ambitious-father-68746
04/09/2022, 12:23 PMbrave-lizard-56518
04/09/2022, 9:21 PMgifted-answer-39386
04/10/2022, 6:46 AMbillions-rocket-37012
04/10/2022, 1:40 PM.zip
file with the modules but surely I can automate that since CDK allows building it with Docker as well?future-window-78560
04/11/2022, 1:08 AMerror: malformed configuration value '127.0.0.1:9092': invalid character '.' after top-level value
running into above issue while creating kafka topic
Any solution?future-window-78560
04/11/2022, 6:15 AMvictorious-continent-984
04/11/2022, 8:32 AMfrom pulumi_kubernetes.helm.v3 import Chart, ChartOpts, FetchOpts
# ...
def remove_status(obj, opts):
if obj["kind"] == "CustomResourceDefinition":
del obj["status"]
prometheus_stack_chart = Chart(
"prometheus-stack",
ChartOpts(
chart="kube-prometheus-stack",
transformations=[remove_status],
version="34.8.0",
fetch_opts=FetchOpts(
repo="<https://prometheus-community.github.io/helm-charts>",
),
namespace=monitoring_namespace.id,
values=values,
skip_await=False
),
pulumi.ResourceOptions(depends_on=[monitoring_namespace, cluster])
)
I may notice the remove_status
hack (I’ve found on the Internet), without it installation fails before the beginning, ’cause somewhere inside it tries to pass that status
argument to a function that doesn’t expect it.
Am I doing something wrong, or am I just unlucky to need the Chart that is trouble to install with pulumi? Do you have any ideas or suggestions?cuddly-football-51817
04/11/2022, 10:21 AMicy-jordan-58549
04/11/2022, 11:39 AMpulumi.unsecret
?polite-summer-58169
04/11/2022, 1:38 PMcurved-morning-41391
04/11/2022, 5:17 PMambitious-ambulance-56829
04/11/2022, 5:27 PMbillowy-army-68599
04/11/2022, 5:39 PMbrave-angle-33257
04/11/2022, 6:52 PMquick-airport-30353
04/11/2022, 7:59 PMpulumi destroy
before running a pulumi up
?nutritious-petabyte-61303
04/12/2022, 4:24 AMnutritious-petabyte-61303
04/12/2022, 4:25 AMgifted-cricket-60194
04/12/2022, 7:54 AMbored-monitor-99026
04/12/2022, 8:52 AMpolite-summer-58169
04/12/2022, 9:31 AMhelpful-account-44059
04/12/2022, 12:57 PMaxios.default.get("<https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/docs/example-iam-policy.json>")
.then((response) => {
const eksEbsCsiDriverPolicy = new aws.iam.Policy("AmazonEKS_EBS_CSI_Driver_Policy", {
path: "/",
policy: JSON.stringify(response.data),
});
const eksEbsCsiDriverPolicyRole = new aws.iam.Role("AmazonEKS_EBS_CSI_Driver_Policy_Role", {
assumeRolePolicy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "<http://ec2.amazonaws.com|ec2.amazonaws.com>"
},
"Effect": "Allow",
"Sid": ""
}
]
}`
});
new aws.iam.RolePolicyAttachment("policy-attach", {
role: eksEbsCsiDriverPolicyRole.name,
policyArn: eksEbsCsiDriverPolicy.arn,
});
const ebsCsiAddon = new aws.eks.Addon("aws-ebs-csi-driver", {
clusterName: eksCluster.eksCluster.name,
addonName: "aws-ebs-csi-driver",
serviceAccountRoleArn: eksEbsCsiDriverPolicyRole.arn,
resolveConflicts: "OVERWRITE",
});
});
run this command, kubectl describe pvc ebs-claim
, and got the error:
Name: ebs-claim
Namespace: default
StorageClass: ebs-sc
Status: Pending
Volume:
Labels: <none>
Annotations: <http://volume.beta.kubernetes.io/storage-provisioner|volume.beta.kubernetes.io/storage-provisioner>: <http://ebs.csi.aws.com|ebs.csi.aws.com>
<http://volume.kubernetes.io/selected-node|volume.kubernetes.io/selected-node>: ip-172-28-161-249.ap-southeast-1.compute.internal
Finalizers: [<http://kubernetes.io/pvc-protection|kubernetes.io/pvc-protection>]
Capacity:
Access Modes:
VolumeMode: Filesystem
Used By: app
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning ProvisioningFailed 103s persistentvolume-controller <http://storageclass.storage.k8s.io|storageclass.storage.k8s.io> "ebs-sc" not found
Warning ProvisioningFailed 98s ebs.csi.aws.com_ebs-csi-controller-5fdd7948b6-zx94h_dce2f430-e960-4ce1-9fb5-e997ca6cd4e3 failed to provision volume with StorageClass "ebs-sc": rpc error: code = Internal desc = Could not create volume "pvc-4b7cadcc-c2b7-413a-a5e0-d366da9b912c": could not create volume in EC2: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
status code: 403, request id: 08d8c9b1-d5c6-43b6-b0b4-8bcc9ffb0ca6
Warning ProvisioningFailed 97s ebs.csi.aws.com_ebs-csi-controller-5fdd7948b6-zx94h_dce2f430-e960-4ce1-9fb5-e997ca6cd4e3 failed to provision volume with StorageClass "ebs-sc": rpc error: code = Internal desc = Could not create volume "pvc-4b7cadcc-c2b7-413a-a5e0-d366da9b912c": could not create volume in EC2: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
status code: 403, request id: 294b3cd6-bba8-45b7-a456-bf711ab8c9d4
Warning ProvisioningFailed 95s ebs.csi.aws.com_ebs-csi-controller-5fdd7948b6-zx94h_dce2f430-e960-4ce1-9fb5-e997ca6cd4e3 failed to provision volume with StorageClass "ebs-sc": rpc error: code = Internal desc = Could not create volume "pvc-4b7cadcc-c2b7-413a-a5e0-d366da9b912c": could not create volume in EC2: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
status code: 403, request id: e994db08-fb40-40d0-a7ee-5a1bd91f03b1
Warning ProvisioningFailed 91s ebs.csi.aws.com_ebs-csi-controller-5fdd7948b6-zx94h_dce2f430-e960-4ce1-9fb5-e997ca6cd4e3 failed to provision volume with StorageClass "ebs-sc": rpc error: code = Internal desc = Could not create volume "pvc-4b7cadcc-c2b7-413a-a5e0-d366da9b912c": could not create volume in EC2: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
status code: 403, request id: e3085d02-4dae-4c8b-bf24-3a082b028544
Warning ProvisioningFailed 83s ebs.csi.aws.com_ebs-csi-controller-5fdd7948b6-zx94h_dce2f430-e960-4ce1-9fb5-e997ca6cd4e3 failed to provision volume with StorageClass "ebs-sc": rpc error: code = Internal desc = Could not create volume "pvc-4b7cadcc-c2b7-413a-a5e0-d366da9b912c": could not create volume in EC2: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
status code: 403, request id: 7ae3cb86-3fb5-4490-bc96-f3dd40009b99
Warning ProvisioningFailed 66s ebs.csi.aws.com_ebs-csi-controller-5fdd7948b6-zx94h_dce2f430-e960-4ce1-9fb5-e997ca6cd4e3 failed to provision volume with StorageClass "ebs-sc": rpc error: code = Internal desc = Could not create volume "pvc-4b7cadcc-c2b7-413a-a5e0-d366da9b912c": could not create volume in EC2: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
status code: 403, request id: 5b4f043e-90f0-4e2b-b97e-782416eb7000
Normal Provisioning 34s (x7 over 101s) ebs.csi.aws.com_ebs-csi-controller-5fdd7948b6-zx94h_dce2f430-e960-4ce1-9fb5-e997ca6cd4e3 External provisioner is provisioning volume for claim "default/ebs-claim"
Warning ProvisioningFailed 34s ebs.csi.aws.com_ebs-csi-controller-5fdd7948b6-zx94h_dce2f430-e960-4ce1-9fb5-e997ca6cd4e3 failed to provision volume with StorageClass "ebs-sc": rpc error: code = Internal desc = Could not create volume "pvc-4b7cadcc-c2b7-413a-a5e0-d366da9b912c": could not create volume in EC2: WebIdentityErr: failed to retrieve credentials
caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity
status code: 403, request id: 743b9abd-b0e8-471a-aa08-9507df6476b8
Normal ExternalProvisioning 5s (x9 over 101s) persistentvolume-controller waiting for a volume to be created, either by external provisioner "<http://ebs.csi.aws.com|ebs.csi.aws.com>" or manually created by system administrator
anyone knowns how to fix it ?some-continent-1577
04/12/2022, 1:12 PMglamorous-australia-52239
04/12/2022, 2:30 PMstocky-petabyte-29883
04/12/2022, 2:52 PMexport AWS_PROFILE=XXXX
to set our profile.
When we run pulumi up we are getting an error.
Error: It looks like you're using AWS profiles. Please specify this profile in providerCredentialOpts
I think this issue only happens when using crossrails EKS and not aws-classic(could be wrong here). I know there is a profile key in providerCredentialOpts I can add, but we can't ensure everyone who uses pulumi uses the same naming for their aws profiles.
Am I missing something here?clever-glass-42863
04/12/2022, 6:24 PMPULUMI_CONFIG_PASSPHRASE
ahead of running $ pulumi stack select $CI_COMMIT_REF_NAME --create --secrets-provider passphrase --verbose 9
We see the initial stack get created with the following output
{
"version": 3,
"checkpoint": {
"stack": "dev"
}
}
But then immediately see the following ouput:
Created stack 'dev'
error: incorrect passphrase
Any ideas on what could be going on?thankful-coat-47937
04/12/2022, 7:16 PMhelpful-shoe-41967
04/12/2022, 8:01 PMpulumi update
the process want to update my resource (db-instance) on my gcp even when diff operations shows that everything are the same.
When I use
pulumi update --diff --json > diff-file.json
I can see the newState and oldState for resource is exactly the same but pulumi still want to update it with error like this:
... 1 error occurred:
* Error, failed to update instance settings for : googleapi: Error 412: Condition does not match., staleData
Could anyone advice me how I could track it down?calm-mechanic-93288
04/12/2022, 8:03 PMmasterAuthorizedNetworksConfig
. Anyone encountered an error below when trying to update the cidrBlocks in masterAuthorizedNetworksConfig
?
error: error sending request: googleapi: Error 400: Must provide an update.
incalculable-thailand-44404
04/13/2022, 12:24 AM> [2/2] COPY ./abc/abc_bin.jar app.jar:
------
failed to compute cache key: "./abc/abc_bin.jar" not found: not found
when trying to build a docker image with Pulumi. My DockerFile (ExampleProject/abc/DockerFile
)looks like this :
FROM openjdk:8-jdk-alpine
ARG JAR_FILE=./abc/abc_bin.jar
COPY ${JAR_FILE} app.jar
ENTRYPOINT ["java","-jar","/app.jar"]
My top level Bazel project is named ExampleProject
under which I have abc
as follows : ExampleProject/abc
. When I run bazel build //abc/...
from ExampleProject
it creates a new directory called /ExampleProject/bazel-bin/abc
which has all the jars including abc_bin.jar
victorious-tiger-25684
04/13/2022, 12:34 AMIDInput
, e.g. for https://www.pulumi.com/registry/packages/gcp/api-docs/container/cluster/#look-up?victorious-tiger-25684
04/13/2022, 12:34 AMIDInput
, e.g. for https://www.pulumi.com/registry/packages/gcp/api-docs/container/cluster/#look-up?