Channels
#kubernetes
- b
broad-helmet-79436
02/17/2020, 4:23 PMwith this diff on a deployment (migrating from kubernetes.apps.v1beta1.Deployment to kubernetes.apps.v1.Deployment) - b
broad-helmet-79436
02/17/2020, 4:23 PM… I’m seeing the same resource listed to replace twice 😛 is that intentional? - b
broad-helmet-79436
02/17/2020, 4:24 PM“details” look like this: - b
broad-helmet-79436
02/17/2020, 4:24 PMposting here instead of in a github issue because I want to understand if this makes sense, or if it’s a bugw- 2
- 3
- l
limited-rainbow-51650
02/18/2020, 3:38 PMIn the Pulumi Helm Wordpress example, I read this note: The Tiller server is not required to be installed. Pulumi will expand the Helm Chart and submit the expanded YAML to the cluster. Is this always the case? What if you have Helm charts which depend on this server expansion?g- 2
- 3
- l
limited-rainbow-51650
02/18/2020, 3:39 PM - c
creamy-forest-42826
02/19/2020, 7:35 AMHello, we are using ConfigGroup with namespace transformation. When we try
, we will see previous namespace in name. It's bug or wanted behavior? Situation:pulumi previewCopy code
When previous namespace is telletubies and I want new namespace as evils. I will see name, which namespace as before transformation, (telletubies/RESOURCE_NAME) in preview (or pulumi up - preview part).export function initPrometheusService(namespace: string) { new k8s.yaml.ConfigGroup( "prometheus-service-deploy", { files: [ join(getPath(), "tinky-winky.yaml"), join(getPath(), "dipsy.yaml"), join(getPath(), "laa-laa.yaml"), join(getPath(), "po.yaml") ] }, { parent: aks, transformations: [ (obj: any) => { const metadata = obj.props?.metadata; if (!metadata) { return; } metadata.namespace = "evils"; return obj; } ] } ); }g- 2
- 5
- b
bitter-dentist-28132
02/19/2020, 4:15 PMis there a way to set the availability zone of an eks cluster? when trying to create a cluster in us-east-1 i get:Copy codeCannot create cluster 'asp-staging-eksCluster-9deaa44' because us-east-1e, the targeted availability zone, does not currently have sufficient capacity to support the cluster. Retry and choose from these availability zones: us-east-1a, us-east-1b, us-east-1c, us-east-1d, us-east-1fgb- 3
- 6
- l
limited-rainbow-51650
02/19/2020, 8:18 PMPfff, why are people still writing Helm charts. With some proper magic, one could even generate a Helm chart from your Pulumi code… - l
limited-rainbow-51650
02/19/2020, 8:19 PMNevertheless,
andkubernetes.yaml.ConfigFile
does wonders for the time being.kubernetes.helm.v2.Chart🎉 4 - c
chilly-photographer-60932
02/19/2020, 11:58 PMHow are you all deploying
withinistio
usingk8s
? Especially with the new recommended way of usingpulumi
overistioctl
?helm
andIstio
don’t work very well together IMO.helmmg- 3
- 9
- a
ambitious-fireman-71676
02/20/2020, 9:29 PMhi community! i have a question about using pulumi config secrets as k8s secrets. if i create a pulumi config secret and i want to use that as a k8s secret (in python via):Copy code
i see that it doesnt base64 encode the value when i runsecret_key = Secret( "my-secret-key", data={"secret-key": config.require_secret("mySecretKey")} )
and look at the resource manually viapulumi up
. is this intentional? or am i doing something wrong? my current workaround is to base64 encode the secret before runningkubectl get secret -oyaml my-secret-key-<hash>pulumi config set --secret mySecret <value>g- 2
- 2
- q
quaint-book-39362
02/22/2020, 4:14 AMhi. can anyone help with this, please? can't install any helm charts - q
quaint-book-39362
02/22/2020, 4:14 AM - q
quaint-book-39362
02/22/2020, 8:30 PMwould really appreciate some help with that. everything else with pulumi works completely fine. it's just helm charts not working at all and am having to install them manually right noww- 2
- 9
- f
faint-vase-19563
02/23/2020, 10:23 AMHey community, does anyone have any tips for trying to learn kubernetes-python? It's really hard to find examples online / I'm unsure how to test or troubleshoot the code. Right now I'm trying the following: https://github.com/Robinsane/PulumiStart Any help is hugely appreciated! - h
hundreds-portugal-17080
02/24/2020, 2:25 AMI am using eks and version 1.14 and helm charts are based of 1.14. Have been seen these warnings when performing pulumi up. Am I doing something wrong?g- 2
- 2
- l
limited-rainbow-51650
02/24/2020, 1:51 PMI have a pulumi Kubernetes namespace. I deploy a Helm chart via Pulumi and afterwards want access to one of the resources. I use
in my code to get access to the service resource, but this doesn’t seem to work because the namespace needs to be achart.getResource("v1/Service, mynamespace.metadata.name, "my-service")
, not anstring
. How can I get the string the pulumi way? I tried withOutput
but that didn’t work.mynamespace.metadata.name.apply(value => +value)b- 2
- 1
- p
plain-businessperson-30883
02/24/2020, 4:11 PMHello! Yesterday I was trying to import some resources from my k8s clusters (Service Account, ClusterRole and ClusterRoleBinding) but I ran into some issues, where the import command could not find the resource definitions (
of the ClusterRole andrules
androleRef
of the ClusterRoleBinding), so it failed to import. I could workaround the issue by exporting and importing the resources withsubjects
. The only difference I noticed it that now the resource had thekubectl
annotation. Is it the expected behavior? It seems odd to me to depend on an specific tool annotation for doing the import? (I understand that is an official tool, but it does not mean it is the only tool that creates resources in the cluster). I see that the support for this annotation was added on version `0.25.1`: https://github.com/pulumi/pulumi-kubernetes/blob/master/CHANGELOG.md#0251-july-2-2019 Maybe the issue is in the logic of "parsing the live inputs"? https://github.com/pulumi/pulumi-kubernetes/blob/9ea9de0398c48c79abb9ce68004a8a551b98ad7e/pkg/provider/provider.go#L2237 @microscopic-florist-22719 @white-balloon-205 @gentle-diamond-70147<http://kubectl.kubernetes.io/last-applied-configuration|kubectl.kubernetes.io/last-applied-configuration>g- 2
- 2
- a
ambitious-fireman-71676
02/25/2020, 2:18 AMim curious if anyone else has seen this aside from me. i’m trying to use a remote yaml in a resource using the python sdkCopy code
but when i runfrom pulumi_kubernetes.yaml import ConfigFile cert_manager_resources = ConfigFile('cert-manager', file_id='<https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml>')
i get an exception:pulumi previewCopy codeException: Exception deserializing response!g- 2
- 9
- s
salmon-ghost-86211
02/25/2020, 1:17 PMI have created a Kubernetes Ingress using the following code.Copy code
An ALB is created with an HTTPS/443 listener and the rules I have specified, but the problem is there is no HTTP/80 listener that redirects to HTTPS. The Ingress call doesn't look like it supports that either. It looks like I could do something likeimport * as k8s from "@pulumi/kubernetes"; const httpsIngressResource = new k8s.extensions.v1beta1.Ingress(...Copy code
but I'm not sure how to reference the load balancer created above. The only piece of data that seems to cross over between AWS and Pulumi is the URL. Should this be solved with theimport * as aws from "@pulumi/aws"; const httpListener = new aws.lb.Listener("httpListener", {
object or maybeListener
orIngress
?IngressList - b
better-rainbow-14549
02/26/2020, 4:53 PMgot a strange issue where a service doesn't exist on a cluster, but it's in the state and
won't clear it. when it comes to update i just get:pulumi refreshCopy codeerror: update of resource nightly/nginx failed because the Kubernetes API server reported that it failed to fully initialize or become live: services "nginx" not found - b
bitter-dentist-28132
02/27/2020, 5:51 PMare transformations unable to set
? I'm trying to set the annotations of the aws cluster autoscaler as per https://docs.aws.amazon.com/eks/latest/userguide/cluster-autoscaler.html#ca-deploy, but it seems those annotations never make it to the actual created deployment object. i'm loading from aobj.metadata.annotations
fwiwyaml.ConfigFilew- 2
- 3
- l
limited-rainbow-51650
03/02/2020, 4:34 PMNO! A warning about an unreachable K8s cluster should not remove the resource from the Pulumi state!Copy code
Nothing of that Helm chart deployment is actually deleted!Diagnostics: kubernetes:apps:Deployment (ingress-gloo-qq119b7f/discovery): warning: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: Get https://<mycluster>.<http://azmk8s.io:443/openapi/v2?timeout=32s|azmk8s.io:443/openapi/v2?timeout=32s>: net/http: TLS handshake timeout ... 15 more times ... Resources: - 15 deleted 69 unchangedg- 2
- 21
- a
abundant-smartphone-52752
03/02/2020, 7:44 PMCan you guys give me some tips on how to deploy a kubernetes cluster using rancher2? I'm looking at the rancher2 documentation (https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/rancher2/), but I don't how to start. - b
better-rainbow-14549
03/03/2020, 10:51 AMCopy codeexport class Certificate extends kubernetes.apiextensions.CustomResource { constructor( name: string, namespace: pulumi.Input<string>, domains: pulumi.Input<string>[], issuer: CertificateIssuer, secretName: pulumi.Input<string> = name ) { super( name, { apiVersion: "<http://certmanager.k8s.io/v1alpha1|certmanager.k8s.io/v1alpha1>", kind: "Certificate", metadata: { name: name, namespace: namespace }, spec: { secretName: secretName, dnsNames: domains, acme: { config: issuer.configuration.map(x => ({ ...x, domains: domains })) }, issuerRef: { name: issuer.name, kind: issuer.kind } } }, { provider: issuer.provider } ); } }👍 1h- 2
- 2
- c
chilly-waiter-18319
03/05/2020, 4:32 PMare you able to pass around a kube provider to multiple classes/ subclasses? for some reason if I implement a class for an app, the app will deploy fine. But if I try to make a class that houses several apps together, the provider fails with a message saying it failed to parse, even though it looks exactly the same in console.log - s
some-spring-67797
03/05/2020, 8:00 PMIs there an equivelant to `replace --force`` when running pulumi up? I cancelled the pulumi up process midway when I realized I had bug in my deployment. Now anytime I attempt to deploy on the stack I get the following error:Copy code
Does anyone know of a way to recover from this? I deployed about 100 deployments in a loop so trying to avoid manually taking down each pod.These resources are in an unknown state because the Pulumi CLI was interrupted while waiting for changes to these resources to completeg- 2
- 2
- d
damp-painter-36857
03/08/2020, 9:52 AMhey - quick question. I'm working with kubernetes in typescript. I want to add an annotation to a pre-existing Namespace (the
namespace, to be specific), but if I fetch it withdefault
and then try to modifyns = Namespace.get(...)
then Pulumi bombs out claiming the property is read-only. Any ideas for a workaround? I've tried defining it as plain old YAML and usingns.metadata.annotations
but that fails too.ConfigFile - p
polite-motherboard-78438
03/08/2020, 12:08 PMhello. it´s possible to create a Custom Resource without using the YAML resource or an Helm chart? In my case I need to create a ClusterIssuer for cert-manager. The solution I was using with terraform was to create a custom Helm chart. Wondering if there is a better way with Pulumi. Note: I dont want to use the yaml resource because there are some properties I have to load from config and replace in the resourcedb- 3
- 8