pulumi-community #kubernetes

kubernetes

sparse-school-61365

06/06/2022, 9:36 AM

Hi all, I'm using the helm/v3 (plugin

v3.19.2

to install a local chart with golang, and I'm struggling a little with an unhelpful error...

❯ pulumi up
Previewing update (poc):
     Type                              Name                  Plan     Info
     pulumi:pulumi:Stack               arges-theila-poc-poc           
     └─ kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release>  arges-tim                      1 error
 
Diagnostics:
  kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> (arges-tim):
    error: unrecognized type: string

victorious-exabyte-70545

06/06/2022, 8:31 PM

Hi guys, asked this in the python channel but I am having an issue ignoring the version of a helm chart. This is what I am trying that fails:

rabbitmq_chart = Chart(
    'rabbitmq-chart',
    ChartOpts(
        resource_prefix=stack_name,
        chart='rabbitmq',
        version="8.16.2",
        fetch_opts={'repo': '<https://charts.bitnami.com/bitnami>'},
        values={},
    ),
    ResourceOptions(provider=k8s_provider, ignore_changes=['version'])
)

miniature-wire-6359

06/07/2022, 8:00 AM

Hi guys i am using python, how can i make pulumi k8s pull images from a private repo on amazon ecr?

miniature-wire-6359

06/07/2022, 8:03 AM

can i somehow configure pulumi to use the kubectl created secret so it would pull from the relevant repo?

powerful-planet-88446

06/07/2022, 9:15 AM

What's the most efficient way to import existing resources in a Kubernetes cluster?

glamorous-australia-21342

06/08/2022, 2:15 PM

I'm hoping to query a list of namespaces and populate RoleBindings with those namespaces. Any ideas on how to implement? I found the

pulumi query

, but I'd like it to execute at

pulumi up

. I tried

pulumi query

anyways and I get some odd errors -

pulumi query
Error: Program run without the Pulumi engine available; re-run using the `pulumi` CLI

powerful-planet-88446

06/08/2022, 7:14 PM

powerful-planet-88446

06/08/2022, 7:14 PM

CLI output seems to break badly even with a very large terminal - is this a known issue?

powerful-planet-88446

06/08/2022, 7:14 PM

It's difficult to see the actual state of resources being created

famous-salesclerk-74711

06/08/2022, 9:25 PM

not sure if this is the right spot but - we’re using

pulumi_eks

and in modifying an existing cluster’s

VpcCniOptionsArgs

, we’re getting this message in CI/CD (which we’ve never needed

kubectl

to run)

Diagnostics:
  eks:index:VpcCni (cluster-name):
    error: Could not set VPC CNI options: kubectl is missing. See <https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl> for installation instructions.

does anyone know what we might be missing (other than installing kubectl in our remote runners, which seems wrong to do)

adamant-terabyte-3965

06/09/2022, 10:10 PM

I'm trying to create an ingress for an application using

new k8s.networking.v1.Ingress

and am failing the

pulumi up

with this error:

kubernetes:<http://networking.k8s.io/v1:Ingress|networking.k8s.io/v1:Ingress> (api-ingress):
    error: resource test/api-ingress was not successfully created by the Kubernetes API server : admission webhook "vingress.elbv2.k8s.aws" denied the request: invalid ingress class: <http://IngressClass.networking.k8s.io|IngressClass.networking.k8s.io> "alb" not found

The way I have set it up is extremely similar to this blog post: https://www.pulumi.com/blog/kubernetes-ingress-with-aws-alb-ingress-controller-and-pulumi-crosswalk/ Does anyone have any idea what is going wrong?

brief-vr-24049

06/10/2022, 5:33 AM

Crossposted from #typescript https://pulumi-community.slack.com/archives/CJ909TL6P/p1654836300810979

gorgeous-egg-16927

06/10/2022, 8:44 PM

Hey everyone, happy Friday! I’m excited to announce that we’ve created a design to resolve the longstanding issue about adding patch support to the

pulumi-kubernetes

provider. You can read the detailed proposal and respond with any comments or questions on that issue.

❤️ 4

🎉 3

👍 1

sparse-spring-91820

06/14/2022, 7:08 AM

I created EKS kubernetes cluster and set min and max cluster size but cluster does not autoscale. In this article: https://www.pulumi.com/blog/easily-create-and-manage-aws-eks-kubernetes-clusters-with-pulumi/#:~:text=Launching%20worke[…]0to%20join%20the%20cluster it says that autoscaler is created which is true but it is not doing anything. Do I need to do anything else to enable cluster node autoscaling? Thanks in advance 🙏

const cluster = new eks.Cluster('cluster', {
  name: 'eks-cluster',
  vpcId: vpc.id,
  publicSubnetIds: vpc.publicSubnetIds,
  privateSubnetIds: vpc.privateSubnetIds,
  desiredCapacity: 2,
  minSize: 1,
  maxSize: 3
});

glamorous-australia-21342

06/14/2022, 3:25 PM

I'm building a list of kubernetes resources to make easier RBAC permissions (resource - deny, instead of resource- allow all except 1), so I've made the following function, however

jsonObj

isnt blank outside of the

output.apply(...

. What am I doing wrong? If I log it inside the

output.apply(..

it behaves as expected. Some kind of scope thing I am not understanding I believe.

export function createRbacJson() {
  // Generate list of valid resources names
  const getK8sApiOutput = new local.Command("get-k8s-api-output", {
    create: `kubectl api-resources --no-headers -o wide`,
  });

  const output = getK8sApiOutput.stdout;

  //output.apply(v => console.log(v))

  let jsonObj: any = {}

  output.apply(row =>
    row.split("\n").forEach(function (row) {
      const splitRow = row.match(/"[^"]*"|\[[^\][]*]|[^\s\][]+/g)
      if (splitRow != null) {
        const resourceName = splitRow[0]
    
        // if resource has a shortname skip it
        var columnModifier = 0
        if (splitRow.length == 6) {
          columnModifier++
        }
    
        const resourceApi = splitRow[1 + columnModifier]
        const namespaced = splitRow[2 + columnModifier]
        const resourceVerbs = splitRow[4 + columnModifier]?.replace(/[\[\]']+/g,'').split(/[ ,]+/)
        const verbs: string[] = []
        resourceVerbs.forEach(verb => {
          verbs.push(verb)
        });
        
        // console.log(resourceName)
        // console.log(resourceApi)
        // console.log(verbs)
        // console.log(namespaced)
        jsonObj[resourceName] = {
          api: resourceApi,
          verbs: verbs,
          namespaced: namespaced
        }

      }
    })
  );
  const jsonObjOutput = pulumi.output(jsonObj)

  return jsonObjOutput.apply(v => console.log(v))
}

Output of

createRbacJson()

{}

flat-laptop-90489

06/14/2022, 6:21 PM

If I'm using pulumi-eks, and creating a separate managedNodeGroup - what's the right way to go about triggering a refresh of the instance group nodes when the EKS version is updated? I believe the nodes pull their k8s version from the control plane on startup.

victorious-engine-64347

06/16/2022, 7:16 PM

Hi everyone. I am getting this error. I uploaded my files. Could you guys help me?

certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "aws-load-balancer-controller-ca")

ingress.ts iam.ts cluster.ts

magnificent-ambulance-5713

06/17/2022, 3:30 AM

Hello! Happy Friday! What should one do when they encounter this error with a

helm.Release

~  kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> airflow **updating failed** [diff: ~values]; error: another operation (install/upgrade/rollback) is in progress

Couldn't find any documentation about it 🤔 For now I've destroyed the whole stack & rebuilt it, which is thankfully possible for now, but not later 😅

nice-secretary-23177

06/17/2022, 12:42 PM

What is the recommended way to deploy Kubernetes manifests from YAML files now? For some context on what I tried: Previously the

kubernetes.yaml

(ie

@pulumi/kubernetes

) module wasn’t working because things weren’t propagating

opts.provider

. So I made a workaround that uses

local.Command

and setting

args.environment.KUBECONFIG

, but now that stopped working too for some reason. It seems to ignore the environment variable (and it tries to use the default kubeconfig file, but luckily I’ve added some guardrails to avoid disasters in case such a bug pops up). I remember seeing that the propagation bug was fixed. So, I tried to convert to use the builtin yaml methods again, but it looks like nothing in the

kubernetes.yaml

module works now, because it complains that

map

can’t be called on undefined in yaml/yaml.ts:2993. These are multi-document yaml files (cert manager and aws lb controller), if it matters?

nice-secretary-23177

06/17/2022, 12:45 PM

I didn’t reach for the kube2pulumi tool yet, since I want to avoid the process of converting-then-manually-editing third party manifests. Although, if that’s the only solution until

kubernetes.yaml

becomes table, then alas, so be it.

fast-florist-41572

06/17/2022, 3:18 PM

https://github.com/pulumi/pulumi-kubernetes/issues/1066

fast-florist-41572

06/17/2022, 3:19 PM

This is still an issue today over 2 years since the update, anybody actually tracking it to get fixed?

most-lighter-95902

06/19/2022, 12:00 AM

Hi getting this weird error when I’m trying to create an EKS cluster:

most-lighter-95902

06/19/2022, 12:00 AM

error: TypeError: Cannot read properties of undefined (reading 'map')
        at /Users/seungchanlee/Documents/Sidetrek/sidetrek-flyte/node_modules/@pulumi/yaml/yaml.ts:2993:14
        at processTicksAndRejections (node:internal/process/task_queues:96:5)

most-lighter-95902

06/19/2022, 12:01 AM

Here are the package versions:

most-lighter-95902

06/19/2022, 12:01 AM

"@pulumi/aws": "^5.0.0",
"@pulumi/awsx": "^0.40.0",
"@pulumi/eks": "^0.40.0",
"@pulumi/kubernetes": "^3.19.3",
"@pulumi/pulumi": "^3.22.0",

most-lighter-95902

06/19/2022, 1:07 AM

This seems to be culprit but not quite sure why since it worked previously:

most-lighter-95902

06/19/2022, 1:08 AM

const metricsServer = new k8s.yaml.ConfigGroup('metrics-server', {
      files: '<https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml>',
    }, { provider: cluster.provider })

most-lighter-95902

06/19/2022, 1:18 AM

No package version change seems to have any effect

most-lighter-95902

06/19/2022, 1:25 AM

And weirdly, this file doesn’t even exist:

/Users/seungchanlee/Documents/Sidetrek/sidetrek-flyte/node_modules/@pulumi/yaml/yaml.ts:2993:14