message has been deleted

are you able to pass around a kube provider to multiple classes/ subclasses? for some reason if I implement a class for an app, the app will deploy fine. But if I try to make a class that houses several apps together, the provider fails with a message saying it failed to parse, even though it looks exactly the same in console.log

Is there an equivelant to `replace --force`` when running pulumi up? I cancelled the pulumi up process midway when I realized I had bug in my deployment. Now anytime I attempt to deploy on the stack I get the following error:

These resources are in an unknown state because the Pulumi CLI was interrupted while
waiting for changes to these resources to complete

Does anyone know of a way to recover from this? I deployed about 100 deployments in a loop so trying to avoid manually taking down each pod.

hey - quick question. I'm working with kubernetes in typescript. I want to add an annotation to a pre-existing Namespace (the

default

namespace, to be specific), but if I fetch it with

ns = Namespace.get(...)

and then try to modify

ns.metadata.annotations

then Pulumi bombs out claiming the property is read-only. Any ideas for a workaround? I've tried defining it as plain old YAML and using

ConfigFile

but that fails too.

hello. it´s possible to create a Custom Resource without using the YAML resource or an Helm chart? In my case I need to create a ClusterIssuer for cert-manager. The solution I was using with terraform was to create a custom Helm chart. Wondering if there is a better way with Pulumi. Note: I dont want to use the yaml resource because there are some properties I have to load from config and replace in the resource

I'm working on bootstrapping a cluster, and I noticed that when I create a

kubernetes.Provider

with an inline

kubeconfig

string, the string (with cluster access tokens) isn't being treated as a secret. Is there any way to mark this as a secret, so that the cluster's cleartext root credentials aren't available in diffs and the state store?

https://github.com/aws/containers-roadmap/issues/380#issuecomment-597351516 Better late than never

Hi there, does @pulumi/kubernetesx have a future? Seems like it hasn't been updated in a while?

👋 Pulumi newbie here. I'm working on getting Cloudwatch/statsd/fluentd working from some preexisting k8s yaml files at https://github.com/aws-samples/amazon-cloudwatch-container-insights/blob/k8s/1.1.0/k8s-deployment-manifest-templates/deployment-mode/daemonset/combination/combination.yaml One issue I keep running into are errors like:

kubernetes:core:ConfigMap (eks-cluster-nodeAccess):
  error: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials

I believe this has something to do with my

ConfigGroup

and/or

provider

parameter. Can anyone shed some light on this?

Hello all 👋 - also a newbie to Pulumi. I was able to use it to create an Azure AKS Kubernetes cluster, and also set the kubernetesVersion and update the cluster with pulumi up, but I wasn't able to see how I can set the default nodepool version, which I believe is set independently and e.g. has an azure CLI command to upgrade, but I would like to do this declaratively if at all possible? Thanks.

should i be worried about a goroutine panic that seems to be related to my kubeconfig, but doesn't actually seem to affect the correctness of my program ... ?

panic: interface conversion: interface {} is resource.PropertyMap, not string
    goroutine 28 [running]:
    <http://github.com/pulumi/pulumi/pkg/resource.PropertyValue.StringValue(...)|github.com/pulumi/pulumi/pkg/resource.PropertyValue.StringValue(...)>
    	/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi@v1.6.1/pkg/resource/properties.go:359
    <http://github.com/pulumi/pulumi-kubernetes/pkg/provider.parseKubeconfigPropertyValue(0x2386280|github.com/pulumi/pulumi-kubernetes/pkg/provider.parseKubeconfigPropertyValue(0x2386280>, 0xc0001fea50, 0x2475423, 0xa, 0xc0001b2508)
    	/home/travis/gopath/src/github.com/pulumi/pulumi-kubernetes/pkg/provider/util.go:85 +0x169
    <http://github.com/pulumi/pulumi-kubernetes/pkg/provider.(*kubeProvider).DiffConfig(0xc000014000|github.com/pulumi/pulumi-kubernetes/pkg/provider.(*kubeProvider).DiffConfig(0xc000014000>, 0x26e1260, 0xc0001fe9f0, 0xc0001380e0, 0xc000014000, 0x2275301, 0xc00031a0c0)
    	/home/travis/gopath/src/github.com/pulumi/pulumi-kubernetes/pkg/provider/provider.go:278 +0x61b
    <http://github.com/pulumi/pulumi/sdk/proto/go._ResourceProvider_DiffConfig_Handler.func1(0x26e1260|github.com/pulumi/pulumi/sdk/proto/go._ResourceProvider_DiffConfig_Handler.func1(0x26e1260>, 0xc0001fe9f0, 0x23a5e80, 0xc0001380e0, 0x23c0a00, 0x33070c0, 0x26e1260, 0xc0001fe9f0)
    	/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi@v1.6.1/sdk/proto/go/provider.pb.go:1504 +0x86
    <http://github.com/grpc-ecosystem/grpc-opentracing/go/otgrpc.OpenTracingServerInterceptor.func1(0x26e1260|github.com/grpc-ecosystem/grpc-opentracing/go/otgrpc.OpenTracingServerInterceptor.func1(0x26e1260>, 0xc000577200, 0x23a5e80, 0xc0001380e0, 0xc00000cb20, 0xc00000cb40, 0x0, 0x0, 0x26a05e0, 0xc0000cf7b0)
    	/home/travis/gopath/pkg/mod/github.com/grpc-ecosystem/grpc-opentracing@v0.0.0-20171105060200-01f8541d5372/go/otgrpc/server.go:61 +0x36e
    <http://github.com/pulumi/pulumi/sdk/proto/go._ResourceProvider_DiffConfig_Handler(0x2402f60|github.com/pulumi/pulumi/sdk/proto/go._ResourceProvider_DiffConfig_Handler(0x2402f60>, 0xc000014000, 0x26e1260, 0xc000577200, 0xc0000de3c0, 0xc0004d2040, 0x26e1260, 0xc000577200, 0xc000331300, 0x101f)
    	/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi@v1.6.1/sdk/proto/go/provider.pb.go:1506 +0x14b
    <http://google.golang.org/grpc.(*Server).processUnaryRPC(0xc00034e300|google.golang.org/grpc.(*Server).processUnaryRPC(0xc00034e300>, 0x26fdc00, 0xc00045b500, 0xc00015a200, 0xc000436180, 0x32d3258, 0x0, 0x0, 0x0)
    	/home/travis/gopath/pkg/mod/google.golang.org/grpc@v1.21.1/server.go:998 +0x46a
    <http://google.golang.org/grpc.(*Server).handleStream(0xc00034e300|google.golang.org/grpc.(*Server).handleStream(0xc00034e300>, 0x26fdc00, 0xc00045b500, 0xc00015a200, 0x0)
    	/home/travis/gopath/pkg/mod/google.golang.org/grpc@v1.21.1/server.go:1278 +0xd97
    <http://google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc00039bd30|google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc00039bd30>, 0xc00034e300, 0x26fdc00, 0xc00045b500, 0xc00015a200)
    	/home/travis/gopath/pkg/mod/google.golang.org/grpc@v1.21.1/server.go:717 +0xbb
    created by <http://google.golang.org/grpc.(*Server).serveStreams.func1|google.golang.org/grpc.(*Server).serveStreams.func1>
    	/home/travis/gopath/pkg/mod/google.golang.org/grpc@v1.21.1/server.go:715 +0xa1

Is there a way to query a custom resource in dotnet? I want to import an existing custom resource object but I am unable to find information on how to do this.

is there any support in pulumi EKS (crosswalk or standard) for upgrading clusters (https://docs.aws.amazon.com/eks/latest/userguide/update-cluster.html)? 1.15 support was just launched, and upgrading the

pulumi.eks.Cluster

version wants me to tear down everything, which is really not ideal.

Hi everyone, I'm curious to know if anyone has been able to successfully install

prometheus-operator

in their k8s cluster (https://github.com/helm/charts/tree/master/stable/prometheus-operator) I found an issue related to this chart (https://github.com/pulumi/pulumi-kubernetes/issues/824) which helped alleviate some of the issues but I'm still stuck with some errors...

Nvm, it's resolved now

@enough-greece-61665 would you mind sharing what your problem and solution was?

is there an example anywhere of transformations on helm/ConfigFile resources using python?

is it possible to add annotations to a pod when using

kubernetesx

? I can't seem to find the right magic

Cross-posting for folks who may have missed it. We’re hosting a public Hackathon right now over in #hackathon-03-19-2020. If you’re working on any interesting k8s projects and want to share, hop in and tell us about it!

What is the right way to create a nodegroup with

@pulumi/eks

? I created my first cluster using the

createNodeGroup

method. That worked, but I can't set

_ignoreChanges: [_"desiredCapacity"_]_

. I tried using the

new NodeGroup()

that takes the

pulumi.ComponentResourceOptions

where I can set ignoreChanges, but my pods can't resolve DNS. I also saw there are

createNodeGroup()

and

createManagedNodeGroup()

functions too. So, 2 questions: • Which is the recommended way? • Why when using

new NodeGroup()

that my pods in that nodegroup can't resolve DNS?

Cross posting - https://pulumi-community.slack.com/archives/C84L4E3N1/p1584726406205000

Any way to specify timeouts when creating resources in k8s? My NLB takes a loooooong time to initialize. It gets created, but it times out waiting for it to be ready.

is it possible to use to get a resource that isn't defined in Pulumi, or do I need to use the standard k8s api ?

Hey y'all, I've got a question about creating a

PriorityClass

. I'm trying to do the following (on GCP):

const schedulingPriorities = new k8s.scheduling.v1.PriorityClassList("scheduler-priorities", {
    items: [
        new k8s.scheduling.v1.PriorityClass("selector-spread-priority", {
            value: 10,
            metadata: {namespace: "default"}
        })
    ]
});

but it fails with the error:

resource scheduler-priorities-5ynfh088 was not successfully created by the Kubernetes API server : failed to determine if the following GVK is namespaced: <http://scheduling.k8s.io/v1|scheduling.k8s.io/v1>, Kind=PriorityClassList

Anyone know what's going wrong there? Seems like the PriorityClassList doesn't take a namespace of its own

message has been deleted

Hello folks ! I need to verify TLS certs in my pods and for that I mount a large file downloaded from https://support.globalsign.com/ca-certificates/root-certificates/globalsign-root-certificates and added as ConfigMap to

/etc/ssl/certs/

. When I want to automated with pulumi like so

const cacertificates = new k8s.yaml.ConfigFile("ca-certificates", {
        file: "ca-certificates.yaml",
    }
);

While ca-certificates.yaml is larg file about 271 KB containing

GlobalSign Root CA

. It works only if I use

kubectl create

. Reding about related issues like in here https://github.com/argoproj/argo-cd/issues/820 . It seems like Pulumi is also using

kubectl apply

to manage resources which leads to failure in my case.

resource default/ca-certificates was not successfully created by the Kubernetes API server : ConfigMap "ca-certificates" is invalid: metadata.annotations: Too long: must have at most 262144 characters

. Any hints/workaround this problem ? Appreciated : )

So, I have a database migration

Job

that I want to guarantee completes before the rest of my stack runs. I feel like the two Pulumi ways to do this are: 1) add a

dependsOn

to the rest of the items in the stack, or 2) put the rest of the stack in an `apply`d function off of one of the job's outputs. The first option is a lot of busywork & passing arguments around - but when I did the second, it now produces alarming previews that imply all my Kubernetes objects will be deleted & recreated with each deploy. I think what I'm looking for doesn't exist: Something like a function on

Resource

that looks like:

myResource.andThen(() => { /* stuff that happens only after the resource is created */ });

Does such a function already exist? Is there a pattern to achieve this other than plumbing

dependsOn

down the call stack?

Greetings! I may be missing the obvious, but is there a mechanism when selecting my pulumi stack that it can set the kubectl config context and namespace? Or an easy way to create some hooks to do that for me?

I've got a configmap I've made by hand and am trying to figure out how to reproduce it with the

core.v1.ConfigMap

object. Having a bit of trouble, curious if anyone has any ideas (threading the details)