I use the same project and separate environments by stacks. I name my stacks <dev|stage|prod>.<projectType>.<environmentPurpose> so that I can have both dev and prod for the same environment purpose 🙂

i.e. dev.infra.happy-service and prod.infra.happy-service are two separate stacks on the same project 🙂 I use different projects for different purposes - i.e. i have another project to manage kubernetes on top of those stacks, so those stacks would be dev.k8s.happy-service etc in the kuberenetes project

Hi all! I'm having an hard time figuring out how to handle resource dependencies between projects, hopefully someone may guide me in the right direction. I have a pulumi project to manage an aws SQS. Them i have another project to manage a lambda function. This uses

queue.onEvent()

, so i have to somehow reference the SQS resource. And here is where things get confused to me. If i

get

the queue, i cannot manage it. If i import the queue, them i can manage it and it works ok. But is this really the best approach?

I other words, and more generic, how can and should we handle projects that depends on resources managed in other projects? The case above may be specific because indeed in the Lambda project i need to modify the SQS resource (event mapping)

I'm pondering Outputs and mutual dependancy. Let's say I want to make 2 AWS security groups each of which wants to be confgured in the other's Ingress/Egress rules. e,g, Public needs Egress on port 8080 to Private and Private needs Ingress from Public on 8080. Is it possible to code this in pulumi? I would do it by hand by making the two groups and then adding the rules when I knew the names, but is that possible in pulumi?

Hi! I'm quite new to pulumi and am trying to create a virtual wan with some hubs and vnets peered to the hubs. Unfortunately I'm struggling with connecting the vnets to the hubs (With the azure-native package). Can anybody give me a hint? The API reference did not... Thanks!

I've read in a few places that the AWS pulumi go SDK is memory hungry. What does that mean in numbers? I'm using a 2GB VM at the moment and it does seem to be struggling, How much is enough?

Hi, I am new to pulumi. Can anyone tell me how pulumi is useful, meaning what all I get with pulumi? Also, Can I use it with aws only?

I'm struggling with outputs. I'm trying to make a pair of security groups in AWS with go and then use NewSecurityGroupRule to add rules to the security group. But when I try and access the .Id of the created security group I get an error

privateSg.Id undefined (type *ec2.SecurityGroup has no field or method Id)

I feel there's something really simple I'm missing here.

Hi everyone, I have a question about project/stack organization. Lets say I have 4 distinct deployments of a specific project (US-prod, EU-prod, US-staging, and US-test) and infrastructure changes may happen and stay on test or staging for some time before being deployed to either of the prod systems. Is this something that stacks can handle well, (this kind of elongated divergence) or would we solve this problem with stacks plus something like git branches to keep things separated until we’re happy to merge the changes into prod. Anyone have best practices for me? Thanks!

Hi, Just wondering if anyone can point me to single example of a C# VSphere example that does something more than create a Datacenter, preferably creating all the resources need to provision a VM ?

I have an API that is hosted in a Pulumi.AzureNative.Web.WebApp using the "WEBSITE_RUN_FROM_PACKAGE" environment variable to point to binary hosted in blob storage. When I "pulumi up", to update the API, the blob is updated but I must "manually" stop/start the WebApp in the Azure portal in order to see the changes to my service. What is the recommended approach using Pulumi to restart these services without manual intervention?

Hi team, I am new to Pulumi, now I am trying to convert a Terraform provider into Pulumi provider,I finished the code generation part, but I am stuck in how to install this plugin to move on to

tf2pulumi

command. It complained that

error: no resource plugin 'testProvider' found in the workspace or on your $PATH

. I am wondering that is there any document about how to fix this? Thanks!

Hi 🙂 Is this the place to get some n00b help? I'm trying to rollout Istio via Pulumi but it seems that's the hardest task for a getting started

however, I’ll just drop my question in hopes of an answer… I’m creating an Istio Operator Resource and it works - it gets installed. But how can I get the LoadBalancer IP of the Ingress Gateway which is generated by the Istio Operator? I tried something like this:

let ip = await kq
    .list("v1", "Service", "istio-system")
    .filter(it =>  it.status?.loadBalancer?.ingress?.length > 0)
    .map(it => it.status?.loadBalancer?.ingress)
    .firstOrDefault([]).then(it => (it?.length) ? it[0].ip : undefined).then((val) => {
        return val
    });

But I’m not sure how to wrap this into a Custom (dynamic?) resource to be able to have other resources depend on that (like, creating an AWS Route53 A record pointing to the newly created IP)

as soon as I wrap that in a custom resource provider’s “async create” I won’t get any output

for reference, this is my WIP

Wow. That's beyond noob 😄 Also - thanks for using kq - I actually had no idea that it existed, and now I do! 😄 My first instinct is that you might need your kq call to depend on the istio one. The second instinct is that even though istio is done, LB ip takes an undefined amount of time to arrive in k8s - there really is no way of telling WHEN it will actually be applied, so it's really tricky to ensure you make the call once it's actually resolved.

I have another noob question: What happens if I create a LB by hand in AWS, then import it into a stack so I can fiddle the Listener rules, and then I destroy the stack? Does Pulumi somehow remember that the LB wasn't created in Pulumi and leave it be, or does it just destroy it anyway? What about the Listener rules that got mutated, can they be restored on destruction of the mutating stack?

I am new to Pulumi and Typescript. I am trying to deploy ecs on EC2. I need to install some rexray plugins on the EC2 instances and therefore need to use userData to get that completed. I have been able to get a simple ecs on ec2 up and running without userData, but when I add userData in the stack fails. Following is a example of what I have so far.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as awsx from "@pulumi/awsx";


// Step 1: Define the Networking for our service.  Will join the appropriate POD network.  Pod02 or Pod03.
// Use an existing VPC, subnets, and gateways.
const existingVpc = awsx.ec2.Vpc.fromExistingIds("existingVpc", {
    vpcId: "vpc-xxxxxxxxxxxxxx",
    publicSubnetIds: ["subnet-1111111111111111", "subnet-22222222222222222", "subnet-3333333333333333"],
    //privateSubnetIds: ["subnet-22222222222222222", "subnet-33333333333333333"],
    internetGatewayId: "igw-xxxxxxxxxxxxxxxx",
    //natGatewayIds: ["nat-00000000000000000", "nat-11111111111111111"],
})

// Step 2: Create an ECS EC2 cluster.
const cluster = new awsx.ecs.Cluster("EBS-to-EFS", {
    vpc: existingVpc,
    tags: {
        "Name": "EBS-to-EFS-cluster",
    },
});

export const userData = 
 `#!/bin/bash`

// Comment out the following lines of the userData script till I get userData to not crash the stack.

// yum install -y amazon-efs-utils
// yum install -y nfs-utils
// yum install -y aws-cfn-bootstrap
// /opt/aws/bin/cfn-init -v --region \${AWS::Region} --stack \${AWS::StackName} --resource ContainerInstances
// /opt/aws/bin/cfn-signal -e \$? --region \${AWS::Region} --stack \${AWS::StackName} --resource ECSAutoScalingGroup
// #open file descriptor for stderr
// exec 2>>/var/log/ecs/ecs-agent-install.log
// set -x
// #verify that the agent is running
// until curl -s <http://localhost:51678/v1/metadata>
// do
// sleep 1
// done
// #install the Docker volume plugin
// docker plugin install rexray/efs REXRAY_PREEMPT=true EFS_REGION=\${AWS::Region} EFS_SECURITYGROUPS=\${EFSSecurityGroup} --grant-all-permissions
// docker plugin install rexray/ebs REXRAY_PREEMPT=true EBS_REGION=\${AWS::Region} --grant-all-permissions
// #restart the ECS agent
// stop ecs 
// start ecs`


const asg = cluster.createAutoScalingGroup("asg", {
    templateParameters: { minSize: 1 },
    subnetIds: existingVpc.publicSubnetIds,
    launchConfigurationArgs: { 
        instanceType: "t2.medium", 
        associatePublicIpAddress: true, 
        userData:  userData,
        }, 
    });

const nginx = new awsx.ecs.EC2Service("nginx", {
    cluster,
    taskDefinitionArgs: {
        containers: {
            nginx: {
                image: "nginx",
                memory: 128,
                networkListener: { port: 80},
            },
        },
    },
    desiredCount: 2,
});


// Export interesting fields to make them easy to use:
export const vpcId = existingVpc.id;
//export const vpcPrivateSubnetIds = existingVpc.privateSubnetIds;
export const vpcPublicSubnetIds = existingVpc.publicSubnetIds;

If I comment out userData: userData in the Autoscaling Group Definition I have a successful build. When I uncomment the line a include userData in the Autoscaling group the stack errors out with the following.

Diagnostics:
  aws:cloudformation:Stack (asg):
    error: 1 error occurred:
        * creating urn:pulumi:dev::ecs-cpass::awsx:x:ecs:Cluster$awsx:x:autoscaling:AutoScalingGroup$aws:cloudformation/stack:Stack::asg: 1 error occurred:
        * error waiting for CloudFormation Stack creation: failed to create CloudFormation stack, rollback requested (ROLLBACK_COMPLETE): ["The following resource(s) failed to create: [Instances]. Rollback requested by user." "Received 0 SUCCESS signal(s) out of 1.  Unable to satisfy 100% MinSuccessfulInstancesPercent requirement"]
 
  pulumi:pulumi:Stack (ecs-cpass-dev):
    error: update failed

Any hints or code examples that I could follow to get this functioning properly? I have spent way to many hours trying to diagnose how to fix this.

gotta say I'm super excited to start playing with the automation API to build simple internal web services (with Python) for various tasks in my org

Hi. Pulumi 3.0 seems very nice 🎉 I have a question regarding the stack. If you only have AWS lambdas in one environment, then I have to set the condition in the if branch using the stack(), right?

import pulumi
import pulumi_aws as aws

size = 't2.micro'
ami = aws.get_ami(most_recent="true",
                  owners=["137112412989"],
                  filters=[{"name":"name","values":["amzn-ami-hvm-*"]}])

group = aws.ec2.SecurityGroup('webserver-secgrp',
    description='Enable HTTP access',
    ingress=[
        { 'protocol': 'tcp', 'from_port': 22, 'to_port': 22, 'cidr_blocks': ['0.0.0.0/0'] }
    ])

server = aws.ec2.Instance('webserver-www',
    instance_type=size,
    vpc_security_group_ids=[group.id], # reference security group from above
    ami=ami.id)

pulumi.export('publicIp', server.public_ip)
pulumi.export('publicHostName', server.public_dns)

Is there a list of such aliases for AMIs "amzn-ami-hvm-*"? If I want to use Ubuntu Server 20.04 LTS (HVM) instead of Amazon Linux 2 AMI (HVM).

Hello, had a question about listing all my resources when using the azure native - i there a way to do this?

Hi Everyone! I watched the launch of Pulumi 3.0 and I am very excited to start working with the new Cloud Engineering approach.

Hi All, fresh install of pulumi on windows, launched vscode and running pulumi in a c# project and getting this error: error: --yes must be passed in to proceed when running in non-interactive mode

Googled around and it seems the work around is to use --yes, but it means i dont get the preview

Re-posting from general

Hello friends, is there any reference/example pulumi repo for setting up k8s based workloads on aws with golang? i am specifically looking for testing strategy, repo layouts etc