use that to create sdk clients? This is for multi-account programs.
    w
    • 2
    • 5
  • r

    rhythmic-hair-33677

    12/23/2019, 10:33 PM
    The pulumi-command provider I am building breaks if something is a secret. This line returns the error “Could not convert input: cannot convert *structpb.Struct to string”. This makes sense because pulumi secrets in state are objects instead of strings. Is there a way to have pulumi pass the secret in the clear and have it handle the string->object conversion? https://github.com/brandonkal/pulumi-command/blob/master/pkg/structpbconv/structpbconv.go#L119
    w
    • 2
    • 4
  • b

    bumpy-restaurant-1466

    12/24/2019, 5:51 PM
    Why did Pulumi decide to choose Typescript as their language of preference? Python and Go adoption is far ahead for DevOps, Cloud Infrastructure, and backend/platform teams. Part of my job is empowering the more junior engineers to learn languages that will help them advance their careers and I don’t see Typescript doing that.
    b
    s
    +2
    • 5
    • 22
  • a

    ambitious-ram-5811

    12/24/2019, 5:54 PM
    I'm pretty sure that there are at least a few people hiring node.js developers in the world 😅
    👍 2
  • f

    future-noon-68975

    12/24/2019, 6:07 PM
    Happy Xmas to every one :)
    👍 6
    🎉 4
    🎄 5
  • b

    bumpy-restaurant-1466

    12/24/2019, 6:16 PM
    It’s a question of who your biggest audience is. Have you surveyed new Pulumi adoptees on what languages they already know?
    w
    f
    c
    • 4
    • 11
  • t

    tall-librarian-49374

    12/24/2019, 7:06 PM
    I wasn't involved in that decision at all, but FWIW, TypeScript has a strong type system and is concise and expressive at the same time. Combined with the largest ecosystem of libraries and tools of Node.js, I think it's a solid choice.
    b
    • 2
    • 2
  • t

    tall-librarian-49374

    12/24/2019, 7:07 PM
    Probably, TypeScript makes more sense for my background (full stack dev) than for DevOps/platform teams.
    👍 1
    b
    a
    • 3
    • 4
  • h

    hundreds-portugal-17080

    12/24/2019, 7:27 PM
    Hi, We are using statefulset(https://github.com/elastic/helm-charts/blob/7.5.0/elasticsearch/templates/statefulset.yaml) and spinning up eks through Pulumi code. It is creating aws ebs volumes and everything is working fine. Scenario is that, When the perform pulumi destroy (bringing down the cluster) and bring it up again(pulumi up ), statefulset is creating new volumes instead of reusing existing ones. We are in testing phase where we don't want to keep 5 node cluster running all the time and at the same time, we don't want to recreate the data all the time. So, we would like to shutdown and start when ever needed. Is there is any approach you could recommend to re-use existing ebs volumes. Also, in real scenarios, Eks can go down for n number of reasons and it is very important for us to address reusing volumes. Please advise.
    c
    b
    +2
    • 5
    • 26
  • b

    best-waiter-16927

    12/25/2019, 11:51 AM
    HELP! It seems that changing aws:rds:SubnetGroup description (!!!) is causing an aws:rds:ClusterInstace replacement. This is insane! We tried different pulumi/aws versions: 1.7.0 - 1.14.0 - happens on all of them. Note that in pulumi/aws 1.8.0 there is a change to subnetgroup description so we are currently stuck on 1.7.0 due to this breaking change.
    😥 1
    b
    s
    • 3
    • 9
  • p

    plain-address-73583

    12/26/2019, 8:00 PM
    Question about stacks - what’s the best way to migrate a stack from my personal account (under my profile) to an organization (so that others can also manage)?
    g
    • 2
    • 2
  • c

    clean-engineer-75963

    12/26/2019, 9:10 PM
    I'm trying to use Pulumi to deploy an instance of Hashicorp Vault in Kubernetes, then connect to it using the pulumi-vault provider and provision a bunch of resources in it. Is there a good way to handle the chicken-and-egg problem this creates for preview? Pulumi can't preview the changes to be made in Vault because the instance of Vault that it would connect to to preview those changes has not been created yet, and won't be until apply time.
    h
    • 2
    • 13
  • f

    flat-insurance-25294

    12/27/2019, 2:20 AM
    Does anyone know how to setup some logging from a containers stdout & stdin using EKS & Fargate and Pulumi? I want to use Prometheus and Loki but not sure how to setup it up with pulumi. I think something missing from Pulumi docs for getting a production ready rollup is something related to capturing metrics and logging from all containers, preferably without changing our app images. We use stdout and stdin.
  • o

    orange-australia-91292

    12/27/2019, 9:57 AM
    Posting here rather than #python because I don’t think it’s specific to Python. I have Pulumi installed manually in ~/.pulumi/bin. I have a virtualenv set up and pulumi Python package installed with pip. I start
    python3
    and try to do the following at the interactive prompt:
    >>> import pulumi
    >>> config = pulumi.Config()
    and I get “Program run without the Pulumi engine available; re-run using the
    pulumi
    CLI” The pulumi binary is in PATH, I checked with
    print(os.environ["PATH"])
    What else does it need?
    b
    g
    +2
    • 5
    • 20
  • e

    elegant-twilight-2745

    12/27/2019, 2:34 PM
    In general what I can do in Pulumi that Terraform cannot do?
  • o

    orange-australia-91292

    12/27/2019, 2:43 PM
    @elegant-twilight-2745 you probably want this page: https://www.pulumi.com/docs/intro/vs/
  • e

    elegant-twilight-2745

    12/27/2019, 4:40 PM
    With pulumi then I don’t need Boto3? Could someone explain thanks
    b
    b
    • 3
    • 3
  • h

    handsome-truck-95168

    12/27/2019, 7:00 PM
    @here looking for help with a cloudfront deployment problem (see #aws)
  • m

    millions-judge-24978

    12/27/2019, 7:06 PM
    Upgrading to
    @pulumi/pulumi=1.8.1
    with typescript has introduced this error for me:
    stacks/cluster/api.ts(85,8): error TS2345: Argument of type '{ parent: this; }' is not assignable to parameter of type 'CustomResourceOptions'.
          Types of property 'parent' are incompatible.
            Type 'this' is not assignable to type 'Resource | undefined'.
              Type 'this' is not assignable to type 'Resource'
    where
    this
    is a
    class API extends pulumi.ComponentResource
    w
    p
    • 3
    • 7
  • e

    early-intern-90238

    12/28/2019, 4:00 AM
    Has anyone noticed npm update does not work after updating to the latest version?
    • 1
    • 1
  • r

    rhythmic-hair-33677

    12/29/2019, 2:36 AM
    Is helm 3 fully supported? I’m experimenting with gloo and so I have a pulumi file like this:
    import * as k8s from '@pulumi/kubernetes'
    
    new k8s.helm.v2.Chart('gloo', {
      chart: 'gloo/gloo',
    })
    Pulumi fails with:
    Error: Command failed: helm fetch gloo/gloo --untar --destination /tmp/tmp-12397xMcptBYcaXX7
    In gloo docs, it mentions this bug in version 2: https://docs.solo.io/gloo/latest/installation/gateway/kubernetes/#installing-on-kubernetes-with-helm However, I have helm v3 installed in my path: $ helm version version.BuildInfo{Version:“v3.0.2”, GitCommit:“19e47ee3283ae98139d98460de796c1be1e3975f”, GitTreeState:“clean”, GoVersion:“go1.13.5"} Looking through pulumi-kubernetes I was able to find: https://github.com/pulumi/pulumi-kubernetes/pull/882 (Merged)
  • f

    flat-insurance-25294

    12/29/2019, 4:21 AM
    @rhythmic-hair-33677 I don’t think so, since Helm3 is fully client side.
  • f

    flat-insurance-25294

    12/29/2019, 4:22 AM
    @rhythmic-hair-33677 What we do is translate the helm charts to regular k8 manifest files and apply those instead.
Powered by Linen
Title
f

flat-insurance-25294

12/29/2019, 4:22 AM
@rhythmic-hair-33677 What we do is translate the helm charts to regular k8 manifest files and apply those instead.
View count: 1