most-lighter-95902
07/10/2022, 5:39 PMcurved-morning-41391
07/11/2022, 10:17 PMConfigFile
rough-author-69114
07/12/2022, 8:50 AMpulumi_gcp.container.Cluster
and then want to deploy Strimzi operator with pulumi_kubernetes.helm.v3.Chart
. The problem I run into is that I don't personally have access to the cluster until I run gcloud container clusters get-gredentials <cluster_name> --region <region>
and generate the configuration, with certificates, for the cluster. I have a few ideas but I feel like I'm missing something that should work better.
Idea 1:
I can run the command to get the credentials from gcloud with pulumi_command.local.Command
after the creation of the cluster and before the Chart.
I don't particularly like this idea because it changes the state of my personal environment. For the time being it is not a problem, but once we start working with multiple clusters and multiple developers it is bound to cause problems.
And then I'm out of ideas. I'll start by trying idea 1 but I hope I can get some more information here.white-chef-55657
07/14/2022, 1:09 PMkubeletExtraConfig
(https://eksctl.io/usage/customizing-the-kubelet/) with pulumi ?wet-noon-14291
07/14/2022, 9:56 PMdependsOn
work with ConfigFile
? I have two typescript classes, A and B, that both extends ComponentResource
class. In both A and B I use the ConfigFile
resource. First I create A and when creating B I set that it depends on A, but for some reason it seems like all the resources in A isn't running when B is provisioned... is that by design? Do I need to depend on the actual ConfigFile
that A creates for it to work? I thought A wouldn't be done until everything I create in the constructor of A is done.adamant-terabyte-3965
07/15/2022, 4:50 PMpulumi up
it tries to create all resources, which causes it to error out with the following error:
kubernetes:core/v1:ServiceAccount (aws-lb-controller-sa):
error: resource kube-system/lb-serviceaccount was not successfully created by the Kubernetes API server : serviceaccounts "lb-serviceaccount" already exists
At this point the ServiceAccount for my load balancer exists on the kube-system
namespace, and doesn't need creation in the new namespace. How do I get Pulumi to discover existing resources (in this case, my load balancer ServiceAccount) in a different namespace or at least not try and error out attempting to recreate the existing ServiceAccount? I've tried to run pulumi refresh
on my newly created stack, but it doesn't seem to change anything.steep-portugal-37539
07/15/2022, 5:58 PMclusterAdmins
. So then perhaps it should be a dedicated role that doesn’t get used for anything else to create the cluster.wet-noon-14291
07/18/2022, 10:28 PMChart
resource, what is the recommended way to read output values from the resource... like the public ip of a loadbalancer that was created? Is the recommended approach to do an apply
on the ready
property and the loop through the resources?most-lighter-95902
07/18/2022, 10:56 PMquaint-book-39362
07/20/2022, 1:39 AMquaint-book-39362
07/20/2022, 1:39 AMnarrow-translator-93508
07/21/2022, 6:45 PMPulumi TLS
self signed certificate for generating a Kubernetes TLS secret
?busy-island-31180
07/21/2022, 11:04 PMApplyT
(in Go) on a type like Deployment
where each individual field is an Output
type, but without using All
and having to specify every field?polite-napkin-90098
07/22/2022, 6:57 PMconst monProvider = new k8s.Provider("monprov", {
kubeconfig: kubeConfig,
});
pulumi.log.warn(`${monProvider.cluster}`);
I get
index.ts(184,32): error TS2339: Property 'cluster' does not exist on type 'Provider'.
what am I doing wrong?late-xylophone-81727
07/25/2022, 11:26 AMlast-applied-configuration
. So Pulumi will see for every up changes which does not exist.
Is it possible to not produce this field at all?
I know about the ignoreChanges
property (https://www.pulumi.com/docs/intro/concepts/resources/options/ignorechanges/) but this produces/writes the field anyway, just skips the diff.
Any ideas? Or did I missed something in the docs?
Thank you.straight-crowd-1391
07/25/2022, 11:28 PM$ pulumi config set --secret pulumi-product-k8s-minikube:db_user_password letmein
const user = new postgresql.Role("product_admin_user", {
createDatabase: true,
login: true,
name: "product_admin_user",
password: config.requireSecret("db_user_password")
});
const productSecretMap = new k8s.core.v1.Secret("product-api-secrets", {
metadata: {
namespace: productNamespace.metadata.name
},
data: {
database_password: config.requireSecret("db_user_password").apply(val => val)
}
});
Problem is, the k8s Secret needs the base64 encoded value that, I think, is being retrieved as the salt encoded value from the config.
What exactly is the standard practice here (aside from using a secret manager) to transfer the database password from the config to both the Database Role and Kubernetes Secret?
I figured I could store 2 password values (one base64, the other in the salt encoded) but it doesn’t feel right.freezing-yacht-63937
07/27/2022, 11:21 AMnamespace: traefikNamespace.metadata.name,
and
transformations: [
(obj: any, opts: pulumi.CustomResourceOptions) => {
if (obj.kind === "Service") {
obj.metadata.namespace == traefikNamespace.metadata.name
}
}
],
But work when i set
kubectl config set-context --current --namespace=NAMESPACE
Should i create an own k8s provider with correct namespace, or I am doing something wrong?limited-rainbow-51650
07/28/2022, 7:53 AMred-salesclerk-85731
07/28/2022, 2:03 PMkubernetes-ingress-nginx
https://github.com/pulumi/pulumi-kubernetes-ingress-nginx/blob/master/schema.json
1. Do I understand correctly these schemas are handcrafted?
2. Is simply creating a PR with the suggested changes enough?
3. (How) can I rebuild the component locally, I don’t have any go experience or worked with these generated components, so any guide is helpful.red-salesclerk-85731
07/28/2022, 2:35 PMkubernetes-ingress-nginx
if the types are all wrong?worried-city-86458
07/29/2022, 4:06 AMbig-potato-91793
08/03/2022, 5:53 PMpulumi up
fail and after it works the second timebrief-helicopter-28120
08/04/2022, 9:35 AMk8s.yaml.ConfigFile
to deploy CRDs into my EKS cluster (typescript) and I run into issues. Btw I'm new to typescript and as well to pulumi. So please kindly bare with me 🙏
Code:
import * as k8s from "@pulumi/kubernetes";
import * as eks from "@pulumi/eks";
export default {
install_crds(cluster: eks.Cluster){
new k8s.yaml.ConfigFile("argocd_namespace", {
file: "kubernetes_cluster_components/namespaces/argocd-namespace.yaml",
}, {providers: { "kubernetes": cluster.provider }});
}
};
Error:
pulumi:pulumi:Stack k8s-moralis-aws-dev-argo-test running. error: an unhandled error occurred: Program exited with non-zero exit code: -1
I0804 09:23:53.878138 22054 deployment_executor.go:162] deploymentExecutor.Execute(...): exiting provider canceller
Type Name Plan Info
pulumi:pulumi:Stack k8s-moralis-aws-dev-argo-test 1 error; 39 messages
Diagnostics:
pulumi:pulumi:Stack (k8s-moralis-aws-dev-argo-test):
Cloud Provider: aws Stack: aws-dev-argo-test
error: an unhandled error occurred: Program exited with non-zero exit code: -1
The error message is not very descriptive, hence difficult to troubleshoot. Can someone please help me here 🙏ambitious-father-68746
08/05/2022, 1:03 AMambitious-agent-35343
08/05/2022, 3:35 PMcurved-morning-41391
08/10/2022, 6:55 PMcalm-iron-40008
08/10/2022, 9:18 PMpulumi up
fails because the cluster is not available… The deployments, services, pods, etc. do NOT wait for the EKS cluster to be available..
configured Kubernetes cluster is unreachable: unable to load schema information from the API server:…
What do I need to do for pushbutton deployment of my apps? (failover, DR, geo-redundancy, etc.)prehistoric-printer-15534
08/12/2022, 10:39 AMdelightful-bear-69098
08/12/2022, 11:29 AMdelightful-bear-69098
08/14/2022, 5:54 PMdelightful-bear-69098
08/14/2022, 5:54 PM