https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • s

    steep-beach-52652

    11/12/2021, 4:01 PM
    in other words, how to code this in pulumi using python,
  • m

    microscopic-finland-82315

    11/12/2021, 4:49 PM
    Hi, I'm deploying a chart like cert-manager on a kubernetes cluster via pulumi. The cert-manger after start updates a few secrets but then pulumi see this as a change. Is there a way to tell pulumi to ignore these changes? Many thx. Kind regards, Frederik
    m
    a
    p
    • 4
    • 6
  • b

    boundless-room-95091

    11/12/2021, 7:31 PM
    Hi, right now we have all our clients based on Terraform and we have a lot of custom modules for all AWS resources (and more) created in Terraform by ourselves, so we can reproduce similar architectures so simply using Terraform + Terragrunt. Now we a looking for a way to migrate the logic of some of our modules to pulumi,for this purpose i'm investigating how to create our custom Python Packages for Pulumi so we can have something more generic that can be reused in multiple clients, there is any recommended way to make somethin like this?.
    s
    • 2
    • 9
  • s

    square-coat-62279

    11/13/2021, 2:16 PM
    hi all, I am using GCP cloud storage as my Pulumi backend, in my pulumi code, I attempt to create a new project and all the resources will be created in this project. On running pulumi up, the GCP project was created but when I attempt to attach billing to the project, it failed with:
    error: 7 PERMISSION_DENIED: The caller does not have permission
    I have already run gcloud auth login and I am on the caller project, do I miss anything?
    p
    • 2
    • 6
  • s

    sparse-beach-51011

    11/14/2021, 12:34 PM
    hi all, im making a GKE cluster which uses secrets encryption and im trying to figure out at the moment how to assign the IAM policy on service account the least-privilege the the SA can access the kms key-ring which was created.. I would imagine this is a very common operation whenever making a GKE cluster, but unfortunately couldnt find it in any guides or docs on Pulumi. I know all references are there which are great, but would be nice to see the "recipes" for this common combo
  • s

    steep-beach-52652

    11/14/2021, 2:16 PM
    Hello, Cant replaced aws cloudmap namespace by pulumi due to services and instances in namespace, how to fix this problem in case i need to just update/replace the namespace only?
  • e

    echoing-activity-32278

    11/14/2021, 3:25 PM
    Hi. Not familiar with the JS land. But I see only typescript listed in the page: https://www.pulumi.com/registry/packages/azure-native/api-docs/advisor/suppression/ . Does that mean use Pulumi with plain JS is lesser supported?
    b
    • 2
    • 1
  • w

    white-train-9300

    11/15/2021, 4:08 AM
    Hello! Did someone already had issues updating Kubernetes certificates and refreshing pulumi stack? I’m currently getting the following error
    kubernetes:core/v1:PersistentVolume storage-3 refreshing warning: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials
    b
    • 2
    • 4
  • m

    millions-lunch-7967

    11/15/2021, 4:06 PM
    @here - looking for some examples. I have prod and stage environment and each of these environment will have its own service accounts and here is how I have defined my structure similar to what we currently have in terraform.
  • m

    millions-lunch-7967

    11/15/2021, 4:07 PM
    ── project
        ├── __main__.py
        ├── Pulumi.yaml
        └── environments
            └──PROD
                ├── Pulumi.prod.yaml
                
            └──STG
                ├── Pulumi.stg.yaml
  • m

    millions-lunch-7967

    11/15/2021, 4:07 PM
    is this possible to do with Pulumi. if yes, can someone please give me some example.
    a
    r
    • 3
    • 39
  • m

    millions-lunch-7967

    11/15/2021, 4:07 PM
    thanks
  • m

    millions-lunch-7967

    11/15/2021, 5:42 PM
    @here - have question on gcp.projects.IAMBinding , how do I assign multiple roles to a member. I am using the python version.
  • p

    polite-keyboard-13683

    11/15/2021, 6:46 PM
    Hello! Pulumi customer here---I’m trying to do a pulumi preview, and things are just hanging on
    pulumi:pulumi:Stack
    . Nothing ever goes anywhere or progresses
    r
    • 2
    • 5
  • f

    flaky-area-92692

    11/15/2021, 7:54 PM
    are we the only one not being able to reach app.pulumi.com ?
    q
    d
    • 3
    • 3
  • f

    faint-tiger-16075

    11/15/2021, 8:54 PM
    Hello All, I'm previewing Pulumi and I'm really enjoying it so far....running into an issue with secrets however.... I create a secret using
    pulumi config set --secret [name] [value]
    , but when I attempt to do
    cfg.requireSecret('[name]')
    I'm getting an error during
    pulumi up
    (see screenshot). If I hard code my variable (rather than using config) it works....I've tried the suggestions in the error, I've set the config variable to
    plaintext
    and used
    cfg.require('[name]')
    and still doesn't work....I've studied the secrets documentation....am I missing something?
    q
    b
    • 3
    • 10
  • g

    gorgeous-minister-41131

    11/16/2021, 1:20 AM
    is there a way for a kubernetes resource to depend on another (example: a Deployment depending on a successful rollout and run of a batch.v1.Job() for example), before it goes off to even try and update the Deployment?
  • g

    gorgeous-minister-41131

    11/16/2021, 1:20 AM
    it seems like depends_on is what I need, but I’m not sure if the behavior of that means pulumi will wait and require that resource to be healthy or not
    l
    • 2
    • 20
  • m

    millions-lunch-7967

    11/16/2021, 4:01 AM
    @here - I have enabled bigquery.googleapis.com
    Enable Google Biquery api
    project = gcp.projects.Service("project",
      project=bureau_data_project.id,
      service="<http://bigquery.googleapis.com|bigquery.googleapis.com>")
  • m

    millions-lunch-7967

    11/16/2021, 4:02 AM
    getting the below error
  • m

    millions-lunch-7967

    11/16/2021, 4:07 AM
    error: deleting urn:pulumi:stage::ek-data-source::gcp:projects/service:Service::project: 1 error occurred:
    	* Error when reading or editing Project Service ek-data-source-stage/bigquery.googleapis.com: Error disabling service "<http://bigquery.googleapis.com|bigquery.googleapis.com>" for project "ek-data-source-stage": googleapi: Error 400: The service <http://bigquery.googleapis.com|bigquery.googleapis.com> is depended on by the following active service(s): <http://bigquerystorage.googleapis.com|bigquerystorage.googleapis.com>; Please specify disable_dependent_services=true if you want to proceed with disabling all services.
    Help Token: Ae-hA1P5o6go9HANTZgPEqnXwbDS4C9MI-KVWMAlNhh9dGSJp2l95ver_wdySZRAaAGxDnKXomqspnmQDKXcEojtPgi9MMduRwg5b6zGEy23CkXa
    Details:
    [
      {
        "@type": "<http://type.googleapis.com/google.rpc.PreconditionFailure|type.googleapis.com/google.rpc.PreconditionFailure>",
        "violations": [
          {
            "subject": "?error_code=100001\u0026service_name=<http://bigquery.googleapis.com|bigquery.googleapis.com>\u0026services=<http://bigquerystorage.googleapis.com|bigquerystorage.googleapis.com>",
            "type": "<http://googleapis.com|googleapis.com>"
          }
        ]
      },
      {
        "@type": "<http://type.googleapis.com/google.rpc.ErrorInfo|type.googleapis.com/google.rpc.ErrorInfo>",
        "domain": "<http://serviceusage.googleapis.com|serviceusage.googleapis.com>",
        "metadata": {
          "service_name": "<http://bigquery.googleapis.com|bigquery.googleapis.com>",
          "services": "<http://bigquerystorage.googleapis.com|bigquerystorage.googleapis.com>"
        },
        "reason": "COMMON_SU_SERVICE_HAS_DEPENDENT_SERVICES"
      }
    ]
    , failedPrecondition
  • s

    square-coat-62279

    11/16/2021, 6:20 AM
    hi all, I have a use case here involving a call-back or webhook or whatever it maybe, basically, I am running Pulumi from one GCP project that will spin up a new GCP project along with the cloud resources like VPC, GKE etc. In this deployment, I'd need to grant access compute.imageUser to the child GCP project service account so that the GKE cluster can download docker images from the Container registry in the GCP project where Pulumi is running. Is there any way that I can achieve this as part of the process in deploying the child GCP project along with the other resources? I'd imagine if there's some kind of remote_exec in Terraform that I can use to run some gcloud command to grant the permission, otherwise any idea would be helpful, thanks!
  • f

    fancy-eve-82724

    11/16/2021, 7:38 AM
    I'm self-hosting Pulumi with an S3 bucket as storage. The state of my current stack is only about 2.1MB, but the cumulative backups and history are growing to over 400MB. Is there any way via the pulumi CLI line to purge this history? Or will I have to write some scripts to purge this manually?
    g
    l
    b
    • 4
    • 3
  • s

    steep-beach-52652

    11/16/2021, 1:09 PM
    Hello, the repo link is borken here , need to see the dockerfile in github https://hub.docker.com/r/pulumi/pulumi
    g
    g
    • 3
    • 3
  • s

    steep-beach-52652

    11/16/2021, 1:10 PM
    <https://github.com/pulumi/pulumi/blob/master/docker/pulumi/Dockerfile>
  • g

    gorgeous-minister-41131

    11/16/2021, 7:06 PM
    Is there a good way to handle state / issues when pulumi is forcefully exited in the middle of a run? Having an operator have to manually export, examine and reimport the state seems goofy especially in a CI pipeline for Kubernetes resources. Is there a way to just tell pulumi when --refresh is passed to ignore an inconsistent state and take what it sees out in the cluster/provider as face value?
    l
    • 2
    • 7
  • b

    bitter-island-28909

    11/16/2021, 7:47 PM
    The pricing docs are not clear in one area. Are Provider resources included in credit utilization?
    b
    r
    c
    • 4
    • 5
  • s

    swift-intern-18856

    11/16/2021, 8:54 PM
    ugh yikes, just ran into total failure trying to perform an update that required replacing an EKS cluster
    error: post-step event returned an error: failed to save snapshot: .pulumi/stacks/base.non-prod.json: snapshot integrity failure; it was already written, but is invalid (backup available at .pulumi/stacks/base.non-prod.json.bak): resource urn:pulumi:base.non-prod::yd-base::yd:eks:Cluster$eks:index:Cluster$kubernetes:core/v1:ConfigMap::yd-eks-nodeAccess refers to unknown provider urn:pulumi:base.non-prod::yd-base::yd:eks:Cluster$eks:index:Cluster$pulumi:providers:kubernetes::yd-eks-eks-k8s::b48893e2-fd53-4bed-9753-c28de972084c
    i think i understand the error (the provider was deleted when the cluster was replaced), but unsure how to resolve restoring the backup, any tips?
    b
    m
    • 3
    • 11
  • g

    gifted-salesmen-8201

    11/16/2021, 9:12 PM
    Hi folks, how do you structure a large pulumi project in go, for example creating s3 buckets, policies and users..? Do you place all our code in a main.go file, or structure it in a pkg directory? Thanks in advance for your advice
    l
    • 2
    • 3
  • l

    limited-electrician-71574

    11/16/2021, 9:45 PM
    Hi all, are there plans to expand on deploying Databricks resources in the future?
    a
    • 2
    • 2
Powered by Linen
Title
l

limited-electrician-71574

11/16/2021, 9:45 PM
Hi all, are there plans to expand on deploying Databricks resources in the future?
a

abundant-book-94104

11/16/2021, 11:32 PM
azure native has databricks code for deploying databricks. Is there something that's not in it you want to see? Or some other cloud service?
l

limited-electrician-71574

11/17/2021, 3:19 PM
hey peter - i'm currently working in aws
View count: 1