https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
kubernetes
  • d

    dry-sugar-63293

    10/19/2021, 9:45 AM
    Hi Guys, Does anyone have a sample code for creating AWS EKS service with ingress and https load balancer (with managed SSL certificate)?
    • 1
    • 2
  • p

    proud-pizza-80589

    10/19/2021, 2:13 PM
    Stuck on a small chicken and egg problem. I have a k8s deployment which needs the ip of the loadbalancer service, and the service matches the deployment. so they both depend on each other. When use the annotation to skip await the service, the deployment fails because the ip is not there yet. Any idea how to get around this?
    b
    • 2
    • 3
  • r

    ripe-shampoo-80285

    10/19/2021, 5:46 PM
    I have a strange error running Pulumi update for my EKS cluster, anybody saw the similar issue before? How do I debug this? eks:index:Cluster (devtest-eks): error: post-step event returned an error: failed to verify snapshot: resource urn😛ulumi:dev::infra::eks:index:Cluster::devtest-eks dependency refers to missing resource
  • r

    ripe-shampoo-80285

    10/19/2021, 5:46 PM
    Here devtest-eks is the name of my EKS cluster
  • r

    ripe-shampoo-80285

    10/19/2021, 5:48 PM
    Not sure which resource is missing. I did a "pulumi refresh", I'd think it should sync up the state with actual resources provisioned and a pulumi up will fix any missing resources.
  • d

    dry-teacher-74595

    10/19/2021, 9:38 PM
    is there a way to force an update on a secret? i added 2 string fields to a secret but on pulumi preview/refresh it doesnt detect any changes.
    b
    • 2
    • 10
  • w

    wet-noon-14291

    10/21/2021, 10:21 AM
    I have problem with
    destroy
    of my kubernetes resources. I'm using the default config which will use the credentials and it works fine to create the differente resources; deployment, secret, service and ingress. When I run
    pulumi destroy
    it can't remove any of the resources. The error message isn't the best either:
    error: unknown
    Doing some verbose logging doesn't show much more info:
    I1021 12:15:44.274429   85020 rpc.go:72] Marshaling property for RPC[Provider[kubernetes, 0xc0017b47e0].Delete(urn:pulumi:dev::nextjstemplate.deploy::pkg:elkjop:application$kubernetes:<http://networking.k8s.io/v1beta1:Ingress::nextjstemplate-external-ingress,iac-demoenv/nextjstemplate.external|networking.k8s.io/v1beta1:Ingress::nextjstemplate-external-ingress,iac-demoenv/nextjstemplate.external>)]: loadBalancer={map[]}
    I1021 12:15:44.306508   85020 provider_plugin.go:1523] provider received rpc error `Unknown`: `unknown`
    I1021 12:15:44.306573   85020 provider_plugin.go:1526] rpc error kind `Unknown` may not be recoverable
    I1021 12:15:44.306602   85020 provider_plugin.go:1067] Provider[kubernetes, 0xc0017b47e0].Delete(urn:pulumi:dev::nextjstemplate.deploy::pkg:elkjop:application$kubernetes:<http://networking.k8s.io/v1beta1:Ingress::nextjstemplate-external-ingress,iac-demoenv/nextjstemplate.external|networking.k8s.io/v1beta1:Ingress::nextjstemplate-external-ingress,iac-demoenv/nextjstemplate.external>) failed: unknown
    I1021 12:15:44.306646   85020 eventsink.go:86] eventSink::Error(<{%reset%}>unknown<{%reset%}>)
    I1021 12:15:44.307571   85020 snapshot.go:390] SnapshotManager: deleteSnapshotMutation.End(..., false)
    I1021 12:15:44.507443   85020 snapshot.go:536] SnapshotManager.markOperationComplete(urn:pulumi:dev::nextjstemplate.deploy::kubernetes:core/v1:Secret::acr-auth)
    I1021 12:15:44.507504   85020 step_executor.go:327] StepExecutor worker(3): applying step delete on urn:pulumi:dev::nextjstemplate.deploy::pkg:elkjop:application$kubernetes:apps/v1:Deployment::nextjstemplate-deployment (preview false)
    I1021 12:15:44.507607   85020 registry.go:148] GetProvider(urn:pulumi:dev::nextjstemplate.deploy::pulumi:providers:kubernetes::default_3_8_1::7bf0f1f3-3288-4c85-8cef-e04d2e927b78)
    I1021 12:15:44.507690   85020 provider_plugin.go:1039] Provider[kubernetes, 0xc0017b47e0].Delete(urn:pulumi:dev::nextjstemplate.deploy::pkg:elkjop:application$kubernetes:apps/v1:Deployment::nextjstemplate-deployment,iac-demoenv/nextjstemplate) executing (#props=7)
    I1021 12:15:44.507755   85020 rpc.go:72] Marshaling property for RPC[Provider[kubernetes, 0xc0017b47e0].Delete(urn:pulumi:dev::nextjstemplate.deploy::pkg:elkjop:application$kubernetes:apps/v1:Deployment::nextjstemplate-deployment,iac-demoenv/nextjstemplate)]: __initialApiVersion={apps/v1}
    I1021 12:15:44.507831   85020 rpc.go:72] Marshaling property for RPC[Provider[kubernetes, 0xc0017b47e0].Delete(urn:pulumi:dev::nextjstemplate.deploy::pkg:elkjop:application$kubernetes:apps/v1:Deployment::nextjstemplate-deployment,iac-demoenv/nextjstemplate)]: __inputs={map[apiVersion:{apps/v1} kind:{Deployment} metadata:{map[annotations:{map[<http://pulumi.com/timeoutSeconds:{120}|pulumi.com/timeoutSeconds:{120}>]} labels:{map[<http://app.kubernetes.io/managed-by:{pulumi}|app.kubernetes.io/managed-by:{pulumi}>]} name:{nextjstemplate} namespace:{iac-demoenv}]} spec:{map[replicas:{2} selector:{map[matchLabels:{map[app:{nextjstemplate}]}]} template:{map[metadata:{map[labels:{map[app:{nextjstemplate}]}]} spec:{map[containers:{[{map[image:{<http://elkdscontainerregistry.azurecr.io/nextjstemplate:66e54ac|elkdscontainerregistry.azurecr.io/nextjstemplate:66e54ac>} name:{nextjstemplate} ports:{[{map[containerPort:{3000} name:{http}]}]} resources:{map[limits:{map[cpu:{700m} memory:{2000Mi}]} requests:{map[cpu:{700m} memory:{1000Mi}]}]}]}]} imagePullSecrets:{[{map[name:{acr-auth}]}]} priorityClassName:{itds-moderate}]}]}]}]}
    Any idea what might be wrong?
  • c

    creamy-winter-91269

    10/21/2021, 1:08 PM
    Hi
  • c

    creamy-winter-91269

    10/21/2021, 1:15 PM
    Hi I am exploring pulumi interface for our openshift platform .. the configMap seemed to have worked well, but the pod wasn't launched and the 'pulumi up' operation crashed. It appears when the volume mounts are specified, the VolumeAttachment didn't happen which was the cause of crash. I understand there could be many sources, maybe that is why it was not generated. But any suggestions on how this is to be provided ? Patching the program doesn't seem to be a good idea .. thanks for your inputs ...
    b
    • 2
    • 5
  • c

    creamy-winter-91269

    10/21/2021, 1:15 PM
    I was using python language for these operations
  • c

    creamy-winter-91269

    10/21/2021, 1:19 PM
    Also I would like to check if anyone has tried gitlab integration and share their experiences .. thanks
  • c

    creamy-winter-91269

    10/21/2021, 1:20 PM
    any pointers to gitlab integration will be useful
  • m

    most-lighter-95902

    10/22/2021, 3:00 AM
    Does anyone know how to access the Status of a CustomResource in Pulumi?
  • m

    most-lighter-95902

    10/22/2021, 3:03 AM
    I’m using Knative and trying to obtain the external URL generated (in Status) once a knative service is created using Pulumi’s CustomResource
  • p

    proud-pizza-80589

    10/22/2021, 10:16 AM
    I’m wondering about something to improve our CI build and deploy speeds. Rigth now we are building a bunch of docker images (outside of pulumi) and tagging them with both the branch name and the sha of the git repo. By using registry caching in buildx this is as optimal as it can be. But we can also only build the containers that are changed, which is much faster, but then i have a deployment (with pulumi) problem. I now pass in an env var with the current SHA and use that throughout the deploy, updating the deployments on k8s. Using the branch name this would not do anything since the cluster already has the image. So i’m looking for a way to get the latest sha in the github container registry for a branch tagged container in pulumi to use that instead of the git sha. Using the docker provider’s getRegistryImage i thought i was going to get there, but i can’t get it to be authenticated to ghcr. Ahs anyone done something like this before?
    l
    b
    • 3
    • 2
  • b

    bulky-area-51023

    10/23/2021, 3:41 PM
    I’m currently working on fetching pulumi
    secret
    from stack, and generating kubernetes manifest from it (e.g. environment variable). But it doesn’t seem to be replaced into string value. I’m aware of that the return value of
    require_secret
    is
    Output[T]
    but having some passthrough
    apply(lambda val: val)
    doesn’t work. I think the main problem is that
    secret
    object is not a direct argument of subsequent resource. Any kind of piece of advice would be very appreciated
    b
    • 2
    • 5
  • w

    wooden-receptionist-75654

    10/25/2021, 10:45 AM
    Hi Guys, I’m using a
    azure-native.containerservice
    lib to create AKS cluster and I also would like deploy k8s RBAC objects with
    kubernetes
    lib. I have something like:
    # Creating AKS
    const cluster = new containerservice.ManagedCluster(...)
    
    # Getting a kubectlconfig
    const creds = pulumi.all([cluster.name, resourceGroup.name]).apply(([clusterName, rgName]) => {
      return containerservice.listManagedClusterUserCredentials({
          resourceGroupName: rgName,
          resourceName: clusterName,
      });
    });
    const encoded = creds.kubeconfigs[0].value;
    const kubeconfig = encoded.apply(enc => Buffer.from(enc, "base64").toString());
    
    # Creating provider
    const aksProvider = new k8s.Provider("aks", {
      kubeconfig: kubeconfig
    })
    
    # And deploying a role
    const devsGroupRole = new k8s.rbac.v1.Role("pulumi-devs",{...})
    When run it locally with
    pulumi up
    I got auth request:
    To sign in, use a web browser to open the page <https://microsoft.com/devicelogin>".
    Am I missing something?
    b
    b
    • 3
    • 24
  • c

    cuddly-tailor-40542

    10/25/2021, 10:20 PM
    Hi everyone! I currently have Kubernetes setup in a stack (call it kubernetes stack) and i need to reference the provider in kubernetes stack from another stack (call the second stack meta-stack). Also to add, I don't want to export
    cluster.KubeConfig
    as I don't want its value to be printed to the command line. I just need to make the provider in
    meta-stack
    call from
    kubernetes stack
    ➕ 1
    s
    • 2
    • 2
  • g

    green-park-28305

    10/26/2021, 7:32 AM
    Hi all, I am trying to add EC2 root volume encryption for EKS nodes created by eks.ManagedNodeGroup. The below does not work. Perhaps someone here knows the trick? https://www.pulumi.com/registry/packages/eks/api-doc Thanks for your help.
    cluster:eks.Cluster = eks.Cluster(f"{cluster_name}-cluster",
            name=cluster_name,
            ....
            node_group_options=eks.ClusterNodeGroupOptionsArgs(
                cloud_formation_tags={
                    "Name": "EKS Worker Node"
                },
                encrypt_root_block_device=True,
            ),
            ...
        )   
    
        eks.ManagedNodeGroup(f"{cluster_name}-node-group-" + str(i),
                cluster=cluster.core,
                node_group_name=f"{cluster_name}-managed-node-group-" + str(i),
                ....
            ))
  • w

    witty-belgium-75866

    10/27/2021, 9:34 AM
    Hi all, What is the best way to patch an existing deployment with pulumi? for example, I want to 'translate' the following
    kubectl
    command to python-pulumi:
    coredns
    :
    kubectl patch deployment coredns \
        -n kube-system \
        --type json \
        -p='[{"op": "remove", "path": "/spec/template/metadata/annotations/eks.amazonaws.com~1compute-type"}]'
    thanks!
    b
    e
    • 3
    • 9
  • r

    ripe-exabyte-83007

    10/27/2021, 1:33 PM
    Hi all, please how can I added a new node to an existing cluster using the Pulumi typescript library
  • r

    ripe-shampoo-80285

    10/28/2021, 10:28 PM
    I am having a really strange issue trying to create eks. The code used to work well, but now failed with a weird dependency refers to missing resource issue:
    • 1
    • 2
  • r

    ripe-shampoo-80285

    10/28/2021, 10:28 PM
    Untitled.txt
  • r

    ripe-shampoo-80285

    10/28/2021, 10:48 PM
    This can happen for different resource creations:
  • r

    ripe-shampoo-80285

    10/28/2021, 10:48 PM
    Untitled.txt
  • r

    ripe-shampoo-80285

    10/28/2021, 10:48 PM
    This is when I retry "pulumi up"
  • r

    ripe-shampoo-80285

    10/28/2021, 10:49 PM
    It is kind of strange why it try to create a new aws provider (default_4_9_1), I think it should already have a aws provider "default".
  • r

    ripe-shampoo-80285

    10/28/2021, 10:51 PM
    Here is the code snippet for creating the EKS. Really not much to it and it worked before. Maybe an issue in newer version of pulumi release?
  • r

    ripe-shampoo-80285

    10/28/2021, 10:51 PM
    Untitled.txt
  • v

    victorious-exabyte-70545

    10/29/2021, 6:26 PM
    https://www.pulumi.com/registry/packages/kubernetes/api-docs/core/v1/namespace/
Powered by Linen
Title
v

victorious-exabyte-70545

10/29/2021, 6:26 PM
https://www.pulumi.com/registry/packages/kubernetes/api-docs/core/v1/namespace/
View count: 4