gorgeous-egg-16927
06/10/2022, 8:44 PMpulumi-kubernetes
provider. You can read the detailed proposal and respond with any comments or questions on that issue.sparse-spring-91820
06/14/2022, 7:08 AMconst cluster = new eks.Cluster('cluster', {
name: 'eks-cluster',
vpcId: vpc.id,
publicSubnetIds: vpc.publicSubnetIds,
privateSubnetIds: vpc.privateSubnetIds,
desiredCapacity: 2,
minSize: 1,
maxSize: 3
});
glamorous-australia-21342
06/14/2022, 3:25 PMjsonObj
isnt blank outside of the output.apply(...
. What am I doing wrong? If I log it inside the output.apply(..
it behaves as expected. Some kind of scope thing I am not understanding I believe.
export function createRbacJson() {
// Generate list of valid resources names
const getK8sApiOutput = new local.Command("get-k8s-api-output", {
create: `kubectl api-resources --no-headers -o wide`,
});
const output = getK8sApiOutput.stdout;
//output.apply(v => console.log(v))
let jsonObj: any = {}
output.apply(row =>
row.split("\n").forEach(function (row) {
const splitRow = row.match(/"[^"]*"|\[[^\][]*]|[^\s\][]+/g)
if (splitRow != null) {
const resourceName = splitRow[0]
// if resource has a shortname skip it
var columnModifier = 0
if (splitRow.length == 6) {
columnModifier++
}
const resourceApi = splitRow[1 + columnModifier]
const namespaced = splitRow[2 + columnModifier]
const resourceVerbs = splitRow[4 + columnModifier]?.replace(/[\[\]']+/g,'').split(/[ ,]+/)
const verbs: string[] = []
resourceVerbs.forEach(verb => {
verbs.push(verb)
});
// console.log(resourceName)
// console.log(resourceApi)
// console.log(verbs)
// console.log(namespaced)
jsonObj[resourceName] = {
api: resourceApi,
verbs: verbs,
namespaced: namespaced
}
}
})
);
const jsonObjOutput = pulumi.output(jsonObj)
return jsonObjOutput.apply(v => console.log(v))
}
Output of createRbacJson()
{}
flat-laptop-90489
06/14/2022, 6:21 PMvictorious-engine-64347
06/16/2022, 7:16 PMcertificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "aws-load-balancer-controller-ca")
magnificent-ambulance-5713
06/17/2022, 3:30 AMhelm.Release
?
~ kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> airflow **updating failed** [diff: ~values]; error: another operation (install/upgrade/rollback) is in progress
Couldn't find any documentation about it 🤔 For now I've destroyed the whole stack & rebuilt it, which is thankfully possible for now, but not later 😅nice-secretary-23177
06/17/2022, 12:42 PMkubernetes.yaml
(ie @pulumi/kubernetes
) module wasn’t working because things weren’t propagating opts.provider
. So I made a workaround that uses local.Command
and setting args.environment.KUBECONFIG
, but now that stopped working too for some reason. It seems to ignore the environment variable (and it tries to use the default kubeconfig file, but luckily I’ve added some guardrails to avoid disasters in case such a bug pops up).
I remember seeing that the propagation bug was fixed. So, I tried to convert to use the builtin yaml methods again, but it looks like nothing in the kubernetes.yaml
module works now, because it complains that map
can’t be called on undefined in yaml/yaml.ts:2993. These are multi-document yaml files (cert manager and aws lb controller), if it matters?nice-secretary-23177
06/17/2022, 12:45 PMkubernetes.yaml
becomes table, then alas, so be it.fast-florist-41572
06/17/2022, 3:18 PMfast-florist-41572
06/17/2022, 3:19 PMmost-lighter-95902
06/19/2022, 12:00 AMmost-lighter-95902
06/19/2022, 12:00 AMerror: TypeError: Cannot read properties of undefined (reading 'map')
at /Users/seungchanlee/Documents/Sidetrek/sidetrek-flyte/node_modules/@pulumi/yaml/yaml.ts:2993:14
at processTicksAndRejections (node:internal/process/task_queues:96:5)
most-lighter-95902
06/19/2022, 12:01 AMmost-lighter-95902
06/19/2022, 12:01 AM"@pulumi/aws": "^5.0.0",
"@pulumi/awsx": "^0.40.0",
"@pulumi/eks": "^0.40.0",
"@pulumi/kubernetes": "^3.19.3",
"@pulumi/pulumi": "^3.22.0",
most-lighter-95902
06/19/2022, 1:07 AMmost-lighter-95902
06/19/2022, 1:08 AMconst metricsServer = new k8s.yaml.ConfigGroup('metrics-server', {
files: '<https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml>',
}, { provider: cluster.provider })
most-lighter-95902
06/19/2022, 1:18 AMmost-lighter-95902
06/19/2022, 1:25 AM/Users/seungchanlee/Documents/Sidetrek/sidetrek-flyte/node_modules/@pulumi/yaml/yaml.ts:2993:14
victorious-engine-64347
06/20/2022, 7:07 AMadamant-terabyte-3965
06/20/2022, 10:45 PMk8s.helm.v3.Chart()
to deploy the ingress controller, and after the first pulumi up
everything works correctly. However, whenever I run pulumi up
again, it looks like Pulumi is trying to replace or update certain parts of the ingress controller. I don't have the preview but the failed update (remember, nothing has changed on my end with regards to the ingress controller, I just updated the image tag for my app deployment) report looks like the attached image. It causes serious problems with my cluster, and eventually I end up destroying my whole stack and rebuilding to get everything working again. Is there a way so that I can deploy that controller via helm chart and not have it try and delete/replace things that haven't been changed? I think the issue is similar to this one: https://github.com/pulumi/pulumi-kubernetes/issues/2035brief-jelly-98203
06/21/2022, 1:36 PMhelm search repo bitnami/mariadb --versions
and the version is there.most-lighter-95902
06/21/2022, 4:10 PMmost-lighter-95902
06/21/2022, 4:10 PMerror: TypeError: Cannot read properties of undefined (reading 'map')
at /Users/seungchanlee/Documents/Sidetrek/sidetrek-flyte/node_modules/@pulumi/yaml/yaml.ts:2993:14
most-lighter-95902
06/21/2022, 4:10 PMmost-lighter-95902
06/21/2022, 4:10 PMconst metricsServer = new k8s.yaml.ConfigGroup('metrics-server', {
files: '<https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml>',
}, { provider: cluster.provider })
most-lighter-95902
06/21/2022, 4:11 PM/Users/seungchanlee/Documents/Sidetrek/sidetrek-flyte/node_modules/@pulumi/yaml/yaml.ts:2993:14
most-lighter-95902
06/21/2022, 4:11 PMglamorous-australia-21342
06/21/2022, 4:16 PMroleMappings
after a cluster is created? I'm making some K8s roles with namespaces in them, and I need to update this after the namespaces are already created.
// Create an EKS cluster with the default configuration.
export const cluster = new eks.Cluster(stack,{
createOidcProvider: true,
providerCredentialOpts: {
profileName: aws.config.profile,
},
roleMappings: [
{
groups: ["system:masters"],
roleArn: clusterIamAuthRole.role.arn,
username: "admin"
},
{
groups: [k8sClusterRoleName],
roleArn: clusterNonManagedIamRole.role.arn,
username: k8sClusterRoleName
},
// {
// groups: groupsList.apply(groups => groups),
// roleArn: namespaceRestrictedIamRole.role.arn,
// username: roleName
// }
]
});
glamorous-australia-21342
06/21/2022, 5:36 PMproud-tomato-75820
06/23/2022, 7:59 AMconst secret = new k8s.core.v1.Secret("example", {
metadata: {
name: "example",
annotations: {
"<http://kubernetes.io/service-account.name|kubernetes.io/service-account.name>": "default",
},
},
type: "<http://kubernetes.io/service-account-token|kubernetes.io/service-account-token>",
});
which works. But now how do I get the token since data is undefined? secret.data.apply(v => v["token"]);
🤔