pulumi-community #general

thousands-planet-11416

05/13/2020, 12:37 PM

Hello all! Quick question about pulumi with kubernetes and best practices. If I use pulumi to create a pod in Kubernetes, but also have a service-mesh that is auto-injecting pods, how would I inherit that auto-generated pod in pulumi on creation?

ancient-megabyte-79588

05/13/2020, 4:14 PM

Hello @echoing-match-29901! Where do we send feature suggestions? 😄

best-lifeguard-91445

05/13/2020, 8:22 PM

Good afternoon everyone! I'm new to Pulumi, and I'm looking for baseline / best practices for organizing stacks within a pulumi project. For example: should I have a "VPC" construct in a separate file, and export the values to be made available elsewhere? I guess I'm looking for a well-architected / modular starter project. (Typescript preferred) or blog/tutorial on organization and modularity.

icy-jordan-58549

05/13/2020, 9:21 PM

Based on this doc: https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson I want to get a bit more clarity around

depensdOn

, while I am testing it, it looks like it doesn’t check the health of the dependsOn resource, which means I can’t get

eventual consistency requirement

proud-optician-56680

05/13/2020, 9:30 PM

Is there a quick way for setting secrets in a new stack?

proud-optician-56680

05/13/2020, 9:30 PM

Or perhaps i should write a script for the pulumi cli? 🙂

best-lifeguard-91445

05/13/2020, 9:41 PM

what is the usage for a security group ingress rule "sourceSecurityGroupId" property?

Copy code

app_sg.createIngressRule("app_allow_edge_in", {    
    location: { sourceSecurityGroupId: edge_sg.id },
    ports: new awsx.ec2.AllTcpPorts(),
    description: "allow HTTP access from anywhere",
});

This works -- but this doesn't: (doesn't compile)

Copy code

app_sg.createIngressRule("app_allow_edge_in", {    
    sourceSecurityGroupId: edge_sg.id,
    ports: new awsx.ec2.AllTcpPorts(),
    description: "allow HTTP access from anywhere",
});

error:

Copy code

No overload matches this call.
  Overload 1 of 2, '(name: string, args: SimpleSecurityGroupRuleArgs, opts?: ComponentResourceOptions | undefined): IngressSecurityGroupRule', gave the following error.
    Argument of type '{ sourceSecurityGroupId: Output<string>; toPort: awsx.ec2.AllTcpPorts; fromPort: awsx.ec2.AllTcpPorts; protocol: string; description: string; }' is not assignable to parameter of type 'SimpleSecurityGroupRuleArgs'.
      Object literal may only specify known properties, and 'sourceSecurityGroupId' does not exist in type 'SimpleSecurityGroupRuleArgs'.ts(2769)

billowy-army-68599

05/13/2020, 10:29 PM

hi all! I've been working on reducing the size of our Docker image and breaking them into language specific images. The github repo is here: https://github.com/jaxxstorm/pulumi-docker and they're on the Docker hub here: https://hub.docker.com/repository/docker/jaxxstorm/pulumi This isn't yet officially support by Pulumi, and you should not use these for anything production related just yet! - the idea is to start gathering feedback for how we might implement this down the line. I'd love people to give these a try where possible and send me feedback. There is an issue open here where this is being discussed https://github.com/pulumi/pulumi/issues/3789#

best-lifeguard-91445

05/14/2020, 12:35 AM

How do you define '*Service Auto Scaling'* for an ECS service? I see that cluster has a

.createAutoScalingGroup

method -- how do I control the scaling per service?

best-lifeguard-91445

05/14/2020, 2:23 AM

Is there a way to view a dependency graph of an undeployed stack?

enough-engineer-49169

05/14/2020, 9:50 AM

Hello all !

👋 3

mammoth-caravan-51104

05/14/2020, 3:33 PM

hello! might be a simple question. i'm trying to set a tag on a subnet with an eks cluster name. subnet needs to exist for cluster to be created. how to update a subnet with a new tag?

better-actor-92669

05/14/2020, 5:02 PM

Hello guys. I have asked this already, just wanted to check if anything has changed. There is a Postgresql Pulumi resource package: https://github.com/pulumi/pulumi-postgresql. How can one provide a cert, a key, and a ca cert to use ssl mode "verify-ca" or "verify-full"? I use Python SDK, but there is a documentation for nodejs https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/postgresql/index.html#ProviderArgs-sslMode. However, I couldn't find any documentation about certificates there.

famous-jelly-72366

05/14/2020, 6:16 PM

Just joining, have been using pulumi for awhile though on AWS, DO and lately Azure

famous-jelly-72366

05/14/2020, 6:17 PM

never wanna go back to tf again 😄

partypus 8bit 2

green-school-95910

05/14/2020, 6:19 PM

I would love to only use Pulumi and never look at tf again, sadly I'll have to wait until we have the time budget to finish migrating everything.

best-lifeguard-91445

05/14/2020, 6:22 PM

How do you update/change the pulumi stack password?

famous-jelly-72366

05/14/2020, 6:24 PM

fwiw, I just starting using sops for secrets handling .. so I'm storing the pulumi config secret in sops along with azure creds

famous-jelly-72366

05/14/2020, 7:01 PM

btw. I had an issue on azure with aks node pool tags ... I had defined tags with CamelCase keys, but pulumi read them as lowercase from state, so kept insisting on having to update ... guess it must be a bug in the azure provider ... anyway I solved it by forcing tag keys to lowecase for that resource

famous-jelly-72366

05/14/2020, 7:02 PM

just starting out with AKS

cold-motherboard-287

05/14/2020, 7:35 PM

so AWS did same as Pulumi? https://siliconangle.com/2020/05/13/aws-open-sources-cdk8s-make-kubernetes-easier-use/

best-lifeguard-91445

05/14/2020, 11:24 PM

I'm getting an error deploying a change after a failure - any ideas?:

..xxxx is in ROLLBACK_COMPLETE state and can not be updated.

icy-jordan-58549

05/14/2020, 11:38 PM

@gorgeous-egg-16927 do you have any ETA when https://github.com/pulumi/pulumi-kubernetesx will come out from

development

, the repo looks like abandoned, last update in April. Thanks

kind-mechanic-53546

05/15/2020, 7:03 AM

is it possible to take the output from one stack and use it in

pulumi.runtime.registerStackTransformation

? I want to set common tags for a group of stacks but when I do

pulumi.all

on the output values (which are

OutputInstance<any>

), the tags do not get applied, whereas if I use values from config or literals, it works fine

abundant-photographer-61227

05/15/2020, 12:32 PM

Hello guys, I git cloned repo

abundant-photographer-61227

05/15/2020, 12:32 PM

https://github.com/mapbox/asset-tracking

abundant-photographer-61227

05/15/2020, 12:33 PM

and after

pulumi up

abundant-photographer-61227

05/15/2020, 12:33 PM

it's still loading ...

abundant-photographer-61227

05/15/2020, 12:33 PM

create...

abundant-photographer-61227

05/15/2020, 12:34 PM

pulumi.mov