~Currently seeing something frusterating with

helm.v3.Chart

and wondering if i'm missing something. i'm using latest`2.7.2` kubernetes npm package. This is typescript project. The problem is around the

values

property. Essentially when I deploy the helm chart from scratch. All customized

values

work as expected. However, when I change any of those values AFTER the initial deploy pulumi doesn't seem to notice any difference. What I've done in the past is simply comment out the helm chart, run pulumi update (to delete it), and redeploy with new values. However, I cannot do this because it is our ingress controller. Other properties

namespace, version, transformations

all seem to pick up differences. The issue seems to be strictly related to the

values

property. Is there anyway to have pulumi recognize the change in

values

without having to manually delete/replace the helm chart? Let me know if I can make this any more clear 🙏 .~

Hello guys, I have an application that runs on kubernetes and I want to write an operator for it. My idea is using pulumi for that. The Idea is that pulumi is installed inside the operator pod and invoked whenever the application config is changed. Do you see this as a viable approach or would you suggest using other technologies for that?

Hi!! I have a question! How can I import a daemonset without specify all attributes (spec.template, spec.selector) ?

Hey guys, i'm looking to install load balancer mentioned here for my eks cluster - https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html

there are quite a few steps in this, does pulumi have api to support these

On updates that don't touch this code, HPA still tries to deploy and fails because it already exists. I have a number of resources deployed with the pulumi kubernetes sdk all of which work as expected on subsequent runs. Any idea what I am doing wrong here?

How can I use the pulumi

kubernetes

provider to fetch a

secret

from a kubernetes cluster provider, if the secret itself is not created by pulumi?

Hi! I need to update kube-proxy such as is recommended after aws eks upgrade. I want to do this with pulumi. could someone do it?

Hi, It seems the helm v2 sdk is being deprecated. However, V2 has been a workaround of sort for a bug in V3 where it doesn’t render charts with helm hooks specified https://github.com/pulumi/pulumi-kubernetes/issues/1335 Is there a plan to address this bug in V3 or any other acceptable workaround?

I frequently run into issues where Pulumi does not delete a resource before attempting to (re)create it, resulting in a failed

up

. For example, I move an

ingress

to a different namespace but get an error because it has the same host as the "existing" one. How can I handle these to ensure there is no conflict when I run

up

?

Could someone help me with the crd2pulumi tool

Getting an error and trying to find why

I am getting an error

No matching service found for ingress rule: "freepbx.taskrouter.dev.internal/" -> ""

and can't understand why the service name is empty, the service is present and everything works fine besides this pulumi check which leads to a failed deployment

and here what's weird: changing 

apiVersion: extensions/v1beta1

 to 

apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>

  in the ingress definition seemed to solve the issue

looks like the format for path specifications changed between apiversions and now only the new one is supported so ingresses with the old apiversions lead to broken deployments

is there any way to disable pulumi checks for k8s resources being ready before considering a deployment successful?

if the configmap already exists inside the cluster (azure addons), can I somehow edit it using pulumi? Thanks

error: resource kube-system/coredns-custom was not successfully created by the Kubernetes API server : configmaps "coredns-custom" already exists

is there a way to replace a resource inside kubernetes using pulumi? (same behavior as you do with

kubectl apply -f

If resource exists, replace it or create. Thanks

i have a custom clusterrole and clusterrolebinding and would like to assign these permissions to an eks `Cluster`'s

roleMappings[*].groups

property somehow. Neither the name of the clusterrole or binding work here (something like

system:masters

does work though). Anyone know how i can achieve this?

I was able to create a watcher for resources created by

operator (statefulset)

and when

service

resource has been created, I am trying to get it using something like this:

const kc = new k8sClient.KubeConfig();
const watcher = config.servicesK8s.cluster.kubeconfig
  .apply(kubeConfig => kc.loadFromString(kubeConfig))
  .apply(() => new k8sClient.Watch(kc));

export let serviceName = watcher.apply(w => waitFor(w, 'elastic-es-http'));

export const service = pulumi
  .all([namespace.metadata.name, serviceName])
  .apply(([ns, name]) =>
    k8s.core.v1.Service.get('elastic-svc', `${ns}/${name}`, {
      parent: namespace,
      dependsOn: [elasticsearch]
    })
  );

hey guys, i'm trying to figure out how to add users to my EKS cluster so as anyone of my team can deploy apps, doing anything admin on the cluster. Following the Identity docs, I have created an admin iAM role with the permissions suggested through pulumi. I then have created a RBAC role on the cluster plus a clusterbinding. From here i'm lost, how do i associate the admin iAM role with the RBAC role, and then how does one (who isn't me, because i'm defacto admin on the cluster as i created it) query the cluster using kubectl. It feels unclear to me as to how the Kubs RBAC role can associate with the iAM role

is the Operator supposed to be used for this sort of stuff

I was wondering how you guys deal with persistent storage (e.g. StorageClasses, PersistentVolumeClaims, PersistentVolumes) using pulumi. Because of the way pulumi generates the names by adding random strings as postfix, I fear data loss when resources are replaced. Some Helm-Charts (e.g. Elastic Cloud on Kubernetes, Kube-Prometheus-Stack) offer the option of specifying a volumeClaimTemplate. I consider to create a StorageClass and a PV with a fixed name (no auto-naming) before installing these Helm-Charts and then bind them via the volumeClaimTemplate. That way I can define the reclaim policy as 'Retain' and replaced resources will hopefully always be bound to the same PV. Is that a good idea?

@gorgeous-egg-16927 I was trying to upgrade

pulumi-kubernetes

to a more up-to-date version. But my stack wasn’t able to refresh if I didn’t have the old plugin version existing on the machine (I’m running in container so I only have the recent plugin version) Other pulumi provider have this behaviour and I was wondering if this is a bug

Diagnostics:
  pulumi:providers:kubernetes (default_2_6_1):
    error: no resource plugin 'kubernetes-v2.6.1' found in the workspace or on your $PATH, install the plugin using `pulumi plugin install resource kubernetes v2.6.1`

(I was upgrading from 2.6.1 to 2.6.3)

Hi all, I'm trying to wrap an app from kustomize (would have the same problem with basic Kube import as well) as a library, so I'm not loading in the directory/manifests in the directory where the main is running.

func New(ctx *pulumi.Context, options ...pulumi.ResourceOption) error {
	_, err := kustomize.NewDirectory(ctx, "vault", kustomize.DirectoryArgs{
		Directory: pulumi.String("./kustomize"),
	})
	return err
}

It appears that local directories are always relative to the main.go, not the library. I think my only option here is to do a full import into Pulumi, right?

Is there a common way to use pulumi to update a pod on k8s in a build flow. So i have an app, it tags a new version and builds a new container, but then i need to get that version into pulumi. I could do an env variable for the version, or use the config and set it from the commandline. And what if i wanted to use “latest”. I can put the pull policy on always (slow for restarts) but is there a way to script a pod scale down up or pod deletion to trigger the pull and restart?

Hi, we use Pulumi to also deploy a few charts to our Kubernetes cluster. So far that worked well, but to day when updating the certmanager Helm-Chart from version 2.3.4 to 3.0.0 we ran into a problem (although on other system the update worked without a problem.

kubernetes:<http://apiextensions.k8s.io/v1:CustomResourceDefinition|apiextensions.k8s.io/v1:CustomResourceDefinition> (<http://certificates.cert-manager.io|certificates.cert-manager.io>):
    error: 1 error occurred:
    	* the Kubernetes API server reported that "<http://certificates.cert-manager.io|certificates.cert-manager.io>" failed to fully initialize or become live:  "" is invalid: patch: Invalid value: ......." : cannot convert int64 to float64

If i deploy a helm chart using k8s.helm.v3.Chart, is there any way to recover the config i passed in after deploying? Either out of the chart or from the stack or something?

if anyone (will) have problems with helm repo

<http://kubernetes-charts.storage.googleapis.com|kubernetes-charts.storage.googleapis.com>

check this blog post: https://helm.sh/blog/new-location-stable-incubator-charts/