Channels
#kubernetes
- c
colossal-car-2729
11/09/2021, 3:37 PMhey im having some issues with
when switching fromk8s.helm.v3.chart
toLocalChartOpts
(so instead of using a chart in a local repository using some upstream repo). In my values.yaml is a line like this:ChartOpts
The file is read with{{ .Files.Get “files/fluentd-prometheus.conf” | indent 4 }}
but is just empty withLocalChartOpts
. I assume the working directory withChartOpts
is neither whereChartOpts
is executed nor where the values.yaml file is located. Any idea one this?pulumi up - m
modern-city-46733
11/09/2021, 5:06 PMHere’s an odd one, getting this error, but the release referenced doesn’t exist:Copy codeError: rendered manifests contain a resource that already exists. Unable to continue with install: MutatingWebhookConfiguration "aws-load-balancer-webhook" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; annotation validation error: key "<http://meta.helm.sh/release-name|meta.helm.sh/release-name>" must equal "aws-load-balancer-controller": current value is "release-xxxxx"b- 2
- 4
- w
witty-belgium-75866
11/11/2021, 10:50 AMHi, I'm using the Helm provider In order to install the
chart on my EKS cluster, by using pulumi ( Python ). The installation goes well, but every time I'm executingaws-load-balancer-controller
orpulumi up
, some of its resources are being changed: it's very unnecessary and time consuming. anybody encountered that? thx!pulumi previeww- 2
- 6
- b
big-potato-91793
11/11/2021, 9:00 PMHello 🙂, I’m doing a migration of our internal package for deploying an ingress. Since, ingress spec will be deprecated at the k8s version 1.22. I was doing some testing. I’m always getting that error the first time I run the pulumi deployment.Copy code
If, i rerun back my pipeline everything pass without any problem. Any idea?Diagnostics: kubernetes:<http://networking.k8s.io/v1:Ingress|networking.k8s.io/v1:Ingress> (ingress-name): error: 1 error occurred: * the Kubernetes API server reported that "namespace/ingress-name" failed to fully initialize or become live: Ingress.extensions "ingress-name" is invalid: spec.rules[0].http.paths[0].backend: Invalid value: "": resource or service backend is requiredg- 2
- 2
- n
nutritious-petabyte-61303
11/12/2021, 2:25 AMIs it normal that pulumi does not clean up after itself if it fails a deployment? - n
nutritious-petabyte-61303
11/12/2021, 2:25 AMA somewhat common example is having a deployment's readiness check fail, which causes its deployment to fail (as pulumi waits for it to become ready) - n
nutritious-petabyte-61303
11/12/2021, 2:26 AMhowever, pulumi just goes "alright, deployment failed" - n
nutritious-petabyte-61303
11/12/2021, 2:26 AMand leaves the failed deployment resources in the cluster - n
nutritious-petabyte-61303
11/12/2021, 2:26 AMinstead of cleaning it up - n
nutritious-petabyte-61303
11/12/2021, 2:26 AMis there any way to make pulumi do that cleanup? - n
nutritious-petabyte-61303
11/12/2021, 2:26 AMor possibly even just not wait for the deployment to become ready? - n
nutritious-petabyte-61303
11/12/2021, 2:27 AMit's not like it doesn't get applied if it doesn't get ready, it's already in the k8s state, so it's somewhat pointless to wait for it to become ready before updating pulumi's staten- 2
- 4
- n
nutritious-petabyte-61303
11/12/2021, 2:28 AMI think waiting for the deployment is fine, but it should also update it to the state even if it fails - m
mammoth-honey-6147
11/12/2021, 2:23 PMI'm generating a cert from a Pulumi deployed cert-manager instance by implementing a custom resource, ie:Copy code
Which works perfectly fine - However, I need to effectively "wait" until the cert is inCertificate, err := apiextensions.NewCustomResource(ctx, "cert", &apiextensions.CustomResourceArgs{ // Various fields, etc }
state - I'm using a DNS challenge method so it can take ~60-90 seconds. I have another app that references the cert that's generated via the corresponding secret, which, I believe, isn't in a fully formed state as the app reads the secret before the entire chain is fully complete. Therefore, how can I facilitate this wait in my code? I could do this by inspecting theready
field of the API object but it looks like I can't do that with the current SDKstatus - q
quick-television-97606
11/12/2021, 11:25 PMsilly question, I tried the pulumi k8s quick start, and it says it deployed I guess a k8s cluster with nginx. but I don't see the cluster in the aws console. I've checked all the accounts in my aws config file that it could have used and regions, and don't see it, and in the pulumi console I don't see where the resources were made, just that they exist. any ideas? 🙂 - n
nutritious-petabyte-61303
11/15/2021, 3:49 PMdoes pulumi wait for k8s jobs to finish instead of just launching them?bgn- 4
- 4
- n
nutritious-petabyte-61303
11/15/2021, 3:49 PMboth make sense in different scenarios but I'm not really sure which one is the default behavior or how can one control it - g
glamorous-australia-21342
11/16/2021, 12:45 AMcould someone help me understand how pulumi updates the kubeconfig on EKS? my colleagues and my CI are having a heck of a time authenticating. Right now my CI is having
. We have a role that is defined in pulumiconfigured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials
for the cluster and I can confirm the IAM role is in aws-auth configmap. Anyone can auth to the cluster with k9s or kubectl using this role, but if anyone tries to do pulumi commands we get this auth error above. I can do anything beause I created the cluster I guess. I even tried using a different test account and have no issues, but my colleagues and my CI is broken. I am not using a providercredentialopts so pulumi is using whatever profile is in the default profile.rolemappingsb- 2
- 6
- g
glamorous-australia-21342
11/16/2021, 12:47 AMalso i'd love to have a separate discussion about caching docker images for EKS in ECR. Via pulumi support I have what I thought would do this, but unfortunately in our CI and locally it seems to building almost everything from scratch. Would like to use cached layers from ECR and speed up CI. - p
purple-plumber-90981
11/16/2021, 11:01 PMis there a neat pulumi way to deploy remote yaml config, ie<https://github.com/kubernetes-csi/external-snapshotter/tree/release-4.0/client/config/crd>- 1
- 3
- s
square-coat-62279
11/17/2021, 11:59 AMhi all,Copy code
while some of my deployments may not have readinessProbe defined, would the code above work?const container: k8stypes.core.v1.Container = { readinessProbe: props.deployment.readinessProbe || null, - w
wonderful-twilight-70958
11/19/2021, 5:52 PMhttps://github.com/pulumi/pulumi-kubernetes-cert-manager/issues/1 This looks closed but still broken for me. Any thoughts on what I might be doing wrong?s- 2
- 4
- m
miniature-leather-70472
11/23/2021, 10:06 AMAnyone installed Flux V2 using Pulumi? If so, how are you doing it, given the lack of a Helm chart - w
wonderful-twilight-70958
11/23/2021, 4:20 PMI'm getting
a lot recently when destroying an eks cluster that has a storage class specified. It's like there's some dependency not working correctly and it tries to destroy the storageclass after the cluster / provider is already gone?post-step event returned an error: failed to verify snapshot: urn:pulumi:dev::pi-vpc-eks::eks:index:Cluster$kubernetes:<http://storage.k8s.io/v1:StorageClass::gateway-cluster-gp2|storage.k8s.io/v1:StorageClass::gateway-cluster-gp2> refers to unknown provider urn:pulumi:dev::pi-vpc-eks::eks:index:Cluster$pulumi:providers:kubernetes::gateway-cluster-eks-k8s::408665c4-5bbf-4595-a470-4b204f053b35 - n
numerous-printer-41511
11/23/2021, 8:22 PMdoes
work with k8s objects?pulumi importw- 2
- 2
- b
big-potato-91793
11/24/2021, 2:40 PMMaybe a bad question, when I was changing my pulumi k8s ingress to used the
version of the ingress. I look at my ingress in my cluster and it seems that I’m still at thev1
? Something I didn’t do correclty?v1beta - b
brainy-appointment-20633
11/24/2021, 5:09 PMHi guys, Is there a way to implement conditional resource creation in a stack. If we write ts for multiple resources inside stack, I want only 4 out of 6 resources to be created in 1 cluster and all 6 in another cluster, but if i provide stack name and stack path while running pulumi up it is creating all 6 in 2 kubernetes clusters. Please let me know if there is a way to implement this.w- 2
- 1
- m
miniature-leather-70472
11/26/2021, 3:08 PMAny had any issues with supplying username/password in the RepositoryOpts of the helm release component? When doing this we get a 401 unauthorized error, using the same creds in a curl request works fine - m
most-lighter-95902
11/27/2021, 3:17 AMGetting a strange error when
is run twice in a row with `k8s.yaml.ConfigFile`:pulumi up - m
most-lighter-95902
11/27/2021, 3:17 AMCopy codeconst knativeOperator = new k8s.yaml.ConfigFile(name, { file: `<https://github.com/knative/operator/releases/download/knative-v${version}/operator.yaml>`, }, { parent: this })