pulumi-community #kubernetes

most-lighter-95902

11/27/2021, 3:18 AM

Copy code

/Users/seungchanlee/Documents/create-knative-cluster/node_modules/@pulumi/pulumi/runtime/invoke.js:127
            const resp = yield debuggable_1.debuggablePromise(new Promise((innerResolve, innerReject) => monitor.invoke(req, (err, innerResponse) => {
                                                                                                                 ^

<ref *1> TypeError: Cannot read properties of null (reading 'invoke')
    at /Users/seungchanlee/Documents/create-knative-cluster/node_modules/@pulumi/pulumi/runtime/invoke.js:127:114
    at new Promise (<anonymous>)
    at /Users/seungchanlee/Documents/create-knative-cluster/node_modules/@pulumi/pulumi/runtime/invoke.js:127:63
    at Generator.next (<anonymous>)
    at fulfilled (/Users/seungchanlee/Documents/create-knative-cluster/node_modules/@pulumi/pulumi/runtime/invoke.js:18:58)
    at processTicksAndRejections (node:internal/process/task_queues:96:5) {
  promise: Promise { <rejected> [Circular *1] }
}

most-lighter-95902

11/27/2021, 3:18 AM

It looks as though running

pulumi up

more than once with

k8s.yaml.ConfigFile

is attempting to delete and recreate resources.

most-lighter-95902

11/27/2021, 3:19 AM

This behavior doesn’t exist when running

kubectl

to apply the yaml file directly:

most-lighter-95902

11/27/2021, 3:19 AM

Copy code

kubectl apply -f <https://github.com/knative/operator/releases/download/knative-v1.0.0/operator.yaml>

most-lighter-95902

11/27/2021, 3:19 AM

Anyone has any idea why this is happening?

most-lighter-95902

11/27/2021, 3:20 AM

Nothing’s changed in the stack, so shouldn’t it just not do anything?

most-lighter-95902

11/27/2021, 4:38 AM

I also tried

ConfigGroup

but same issue

mammoth-honey-6147

11/29/2021, 5:28 PM

Got a interesting issue, I'm trying to configure a new

provider

instance:

Copy code

kubeconfig := toolsCluster.KubeConfig
		clusterProvider, err := kubernetes.NewProvider(ctx, "tools-cluster", &kubernetes.ProviderArgs{
			Kubeconfig: kubeconfig,
		})

For my resource i append

pulumi.Provider(clusterProvider)

to use it but I get:

Copy code

error: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: Get "<https://myapiserver>": x509: certificate signed by unknown authority

However I'm using a Letsencrypt cert (production issuer). So I can, for example, do a

curl <https://myaipserver>

without needing to supply

--insecure

etc.

openssl s_client -connect myapiserver:443

also doesn't reveal any cert issues

white-train-9300

12/01/2021, 6:51 PM

We’re having an issue with stack.refresh() and K8s credentials not updating. Our Pulumi-based deployments read the K8s credentials from disk and put them into the k8s.Provider before doing stack.refresh(). However, it seems to be using the old credentials in the K8s Provider’s backend state, rather than the current credentials which we just read into the provider. This causes it to fail whenever the K8s credentials expire or change. Is this expected? How can we force it to update the Provider’s creds?

strong-window-52645

12/01/2021, 9:30 PM

Hi all - had a question about Deployment objects being marked as secret: We're seeing something similar to this problem: https://github.com/pulumi/pulumi-kubernetes/issues/1576 -- But the entire Deployment.Spec is marked as secret, so any diffs are more or less useless. There is no secret data (esp at the Spec level), but there are secret references (similar to the linked issue). Is this being worked on? The workaround is apparently to

unsecret()

, but I"m not even sure what should be wrapped, as the entire Deployment.Spec is marked as secret??

strong-window-52645

12/01/2021, 11:11 PM

One other note that makes this hard to track down - some manifests also have this problem - but have no env var secret refs (so different than the linked issue)

wonderful-twilight-70958

12/01/2021, 11:33 PM

Is there anyway with

crd2pulumi

to have more control over the package.json for example? I'm trying to automate CRD generation and pushing a public npm package. Right now I don't see any way of editing that pre-defined package.json, other than programmatically editing post generation?

cuddly-football-51817

12/03/2021, 1:10 AM

Greetings everyone, I am new to pulumi. I have been trying to deploy aks cluster with ingress chart using C#. How will be able to pass the helm chart value file and --create-namespace argument?

elegant-window-55250

12/06/2021, 6:01 PM

Hello 👋 I'm having issues with this:

Copy code

configured Kubernetes cluster is unreachable: failed to parse kubeconfig data in `kubernetes:config:kubeconfig`- couldn't get version/kind; json parse error: json: cannot unmarshal string into Go value of type struct { APIVersion string "json:\"apiVersion,omitempty\""; Kind string "json:\"kind,omitempty\"" }

This happened after doing some refactoring (deleting >25 resources) in our cluster. Now, I'm not sure how I'm going to continue forward. I can confirm with the same credentials, I can access the cluster using

kubectl

. I can also see the resources that Pulumi is trying to delete. There's also no other changes than naming of resources. Can someone point me in the right/a direction?

sparse-spring-91820

12/06/2021, 11:12 PM

I know that issue is not related to Pulumi itself but maybe someone faced the same issue and know solution. I am trying to create ingress-nginx controller for each namespace (dev, staging, prod) and I got errors saying that

"nginx-ingress-nginx-admission" already exists

etc. I added:

Copy code

values: {
    controller: {
      ingressClassResource: {
        name,
        enabled: true,
        default: false,
        controllerValue: `<http://k8s.io/${currentStack}-ingress-nginx|k8s.io/${currentStack}-ingress-nginx>`
      },
  ...

config as described in docs: https://kubernetes.github.io/ingress-nginx/user-guide/multiple-ingress/ . Also I added

Copy code

ingressClassName: name,

to the Ingress rule but still doesn't work. Does anyone know solution? Thanks 🙌

wonderful-twilight-70958

12/07/2021, 1:44 AM

kube2pulumi not working atm? Saying can't open output file?

wonderful-twilight-70958

12/07/2021, 2:08 PM

Also getting this error from Github when trying to download the binary release for kube2pulumi:

Copy code

<Error>
<Code>ServerBusy</Code>
<Message>Egress is over the account limit. RequestId:7acd46a7-b01e-006c-1c73-ebc9f2000000 Time:2021-12-07T14:08:08.9796530Z</Message>
</Error>

big-potato-91793

12/08/2021, 7:53 PM

Question for k8s folks at Pulumi. We have hit a weird bug with our loadbalancer controller. We were wondering if pulumi is waiting on the finalizer to completed the deleting of a resource?

steep-portugal-37539

12/08/2021, 11:17 PM

Hey guys! anyone know of a way to do non-cascade delete of statefulsets without manual intervention? https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#non-cascading-delete

important-vegetable-39003

12/10/2021, 4:52 PM

Hi folks, does anyone know how to specify the cluster through code when creating a resource?

full-dress-10026

12/11/2021, 12:39 AM

I have created an ingress-nginx chart. I'd like to get the hostname of the AWS NLB that was created. Does anyone know how I might go about doing that?

magnificent-tent-53010

12/13/2021, 2:51 AM

Hi folks. Has anyone worked with pulumi/digitalocean before? When using KubernetesCluster, I can't figure out what to pass to cluster.getProvider(moduleMember: string) in order to get the provider so that my k8s deployments go to the correct cluster

important-vegetable-39003

12/13/2021, 11:40 AM

Does anyone know what's the reason behind this error from

kube2pulumi

Copy code

unable to run program: Error: Missing item separator

  on pcl-546459028.pp line 80:
  75: envFrom = [
  76: {
  77: configMapRef = {
  78: name = "global-configmap"
  79: },
  80: }
  81: {

Expected a comma to mark the beginning of the next item.

Seems to be a bug with kube2pulumi?

victorious-exabyte-70545

12/14/2021, 9:27 PM

Does anyone know how to set the security context when using the pulumi_kubernetes.helm.v3.Chart resoure? I know that it can very from chart to chart but is there a standard way to achieve this with the pulumi chart resource? Thanks.

freezing-architect-84290

12/16/2021, 6:02 PM

Hi, is Crosswalk for Kubernetes available in Go lang? or is it on the roadmap?

clever-wall-4616

12/18/2021, 1:31 AM

Hey all, I'm trying to set up a dynamic resource (in TypeScript) that creates a Vault instance via a Helm chart, initializes and unseals the server and then outputs the root token and unseal keys as secrets. The issue I keep running into is that Pulumi tries to run the post-deployment logic (initialization + unsealing) during preview. I've tried wrapping the result of that logic (which runs in the resource's constructor) using

all

and

apply

but that doesn't stop Pulumi from running it. I've considered moving the Helm chart creation out of the custom resource and making the custom resource depend on it. While that would probably work, I would prefer to bundle that into the custom resource if possible. Is there anything you'd suggest to get around this? Thanks in advance.

sparse-butcher-73713

12/22/2021, 7:39 AM

Good morning! what is the best way to configure a container environment with pulumi? Obviously it will contain secrets so it cant be committed to git, is there a way to persist the config and then pass it to the container? Also, on a code level, how can I "mass" pass the variables without creating them one by one in the code?

sparse-butcher-73713

12/23/2021, 7:30 AM

jolly new error 😄

sparse-butcher-73713

12/23/2021, 7:30 AM

Copy code

kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> (nginx):
    warning: Helm release "nginx-z31ydwbs" was created but has a failed status. Use the `helm` command to investigate the error, correct it, then retry. Reason: failed pre-install: timed out waiting for the condition
    error: failed pre-install: timed out waiting for the condition

sparse-butcher-73713

12/23/2021, 7:30 AM

let's look at the pod....