https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
kubernetes
  • b

    better-shampoo-48884

    06/25/2021, 7:50 PM
    thinking that the best option would be to create a component resource which is scoped (i.e. named per cluster) and have all the other stuff hang on that.
  • b

    better-shampoo-48884

    06/25/2021, 7:50 PM
    easier to set the parent as that definetely tracks 😉
  • b

    better-shampoo-48884

    06/25/2021, 8:44 PM
    aaand of course it doesn't. sigh.
  • s

    straight-cartoon-24485

    06/26/2021, 1:23 AM
    is there a way to interrupt an update (manual timeout early?) often, I realize my mistake while I'm `pulumi up`'ing, but alas, I can't cleanly terminate what's going on as usually that invalidates the stack's state and creates dirtier problems...
  • b

    better-shampoo-48884

    06/26/2021, 8:37 AM
    there is customTimeouts on the CustomResourceOptions of the kubernetes provider..
  • b

    better-shampoo-48884

    06/26/2021, 8:38 AM
    https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/pulumi/#CustomResourceOptions which is opts of https://www.pulumi.com/docs/reference/pkg/kubernetes/provider/
  • b

    better-shampoo-48884

    06/26/2021, 8:39 AM
    how this might be modifiable at runtime though is a different question..
  • b

    better-shampoo-48884

    06/26/2021, 9:05 AM
    it's a bit frustrating that k8s helm always takes the pulumi resource name as its name input, all I can do is set a "prefix" and not override that. That means I have to do some string replacement on the variables I can use for component naming so they don't collide in the stack and are able to be created - but the names get horrible when the chart doesn't have a "fullNameOverride" value
  • b

    busy-soccer-65968

    06/28/2021, 7:37 PM
    I'm trying to add a
    taint
    to my
    eks.ManagedNodeGroup
    I see it under
    Supporting Types
    here . but I am not sure how to access it. am I missing something silly?
    • 1
    • 2
  • b

    bitter-rain-31542

    06/29/2021, 12:53 PM
    I have a kubernetes secret managed by Pulumi (as part of a larger stack). I want to stop managing the secret via Pulumi, is there a way to do that without having Pulumi nuke the secret?
    b
    • 2
    • 3
  • b

    bumpy-summer-9075

    06/29/2021, 2:59 PM
    I added Grafana's helm chart using pulumi, and while it works great, every
    pulumi up
    detects changes in a secret and in an annotation (checksum/secret). How do you use
    ignoreChanges
    with helm chart's sub resources?
    g
    • 2
    • 6
  • b

    bright-sandwich-93783

    06/29/2021, 7:11 PM
    Hi everyone. I'm currently debating the merits of managing K8s deployments in Pulumi vs. Helm. I already provision the K8s infrastructure (cluster, etc), but have not yet embraces making K8s API calls (to deploy, etc) from within Pulumi. Am I right in assuming that Pulumi can be a full replacement for Helm -- for example, it can compute the diffs in desired/deployed K8s resources and make the necessary changes (such as deleting a Service if you've deleted it's definition in the Pulumi code). I do like the idea of colocating infra provisioning with app deployment, but I do worry about the ability for a corruption in state file due to some bad/unlucky infra provisioning preventing progress in making application deployment changes inside K8s. Does anyone have thoughts on how to weigh the pros and cons here?
    g
    d
    +2
    • 5
    • 19
  • m

    many-address-46260

    06/29/2021, 9:25 PM
    ive created a custom ComponentResource of which a child resource is a helm chart (ingress-nginx specifically). when using this ComponentResource in a stack, it does not appear that changes to helm config result in changes to changes to resources created by the helm chart. does anyone have thoughts on this?
  • i

    important-sandwich-62391

    06/29/2021, 11:24 PM
    I’m creating an apps/v1:Deployment. Something is wrong in my spec I think, but Pulumi is masking my entire spec as a Secret making it hard to debug? Is there something causing this? I don’t think I’m even using a secret as an input to the Spec? eg,
    + kubernetes:apps/v1:Deployment: (create)
            [urn=urn:pulumi:sandbox-usw2a::app-60-app::kubernetes:apps/v1:Deployment::be-innkeeper-deployment]
            [provider=urn:pulumi:sandbox-usw2a::app-60-app::pulumi:providers:kubernetes::k8s::15e3e6ce-24ca-419c-a449-3238c4372aa6]
            apiVersion: "apps/v1"
            kind      : "Deployment"
            metadata  : {
                labels   : {
                    <http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>: "pulumi"
                }
                name     : "be-innkeeper"
                namespace: "default"
            }
            spec      : "[secret]"
    s
    • 2
    • 3
  • b

    bright-sandwich-93783

    06/30/2021, 11:53 PM
    anyone here know how to read in a K8s entity that isn't managed by Pulumi? I need to annotate an EKS provided service account programatically
    g
    • 2
    • 1
  • b

    bright-sandwich-93783

    06/30/2021, 11:53 PM
    but the only methods I see are
    corev1.GetServiceAccount
    which requires a Pulumi ID
    s
    g
    • 3
    • 5
  • d

    dry-motorcycle-32519

    07/01/2021, 8:47 AM
    Hey Guys Good Morning, I am deploying a helm chart with pulumi and every service name got an extra hash value at the end. How can i disable this auto naming with pulumi ?
    b
    b
    • 3
    • 12
  • m

    many-helicopter-89037

    07/01/2021, 6:27 PM
    Is there a way to find Helm created resource other than this?
    wordpress.getResourceProperty("v1/Service", "wpdev-wordpress", "status");
    This approach doesn't work when some charts like kube-prometheus truncates the long resource names. For example chart creates two different service names based on pulumi resource name.
    new k8s.helm.v3.Chart(
          `kube-prometheus-example`,
          ...
    )
    
    new k8s.helm.v3.Chart(
          `kube-prometheus-example1`,
          ...
    )
    generates following Services..
    kube-prometheus-example-kube-alertmanager
    kube-prometheus-example1-kub-alertmanager
    In such cases I cannot lookup the service its created..
    s
    • 2
    • 1
  • w

    worried-city-86458

    07/01/2021, 11:31 PM
    I'm trying to install the kube prometheus stack via its helm chart: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack ... I've seen a few people mention it in the slack channels. What transformations are you using to get it to work with pulumi?
    g
    b
    • 3
    • 13
  • c

    colossal-battery-24701

    07/03/2021, 6:35 AM
    I am trying to install kube-prometheus-stack via its helm chart. It creates a couple of crds and I want to create some resources using those crds as well. What’s happening is, the creation of these resources using those crds fails (error - resource of type doesn’t exist) because it somehow executes before the kube-prometheus-stack has finished installing. The kube-prometheus-stack creation and the resources are all in different files. I tried adding
    dependsOn
    to the custom resources but that does not help. Is there any example where I see dependent k8s resources being created from different files. Also, I am using typescript. Any help is highly appreciated.
    b
    • 2
    • 2
  • c

    curved-doctor-83600

    07/04/2021, 2:38 PM
    Hi, today I updated the "values" part of a helm chart (v3) I deployed with pulumi, but pulumi didn't notice any change, therefore reported "everything unchanged". Is this a known limitation or should I dig deeper to (maybe) reveal an issue?
    p
    • 2
    • 5
  • b

    bored-monitor-99026

    07/06/2021, 6:10 AM
    Pulumi works well with modern “immutable infrastructure” architectures, where bootstrapping and patching are unnecessary. In such cases, configuration management is not needed in the usual sense.
    hi! how does immutable infra works with persistent storage in k8s? please see this example: i have deployed a statefulset application on k8s, whose pods and persistent volume live on a node(machine). now i am going to do some system update to that machine(node). for “immutable infrastructure”, it will destroy the old one, which will definitely leave my app in error state. i believe ppl who designed "immutable infra" already figured a elegant solution for the above. can someone share your thoughts here? thanks!
    s
    • 2
    • 4
  • b

    bright-sandwich-93783

    07/06/2021, 2:04 PM
    You'd need to create a new node pool and do a blue/green type of upgrade. This isn't something an Infrastructure-as-code solution will do for you
    b
    • 2
    • 1
  • b

    bright-sandwich-93783

    07/06/2021, 9:47 PM
    I'm assuming most of us are using Server Side Apply at this point. How do I configure the manager name of fields managed by pulumi?
  • b

    bored-monitor-99026

    07/07/2021, 6:48 AM
    just curious, for ppl who use pulumi rke provider, if you update some config/parameter of a existing cluster, the cluster will get updated in place right? it won't be destroyed and recreated
    b
    • 2
    • 7
  • s

    some-twilight-56575

    07/07/2021, 3:25 PM
    I am attempting to use the pulumi_tls module to populate a k8s secret how do I Base64 encode the output of the tls module for use in secrets?
    b
    • 2
    • 4
  • s

    stale-nail-78326

    07/07/2021, 7:00 PM
    Hello folks, I have a quick question about how to install Grafana using its Helm chart. What I'm trying to do is to install Grafana with a datasource, but it fails to read the configuration when using Pulumi's
    k8s.helm.v3.Chart
    values
    parameter. I suspect it happens because one of the keys is
    datasources.yaml
    which contains a
    .
    and may be expanded to something the helm chart does not understand. This YAML works when installing the chart not using Pulumi:
    datasources:
      datasources.yaml:
        apiVersion: 1
        datasources:
          - name: "Cinnamon Prometheus"
            type: prometheus
            access: proxy
            url: <http://prometheus-server.default.svc.cluster.local>
            editable: true
    But it fails when using Pulumi (typescript api):
    new k8s.helm.v3.Chart(
      "grafana",
      {
        chart: "grafana",
        fetchOpts: {
          repo: "<https://grafana.github.io/helm-charts>",
        },
        values: {
          datasources: {
            "datasources.yaml": {
              apiVersion: 1,
              datasources: {
                name: "Cinnamon Prometheus",
                type: "prometheus",
                access: "proxy",
                url: "<http://prometheus-server.default.svc.cluster.local>",
                editable: true,
              },
            },
          },
        },
      },
      { provider: clusterProvider },
    );
    b
    • 2
    • 13
  • p

    proud-pizza-80589

    07/08/2021, 11:53 AM
    How would one scale the PV/PVC of a statefulset deployed via helm/pulumi? Changing the storage value in the statefulset is ignored (not even a replace which is probably a good idea :))
    r
    • 2
    • 2
  • p

    proud-pizza-80589

    07/09/2021, 7:01 AM
    is kubernetesx still maintained? Some fairly simple things (e.g. a pvc.mount() in both an init container and main container) give naming collisions.
    b
    • 2
    • 3
  • i

    important-sandwich-62391

    07/09/2021, 2:07 PM
    Has anyone used https://github.com/benesch/pulumi-kubernetes-proxy ? Is there a better-way to access in-vpc/cluster resources like a postgres? I would like to provision another role & db…..
    b
    • 2
    • 1
Powered by Linen
Title
i

important-sandwich-62391

07/09/2021, 2:07 PM
Has anyone used https://github.com/benesch/pulumi-kubernetes-proxy ? Is there a better-way to access in-vpc/cluster resources like a postgres? I would like to provision another role & db…..
b

billowy-army-68599

07/09/2021, 2:26 PM
this is the first I'm seeing of this, it's very cool!
View count: 5