Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
general
- m
many-psychiatrist-74327
09/10/2020, 3:27 PM👋 hello! Is there a recommended approach to modularizing one’s Pulumi-managed resources into separate groups or systems? As in.. say, in Terraform, you can create different “modules”, and one module can have a “data source” that reads the output of another module. I’m guessing with Pulumi I’d want to have different “projects”. But how do I get one project to read the output from another project? Or is a different approach recommended altogether? Use case: I want to separate my “core infrastructure” (compute, kubernetes, some shared kubernetes resources) from the services that are running on top of it.c- 2
- 2
- w
worried-umbrella-80893
09/10/2020, 3:54 PMSo Pulumi has effectively been unusable for the past 30-60 minutes, because of this slowness. - g
gentle-diamond-70147
09/10/2020, 3:55 PMHi all, we're investigating the slowness. Stay tuned... - f
faint-table-42725
09/10/2020, 4:15 PM@worried-umbrella-80893 @important-appointment-55126 @loud-battery-37784 Are you still seeing this slowness? We’re not seeing any latency impacts in our dashboards. One thing that would be helpful for us is to eliminate the possibility of network to us-west-2 (where app.pulumi.com and api.pulumi.com are hosted) vs. something specific to our stack. Let’s use this thread to discuss. Could you please run mtr against ec2.us-west-2.amazonaws.com and api.pulumi.com — do you see similar results?lw+3- 6
- 32
- e
early-intern-90238
09/10/2020, 8:23 PMIs there a way to define a BackendConfig in Kubernetes? I don't see the type anywhere - i
incalculable-dream-27508
09/11/2020, 11:40 AMIs there a way to get stack name from within the program (python in my case)? I wanted to use it in some names to help ensure uniquenessb- 2
- 4
- s
steep-angle-29984
09/11/2020, 11:53 AMIs it possible to copy a config from a stack in project A to another stack in project B. I've found
but can that handle different projects somehow?pulumi stack init --copy-config-from stackc- 2
- 1
- i
incalculable-dream-27508
09/11/2020, 12:12 PMIn python I have
and that works. I tried adding to itips = [] hostnames = [] (...) INSTANCES = { i: openstack.compute.Instance(...) for i in range(COUNT) } for srv in INSTANCES: ips.append(INSTANCES[srv].access_ip_v4) hostnames.append(INSTANCES[srv].name) pulumi.export('ips', ips) pulumi.export('hostnames', hostnames)
to have a dictionary mapping hostname to IP instead of having separate lists, but it very much doesn't like that. Any ideas what I'm doing wrong?exported = {} (...) exported[INSTANCES[srv].name] = INSTANCES[srv].access_ip_v4 pulumi.export('nodes', exported)m- 2
- 2
- b
bitter-dentist-28132
09/11/2020, 2:26 PMare there any plans to have a community module registry like what terraform has?lwm- 4
- 4
- o
orange-electrician-25669
09/11/2020, 4:30 PMHi any one can direct me what is the deferent between "github.com/pulumi/pulumi-aws/sdk/v2/" to "github.com/pulumi/pulumi-aws/sdk/v3/" any upgrade path ?b- 2
- 6
- a
adamant-advantage-95831
09/11/2020, 4:47 PMHm. It seems as though my Secrets Provider is messed up. Commenting out my
andsecretsprovider:
entries from my stack configuration file seems to fix myencryptedkey:
andpulumi preview
being stuck commands. if I runpulumi up
doesn't seem to do anything. -- Alright I'm dumb. Turns out I needed to addpulumi stack change-secrets-provider "azurekeyvault://<my-url>.net/keys/<my key>"
to my Environment Variables 😛AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET - t
thousands-planet-11416
09/11/2020, 5:00 PMHello all, I have a general architecture question for the group. I work on many projects but with a similar formula for the stack (cloud infrastructure + kubernetes platform). I love the idea that Pulumi can manage both, but my issue is that I would like to use Kubernetes-as-a-Service tool (i.e. oneinfra, gardener) to quickly bootstrap and setup platforms for the projects in a more automated/robotic approach. Usually KaaS tools already have their deployment engine and api built in with no clear option to drop in a replacement. Is there a known KaaS tool that can use pulumi as the engine for creating and managing K8s clusters/and cloud infrastructure resources out of the box?g- 2
- 3
- w
worried-city-86458
09/11/2020, 7:08 PMJust had a thought re pulumi config ... the api is read-only which is quite limiting, especially when there are some better language / framework options for composing config, so can we please add a “write” api?lb- 3
- 22
- c
cold-car-67614
09/11/2020, 7:14 PMHello, I'm trying to manually decrypt some data in a Pulumi state file. I was able to decrypt the encryption key just fine (AWS KMS). Now that I have that is there a way to decrypt data outside of the Pulumi CLI? I was checking docs but couldn't find anything.- 1
- 1
- d
damp-elephant-82829
09/12/2020, 8:21 AMHello guys, I am trying to implement a “get or else create” for a resource which is shared across multiple stack. Has anyone done anything like that before?lb- 3
- 2
- c
calm-agent-81076
09/12/2020, 2:10 PMIs there a convenient way to stop Pulumi from including node_modules when creating aws.lambda.CallbackFunction? My lambda does not require any modules. I can exclude specific modules using codePathOptions.extraExcludePackage, but listing all packages there is a bit inconvenient.b- 2
- 1
- b
bitter-alligator-63874
09/12/2020, 4:21 PMIf I deploy an Azure resource with a base name, and the actual full name is picked by Pulumi (with a suffix), how do I later use the GetXXX function to get the resource? The Get function requires the full name. How do I get that name so I can pass it to the function? I figure there is some helper function I can use to transform the base name into the full name.s- 2
- 1
- v
victorious-xylophone-55816
09/12/2020, 5:41 PMI have a (probably) basic question, because I don't understand networking concepts very well: If I have multiple ECS/Fargate services, and I want to add HTTPS to some of them, what's the most efficient way of doing this? Currently, I've achieved it for one service like this (where I had created the Route53 hosted zone/domain by hand already):
But feels like I probably shouldn't repeat this for every service, creatingaws.acm.Certificate() -> aws.route53.getZone() -> aws.route53.Record() -> aws.acm.CertificateValidation() -> awsx.lb.NetworkLoadBalancer({ certificateArn: certCertificate.arn })
and newCertificateValidation
. What's the best way to do this? Or could I use something like Caddy for automatic HTTPS without all the other steps? (not sure how it works) Grateful for any input 🙏NetworkLoadBalancerbc- 3
- 9
- d
damp-table-85095
09/12/2020, 8:50 PMWhat is the recommended approach for splitting deployment scripts into multiple files? Say I am using typesafe, do I just dump one part of my script into step1.ts and "import" it? I am afraid that "unused" imports will get stripped. What is the preferred approach here?sc- 3
- 4
- c
creamy-vr-86450
09/13/2020, 12:58 AMAre there any examples of using
fromgithub.Team
? A regular account’s@pulumi/github
doesn’t work nor does there seem to be a way to authorize as an organization. This is the error I get:PATThis resource can only be used in the context of an organization
- 1
- 3
- d
damp-table-85095
09/13/2020, 1:21 AMI figured out how to build and push a Docker image from pulumi, but how do I make the pushed image private? Currently it's making the image public.s- 2
- 3
- d
damp-table-85095
09/13/2020, 3:01 AMGuys, how is pulumi.interpolate meant to work? I am invoking:
Whereconst startupScript = pulumi.interpolate` #!/usr/bin/env sh echo ${something}`;
is defined as:something
But this fails withconst something = config.requireSecret("mySecret");Calling [toString] on an [Output<T>] is not supported. - d
damp-table-85095
09/13/2020, 3:09 AMHmm, the
parameter expects typesmetadataStartupScript
and interpolate returnsstring | Promise<string> | pulumi.OutputInstance<string> | undefined
. Is that a problem?pulumi.Output<string> - b
best-france-51653
09/14/2020, 10:16 AMHello All, anyone know if this possible to create network policy, like that using pulumi? apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: disable-link-local-network namespace: default spec: selector: all() egress: - action: Deny protocol: TCP destination: nets: - 169.254.169.254/32 ... and when I try to create itm there is no Action field for NetworkPolicyEgressRuleArgs Spec: netv1.NetworkPolicySpecArgs{ Egress: netv1.NetworkPolicyEgressRuleArray{ netv1.NetworkPolicyEgressRuleArgs{ Action: pulumi.String("Deny"), Protocol: pulumi.String("TCP"), Destination: pulumi.StringArrayMap{ #golang #pulumi #egress - i
incalculable-dream-27508
09/14/2020, 11:52 AMApparently there's something called
that's related to outputs, but I wasn't yet able to find documentation regarding this, any links?promise - i
incalculable-dream-27508
09/14/2020, 11:53 AMOh, apparently it's a javascript thing? Is there a way to use with python an output that hasn't been created yet? Namely, a security group with IPs of machines that will be created in same run, but weren't created yet since security groups are created before the machines are?- 1
- 1
- i
incalculable-dream-27508
09/14/2020, 11:59 AMApparently the answer is `async`/`await` from
(or maybeasyncio
)aiostreaml- 2
- 2
- i
incalculable-portugal-13011
09/14/2020, 9:43 PMis there a way to prevent pulumi from appending the random string to the end of each resource name?is- 3
- 3
- w
worried-city-86458
09/14/2020, 10:00 PMSimilarly, is there a nice way to always inject a prefix for each resource name? I'm always specifying at least the environment name everywhere since it often ends up in external resource names for say aws and it makes them easier to categorize...l- 2
- 2
- m
many-psychiatrist-74327
09/15/2020, 1:08 AM👋 I’m following the “Organizing Projects and Stacks” inter-stack dependencies example to modularize my Pulumi resources. I’m basically doing exactly this:
But I’m seeing an error on line 3 whenever I do `pulumi preview`:const env = pulumi.getStack(); const infra = new pulumi.StackReference(`acmecorp/infra/${env}`); const provider = new k8s.Provider("k8s", { kubeconfig: infra.getOutput("kubeConfig") }); const service = new k8s.core.v1.Service(..., { provider: provider });
The stacktrace doesn’t trace back to line 3, but if I comment out line 3, the error goes away. It also makes sense because the other stack’sDiagnostics: pulumi:pulumi:Stack (services-dev): panic: interface conversion: interface {} is resource.PropertyMap, not string goroutine 27 [running]: <http://github.com/pulumi/pulumi/sdk/v2/go/common/resource.PropertyValue.StringValue(...)|github.com/pulumi/pulumi/sdk/v2/go/common/resource.PropertyValue.StringValue(...)> /home/travis/gopath/pkg/mod/github.com/pulumi/pulumi/sdk/v2@v2.9.3-0.20200902150941-d583bcb9153e/go/common/resource/properties.go:362 <http://github.com/pulumi/pulumi-kubernetes/provider/v2/pkg/provider.parseKubeconfigPropertyValue(0x289d6c0|github.com/pulumi/pulumi-kubernetes/provider/v2/pkg/provider.parseKubeconfigPropertyValue(0x289d6c0>, 0xc000436630, 0x29b6e3e, 0xa, 0xc0003b7a68) ...truncated...
output is a String. Now, even thoughkubeConfig
andpreview
throw that error, I can still apply the update and it actually works properly. But of course I’d rather not have random errors show up whenever I run pulumi. Is there a way to avoid this error? Thanks!uplgb- 4
- 14
Title
m
many-psychiatrist-74327
09/15/2020, 1:08 AM👋 I’m following the “Organizing Projects and Stacks” inter-stack dependencies example to modularize my Pulumi resources. I’m basically doing exactly this:
const env = pulumi.getStack();
const infra = new pulumi.StackReference(`acmecorp/infra/${env}`);
const provider = new k8s.Provider("k8s", { kubeconfig: infra.getOutput("kubeConfig") });
const service = new k8s.core.v1.Service(..., { provider: provider });Diagnostics:
pulumi:pulumi:Stack (services-dev):
panic: interface conversion: interface {} is resource.PropertyMap, not string
goroutine 27 [running]:
<http://github.com/pulumi/pulumi/sdk/v2/go/common/resource.PropertyValue.StringValue(...)|github.com/pulumi/pulumi/sdk/v2/go/common/resource.PropertyValue.StringValue(...)>
/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi/sdk/v2@v2.9.3-0.20200902150941-d583bcb9153e/go/common/resource/properties.go:362
<http://github.com/pulumi/pulumi-kubernetes/provider/v2/pkg/provider.parseKubeconfigPropertyValue(0x289d6c0|github.com/pulumi/pulumi-kubernetes/provider/v2/pkg/provider.parseKubeconfigPropertyValue(0x289d6c0>, 0xc000436630, 0x29b6e3e, 0xa, 0xc0003b7a68)
...truncated...kubeConfigpreviewupl
little-cartoon-10569
09/15/2020, 1:27 AMStackReference.getOutput returns an Output. Provider's kubeConfig property takes a string. You're going to need to do some conversion..
I can't see how that example would work. I would have thought you'd need to
awaitgetOutputValuem
many-psychiatrist-74327
09/15/2020, 6:50 PMwell, it looks like
kubeconfigstring | pulumi.OutputInstance<string> | Promise<string> | undefinedI thought a
pulumi.OutputStackReference.getOutputValue()requireOutputValue()still seeing the same error, even when using the -Value() methods, which return
Promise<any>g
gentle-diamond-70147
09/15/2020, 7:21 PM@many-psychiatrist-74327 can you share your code?
m
many-psychiatrist-74327
09/15/2020, 7:22 PMyup!
const stack = pulumi.getStack()
const infra = new pulumi.StackReference(`jetpack/infra/${stack}`)
const provider = new k8s.Provider('infra-cluster-provider', {
kubeconfig: infra.getOutput("kubeconfig")
})i also tried
infra.getOutputValue("kubeconfig")infra.getOutput("kubeconfig").get()tried using
awaites2017pulumi newes2016g
gentle-diamond-70147
09/15/2020, 8:00 PMAnd you're getting
interface conversion: interface {} is resource.PropertyMap, not stringm
many-psychiatrist-74327
09/15/2020, 9:33 PMcorrect
pulumi version
v2.10.0b
bitter-toddler-22112
10/01/2020, 11:47 AMHi guys, I've got the same issue. For my case, it only happens on an update. When I do a freshly creation of the stack resources (e.g. after destroy) the error does not show up. It only happens when the resources already exist. And it even happens, when I use a plain string for kubeconfig, e.g.
new k8s.Provider('my-provider', {
kueconfig: "hard-coded-kubeconfig"
})
Any ideas?
m
many-psychiatrist-74327
10/12/2020, 11:06 PM🎉 good observation, @bitter-toddler-22112!
I confirm the same behavior: after I did a
pulumi destroyView count: 1