https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • g

    gifted-ocean-95126

    05/11/2020, 5:23 PM
    I am also interested in dynamic provisioners: I expect them to be very useful every now and then on odd tasks, but I am finding it difficult to understand how they work, how they fit into the graph definition model (?) of Pulumi and what the developer workflow is with them. I am trying to code a dynamic provisioner (to build a
    #cloud-config
    dynamic resource) and my current workflow is that I am just running
    pulumi up
    over an over again to see what actions Pulumi would like to take. This is a difficult way to work, it is a lot of trial and error without little insight. I would like to try to understand, in detail what resource graph my program is defining so that I can know, for example: • whether the provisioner is correctly registered on the resource, • whether the
    create
    resource method will be called when the program-defined graph will be compared to the state-stored graph, • if I succeeded in writing the program such that the provisioner is able to modify the properties of the resource (or add to its output). I am aware that there are documents that can help me with this, namely the dynamic resources section in the programming model documentation and the documentation on testing, but... there is quite a lot of information there to absorb. So, my question is this: what is the recommended workflow for developing dynamic providers? Is it possible to learn useful things about the behaviour of my provisioners code without using the
    pulumi
    command?
    b
    • 2
    • 2
  • b

    busy-umbrella-36067

    05/11/2020, 7:59 PM
    Is there any reason we couldn’t upgrade the default version of typescript that gets installed from the
    pulumi new
    templates to add typescript 3.8's
    export * as ns
    syntax?
  • s

    sticky-thailand-14236

    05/11/2020, 10:02 PM
    hi guys, i like what i see with pulumi but i am having an interesting issue: I keep getting
    [1/3] Finding Pods to direct traffic to
    when in doing a
    pulumi up
    with my service. the following is my service:
    const streamService = new k8s.core.v1.Service(config.appNameStream, {
      metadata: {
        namespace: namespace.metadata.name,
        labels: {
          app: config.appNameStream,
          service: config.appNameStream
        }
      },
      spec: {
        ports: [{name: "grpc", port: 50051}],
        selector: {
          app: config.appNameStream
        }
      }
    })
    What exactly am i doing wrong?
    g
    • 2
    • 4
  • c

    creamy-potato-29402

    05/11/2020, 10:25 PM
    that error is basically saying that your service doesn’t properly target any pods
  • s

    sticky-thailand-14236

    05/12/2020, 1:33 AM
    hi one more, i am trying to setup kong credentials, but i am unsure what i am doing wrong here. I just cannot access with this setup. I had consumerRef: "develop" as well neither worked.
    const kongCustomResourceConsumer = new k8s.apiextensions.CustomResource("developer", {
      apiVersion: "<http://configuration.konghq.com/v1|configuration.konghq.com/v1>",
      kind: "KongConsumer",
      metadata: {
        namespace: namespace.metadata.name
      },
      username: "developer"
    });
    
    const kongCustomResourceConsumerKey = new k8s.apiextensions.CustomResource("developer-apikey", {
      apiVersion: "<http://configuration.konghq.com/v1|configuration.konghq.com/v1>",
      kind: "KongCredential",
      metadata: {
        namespace: namespace.metadata.name
      },
      consumerRef: `${kongCustomResourceConsumer.metadata.name}`,
      type: "key-auth",
      config: {
        key: "b362c400-4904-4176-9ae7-74bf03a63619"
      }
    });
  • f

    flat-mechanic-75334

    05/12/2020, 9:07 AM
    hello, how can I create a global static address for GKE ingress with Pulumi? gcp.compute.Address requires a region, but what is the equivalent of
    gcloud compute addresses create helloweb-ip --global
    b
    • 2
    • 2
  • b

    bland-cat-29878

    05/12/2020, 10:26 AM
    Hi - I have the postgres helm chart installing fine but I want to wait for it to be fully up and running before I start to run things like migrations - how can i do that?
    h
    g
    • 3
    • 6
  • c

    cool-egg-852

    05/12/2020, 2:36 PM
    Any chance https://github.com/pulumi/pulumi-kubernetes/issues/1118 can be given a look at? It’s a bit of a security issue.
    b
    • 2
    • 9
  • w

    wonderful-dog-9045

    05/12/2020, 2:49 PM
    Are pulumi stack tags (https://www.pulumi.com/docs/reference/cli/pulumi_stack_tag/) also added as aws tags for each provisioned resource?
    g
    • 2
    • 2
  • h

    helpful-processor-86468

    05/12/2020, 2:51 PM
    How can I get outputs that are nested in some structure?
    service.Template.Metadata()
    I'm getting an error
    applier must have 1 input parameter assignable
    w
    • 2
    • 3
  • w

    wonderful-dog-9045

    05/12/2020, 4:14 PM
    I am trying to apply tags automatically as described here: https://www.pulumi.com/blog/automatically-enforcing-aws-resource-tagging-policies/#automatically-applying-tags However i get the following error:
    Error: The root stack resource was referenced before it was initialized.
            at Object.registerStackTransformation (/home/gsuess/empirica/meteor-deploy/node_modules/@pulumi/pulumi/runtime/stack.js:211:15)
    What am I doing wrong?
    f
    s
    • 3
    • 26
  • i

    incalculable-whale-36468

    05/12/2020, 8:23 PM
    Hello! What is the correct way to terminate the execution? I found how to send an error with pulumi.error(), but not sure how to exit properly. Should I simply exit with whatever way the language provides me with?
    w
    • 2
    • 1
  • i

    icy-jordan-58549

    05/13/2020, 3:06 AM
    Hi everyone, can we run the same codegen for Istio CRDs? (from https://github.com/pulumi/pulumi-kubernetes) As far as I understood, it can support any OpenAPI, any suggestions on this topic? Thanks
    w
    g
    • 3
    • 6
  • c

    cold-rocket-35235

    05/13/2020, 11:37 AM
    Hello! 👋 Just starting out / testing things, trying to look at existing resources programmatically. Slightly confused on how the getters should work, thanks for your help! Thread ->
    f
    • 2
    • 6
  • r

    rough-baker-21016

    05/13/2020, 12:22 PM
    I’d be very grateful for help in resolving both a bucket name AND a role arn in a BucketPolicy. My use case closely follows the example given here: https://www.pulumi.com/docs/aws/s3/ Except in the
    function publicReadPolicyForBucket
    I need access to both the name of the bucket which has just been created created, AND the arn of a role that has just been created. Specifically, my policy needs to look like this (the difference from the example is the
    Principal
    which in my case needs to interpolate the role, instead of just being
    *
    function publicReadPolicyForBucket(bucketName: string, roleName: string) {
        return JSON.stringify({
            Version: "2012-10-17",
            Statement: [{
                Effect: "Allow",
                Principal: "`${role.arn}`",
                Action: [
                    "s3:GetObject"
                ],
                Resource: [
                    `arn:aws:s3:::${bucketName}/*` // policy refers to bucket name explicitly
                ]
            }]
        });
    }
    The error message I get recommends using the
    bucket.bucket.apply()
    pattern, but I can’t see how this extends to allowing me to interpolate both the bucket name and the role
    w
    • 2
    • 12
  • t

    thousands-planet-11416

    05/13/2020, 12:37 PM
    Hello all! Quick question about pulumi with kubernetes and best practices. If I use pulumi to create a pod in Kubernetes, but also have a service-mesh that is auto-injecting pods, how would I inherit that auto-generated pod in pulumi on creation?
    b
    b
    • 3
    • 5
  • a

    ancient-megabyte-79588

    05/13/2020, 4:14 PM
    Hello @echoing-match-29901! Where do we send feature suggestions? 😄
    b
    • 2
    • 4
  • b

    best-lifeguard-91445

    05/13/2020, 8:22 PM
    Good afternoon everyone! I'm new to Pulumi, and I'm looking for baseline / best practices for organizing stacks within a pulumi project. For example: should I have a "VPC" construct in a separate file, and export the values to be made available elsewhere? I guess I'm looking for a well-architected / modular starter project. (Typescript preferred) or blog/tutorial on organization and modularity.
    f
    l
    a
    • 4
    • 13
  • i

    icy-jordan-58549

    05/13/2020, 9:21 PM
    Based on this doc: https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson I want to get a bit more clarity around
    depensdOn
    , while I am testing it, it looks like it doesn’t check the health of the dependsOn resource, which means I can’t get
    eventual consistency requirement
    • 1
    • 4
  • p

    proud-optician-56680

    05/13/2020, 9:30 PM
    Is there a quick way for setting secrets in a new stack?
  • p

    proud-optician-56680

    05/13/2020, 9:30 PM
    Or perhaps i should write a script for the pulumi cli? 🙂
    a
    • 2
    • 1
  • b

    best-lifeguard-91445

    05/13/2020, 9:41 PM
    what is the usage for a security group ingress rule "sourceSecurityGroupId" property?
    app_sg.createIngressRule("app_allow_edge_in", {    
        location: { sourceSecurityGroupId: edge_sg.id },
        ports: new awsx.ec2.AllTcpPorts(),
        description: "allow HTTP access from anywhere",
    });
    This works -- but this doesn't: (doesn't compile)
    app_sg.createIngressRule("app_allow_edge_in", {    
        sourceSecurityGroupId: edge_sg.id,
        ports: new awsx.ec2.AllTcpPorts(),
        description: "allow HTTP access from anywhere",
    });
    error:
    No overload matches this call.
      Overload 1 of 2, '(name: string, args: SimpleSecurityGroupRuleArgs, opts?: ComponentResourceOptions | undefined): IngressSecurityGroupRule', gave the following error.
        Argument of type '{ sourceSecurityGroupId: Output<string>; toPort: awsx.ec2.AllTcpPorts; fromPort: awsx.ec2.AllTcpPorts; protocol: string; description: string; }' is not assignable to parameter of type 'SimpleSecurityGroupRuleArgs'.
          Object literal may only specify known properties, and 'sourceSecurityGroupId' does not exist in type 'SimpleSecurityGroupRuleArgs'.ts(2769)
    l
    • 2
    • 4
  • b

    billowy-army-68599

    05/13/2020, 10:29 PM
    hi all! I've been working on reducing the size of our Docker image and breaking them into language specific images. The github repo is here: https://github.com/jaxxstorm/pulumi-docker and they're on the Docker hub here: https://hub.docker.com/repository/docker/jaxxstorm/pulumi This isn't yet officially support by Pulumi, and you should not use these for anything production related just yet! - the idea is to start gathering feedback for how we might implement this down the line. I'd love people to give these a try where possible and send me feedback. There is an issue open here where this is being discussed https://github.com/pulumi/pulumi/issues/3789#
    l
    • 2
    • 22
  • b

    best-lifeguard-91445

    05/14/2020, 12:35 AM
    How do you define '*Service Auto Scaling'* for an ECS service? I see that cluster has a
    .createAutoScalingGroup
    method -- how do I control the scaling per service?
  • b

    best-lifeguard-91445

    05/14/2020, 2:23 AM
    Is there a way to view a dependency graph of an undeployed stack?
    l
    • 2
    • 6
  • e

    enough-engineer-49169

    05/14/2020, 9:50 AM
    Hello all !
    👋 3
  • m

    mammoth-caravan-51104

    05/14/2020, 3:33 PM
    hello! might be a simple question. i'm trying to set a tag on a subnet with an eks cluster name. subnet needs to exist for cluster to be created. how to update a subnet with a new tag?
    s
    l
    • 3
    • 8
  • b

    better-actor-92669

    05/14/2020, 5:02 PM
    Hello guys. I have asked this already, just wanted to check if anything has changed. There is a Postgresql Pulumi resource package: https://github.com/pulumi/pulumi-postgresql. How can one provide a cert, a key, and a ca cert to use ssl mode "verify-ca" or "verify-full"? I use Python SDK, but there is a documentation for nodejs https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/postgresql/index.html#ProviderArgs-sslMode. However, I couldn't find any documentation about certificates there.
    b
    • 2
    • 14
  • f

    famous-jelly-72366

    05/14/2020, 6:16 PM
    Just joining, have been using pulumi for awhile though on AWS, DO and lately Azure
  • f

    famous-jelly-72366

    05/14/2020, 6:17 PM
    never wanna go back to tf again 😄
    😛artypus-8bit: 2
Powered by Linen
Title
f

famous-jelly-72366

05/14/2020, 6:17 PM
never wanna go back to tf again 😄
😛artypus-8bit: 2
View count: 1