https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
kubernetes
  • b

    billions-glass-17089

    08/15/2022, 7:12 PM
    hihi I'm trying to migrate over to SSA before the new k8s update. I added the
    enableServerSideApply: true
    flag to my provider and then ran
    pulumi preview
    and I got this error:
    kubernetes:<http://elasticsearch.k8s.elastic.co/v1:Elasticsearch|elasticsearch.k8s.elastic.co/v1:Elasticsearch> (family):
        error: error reading from server: EOF
    Seems like it's not working with ECK (which I installed via
    k8s.yaml.ConfigGroup
    b
    • 2
    • 3
  • c

    calm-iron-40008

    08/17/2022, 2:33 AM
    All of our service images are created and hosed in ghcr.io (GitHub Container Registry)… I cannot figure out how to use Pulumi to create the registry secret to enable the download of these images (currently EKS, but plans for Digital Ocean and Google Cloud)… Any help is appreciated. 1. I have the code code create the EKS cluster… 2. I have the code to install the NGinX proxy 3. I have the code to apply the ‘services’ YAML files… Between 1 and 2, I need to install this registry secret so that the YAML files will pull from ghcr.io successfully.
    b
    • 2
    • 10
  • b

    bright-horse-50102

    08/19/2022, 9:38 PM
    Does helm.v3.Release not support transformations like charts do?
    w
    g
    • 3
    • 3
  • f

    few-pillow-1133

    08/20/2022, 4:01 PM
    Getting some weird error
    Exception: Cannot read properties of null (reading 'data')
        error: TypeError: Cannot read properties of null (reading 'data')
            at /root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/cluster.ts:580:103
            at /root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/output.ts:383:31
            at Generator.next (<anonymous>)
            at /root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/pulumi/output.js:21:71
            at new Promise (<anonymous>)
            at __awaiter (/root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/pulumi/output.js:17:12)
            at applyHelperAsync (/root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/pulumi/output.js:229:12)
            at /root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/output.ts:302:65
            at processTicksAndRejections (node:internal/process/task_queues:96:5)
        error: an unhandled error occurred: Program exited with non-zero exit code: 1
    r
    • 2
    • 3
  • v

    victorious-dusk-75271

    08/21/2022, 9:38 PM
    hey chat
  • v

    victorious-dusk-75271

    08/21/2022, 9:41 PM
    whats the right way to pass nested value to helm.v3.Release? i am trying to pass
    serviceAccount.create: false
    but its not picking up https://github.com/aws/eks-charts/tree/master/stable/aws-load-balancer-controller i have tried both { serviceAccount: { create: false }} and 'serviceAccount.create': false
    b
    • 2
    • 1
  • b

    bored-spoon-83710

    08/23/2022, 6:17 PM
    Hello, I’m trying to deploy the same chart in two different clusters (in the same Pulumi project), but I’m having issue with naming: I can’t use the same Pulumi logical name for my two chart resources (else Pulumi complains about duplicate resource URN) and I didn’t find a way to override the release name used when templating the chart. Is it a deliberate choice to not let the user modify the release name (maybe I just didn’t see how to do it) or is it a missing feature which could be implemented (potentially by me when I’ve time)?
    b
    • 2
    • 14
  • m

    millions-judge-24978

    08/23/2022, 6:58 PM
    Hi, is there any example on how to generate a
    k8s.Provider
    for an existing EKS cluster? I would like to be able to do something like
    eks.getClusterOutput({...}).provider
    , as I would be able to if I had just created with
    new eks.Cluster({...}).provider
    . Failing that, at least how I can generate the
    kubeconfig
    file text from
    eks.getClusterOutput().something
    .
    b
    • 2
    • 4
  • v

    victorious-church-57397

    08/24/2022, 2:08 PM
    Hi there team 👋 I'm trying to pulumify some k8s config and hit a bit of a bump in the road when trying to convert the k8s yaml to pulumi using kube2pulumi.
    unable to run program: Error: unknown resource type 'kubernetes:<http://garo.tietoevry.com/v1alpha1:GithubActionRunner|garo.tietoevry.com/v1alpha1:GithubActionRunner>'
    
      on pcl-087019550.pp line 0:
       1: resource "github_actions_runner_operatorRunner_poolGithubActionRunner" "kubernetes:<http://garo.tietoevry.com/v1alpha1:GithubActionRunner|garo.tietoevry.com/v1alpha1:GithubActionRunner>" {
    
    unknown resource type 'kubernetes:<http://garo.tietoevry.com/v1alpha1:GithubActionRunner|garo.tietoevry.com/v1alpha1:GithubActionRunner>'
    Is there anything i can do locally to get the program to recognise the resource type? I'm installing the CRDs etc using helm, but need to deploy the actual deployment separately
    b
    • 2
    • 3
  • b

    bright-horse-50102

    08/25/2022, 1:54 AM
    Does Pulumi currently not support StatefulSets with the OnDelete update strategy? My observations: 1. When updating a StatefulSet using the OnDelete strategy, Pulumi will (erroneously?) wait on
    Waiting for StatefulSet update to roll out (0/n Pods ready)
    2. If you do update the pods yourself while Pulumi is waiting, Pulumi will continue to wait on
    Waiting for StatefulSet update to roll out (n/n Pods ready)
    , and eventually error and time out because
    .status.currentRevision
    was not updated to
    .status.updatedRevision
    :
    Diagnostics:
      kubernetes:apps/v1:StatefulSet (interactions-app):
        error: 3 errors occurred:
            * the Kubernetes API server reported that "default/interactions-app-b2ecafa3" failed to fully initialize or become live: 'interactions-app-b2ecafa3' timed out waiting to be Ready
            * 32 out of 32 replicas succeeded readiness checks
            * StatefulSet controller failed to advance from revision "interactions-app-b2ecafa3-646dcff454" to revision "interactions-app-b2ecafa3-569b7cb476"
    Relevant issue? https://github.com/pulumi/pulumi-kubernetes/issues/1066
    g
    • 2
    • 4
  • v

    victorious-dusk-75271

    08/25/2022, 9:20 AM
    How do you provide
    scheme
    in in spec? typescript is complaining about it
    apiVersion: elbv2.k8s.aws/v1beta1
    kind: IngressClassParams
    metadata:
      name: awesome-class
    spec:
      scheme: internal
      ipAddressType: dualstack
      tags:
      - key: org
        value: my-org
  • v

    victorious-church-57397

    08/26/2022, 3:14 PM
    hey peeps, im installing a helm chart to install an operator and all the CRDs i need, and then im using the pulumi k8s.
    CustomResource
    to try and deploy an instance of the resource which is configured on the cluster with the helm chart. I've got pulumi creating it, and it all looks good but no pods are actually being deployed, if i manually run
    kubectl apply -f
    on the yaml file, then it works fine but not when ive converted it to a JS object format, cant help but thinking the
    CustomResource
    might not be what im after?
    b
    c
    • 3
    • 10
  • b

    bored-spoon-83710

    08/27/2022, 3:13 PM
    Hello, I’m trying to develop on the Pulumi Kubernetes resource provider to add two features I’d like to have in Helm Chart resource. First, I’d like to have autodiscovery of Kubernetes version and API versions. For this, I’ve modified the provider code and didn’t have to touch the SDKs. I wanted to do a release of my modified provider so that I can use it kind of transparently in my projects. I added a plugin download URL in the schema to point to the GitHub releases of my forked repository and ran make build. First issue, the newly generated sdk/go/kubernetes/helm/v3/pulumiUtilities.go file didn’t contain the right package, helm, but v3. Is there a way to override this? I then used GoReleaser to create a prerelease of my provider (after enabling prerelease publishing and removing blobs publishing in GoReleaser config). Last step, I added a replace line in the go.mod file of my test project (replace github.com/pulumi/pulumi-kubernetes/sdk/v3 v3.21.0 => github.com/yann-soubeyrand/pulumi-kubernetes/sdk/v3 v3.22.0-ys.1) and did a pulumi preview. It did not work, pulumi didn’t download my modified provider. I then force replaced the v3.21.0 tag in my repository to point to my commit and did a release again, adapting my replace line (replace github.com/pulumi/pulumi-kubernetes/sdk/v3 v3.21.0 => github.com/yann-soubeyrand/pulumi-kubernetes/sdk/v3 v3.21.0) and this time pulumi preview worked (it downloaded my plugin and the result was the expected one). I’d like to know if this is the right way to proceed (it seems not)? Second, I’d like to be able to customize the release name used during chart templating. For this, I don’t need to modify the provider since everything is already there, I just have to modify the SDKs. I’ve modified the schema and the Go templates and it seems to work as expected for Go project. But, if I understand correctly, I have to manually modify all the other SDKs, right? What about the Java SDK which doesn’t seem to have templates?
    g
    a
    • 3
    • 8
  • i

    incalculable-midnight-8291

    08/30/2022, 4:18 PM
    Is there some way to tag
    k8s.helm.v3.Release
    so that pulumi skips uninstall on a stack destroy, where the cluster itself will be taken down?
    b
    • 2
    • 7
  • v

    victorious-dusk-75271

    08/30/2022, 8:54 PM
    How do you solve this issue? because of this pulumi fails
    warning: Refreshed resource is in an unhealthy state:
        * Resource 'allrites-frontend' was created but failed to initialize
        * Service does not target any Pods. Selected Pods may not be ready, or field '.spec.selector' may not match labels on any Pods
    s
    • 2
    • 2
  • f

    fierce-pillow-7950

    08/31/2022, 12:40 AM
    looking for help using server-side apply to create a deploymentpatch that adds a toleration to the podtemplatespec. does anyone have a good example of this?
    s
    b
    +2
    • 5
    • 10
  • i

    incalculable-midnight-8291

    08/31/2022, 10:38 AM
    Hello again! Is there some way to wait until a
    k8s.core.v1.Servic
    type LoadBalancer has got its external ip assigned? Edit: found it!
    const externalIP = service.status.loadBalancer.ingress;
    It will be an array though.
  • r

    ripe-shampoo-80285

    08/31/2022, 9:06 PM
    Has anybody here used Karpenter instead of ClusterAutoscaler(CA) for EKS cluster node scaling? Currently we use CA with an on-demand managed node group. We are thinking about add new type node instance. With CA, we will need to add additional managed node group. Looks like this is completely unnecessary with Karpenter. So, how do we migrate from CA to Karpenter with a smooth transition? Could we have both CA & Karpenter deployed? Here is my plan, 1) deploy Karpenter; 2) scale current managed node group down to 0 instance which will force all existing pod to be moved to nodes that are managed by Karpenter provisioner I assume. 3) Finally we will decommission the managed group & undeploy CA. Will the above plan work? Is there better ways to do this? Thanks in advance for any tips.
  • v

    victorious-exabyte-70545

    08/31/2022, 11:49 PM
    Hi all, we recently rotated our AKS certificate and now can no longer access kubernetes with the pulumi k8provider. The certificate (kubeconfig) works with lens and our deployment agents in DevOps pipelines. Any ideas on what the issue is?
    b
    • 2
    • 10
  • r

    ripe-russia-4239

    09/01/2022, 11:25 AM
    Has anyone run into this error when deploying a Helm V3 release with a chart stored in an OCI registry?
    failed to pull chart: looks like "<oci://myregistry.azurecr.io/helm/mychart>" is not a valid chart repository or cannot be reached: object required
  • b

    brash-gigabyte-81569

    09/01/2022, 5:22 PM
    did some light searching and didn’t see anything so forgive me if this was asked and answered: Can you use a helm chart from a git repository or does it have to be a chart repository?
    b
    • 2
    • 2
  • f

    full-boots-69133

    09/05/2022, 10:35 PM
    Hi all 👋, not sure if this is the right channel for this but it is k8s related so I might ask here. I am trying to troubleshoot an issue I am having with running preview and apply against our eks cluster. Upgrade is in the works but I need to be able to apply some changes that will be used in projects downstream that appear to be working. The issue is similar if not the same as this (I am not the author of the issue). I have noticed that pulumi wants a much later version of the kubernetes provider than the versions of the npm packages we have installed and I think the issue may stem from installing a later package that upgrades
    client-go
    to
    >1.23.x
    . I guess the question is, how does pulumi decide which resource plugin version it requires?
    • 1
    • 5
  • f

    future-student-37410

    09/06/2022, 8:32 AM
    Hey everyone, I was wondering if any can help me with my little issue here: I am working with Pulumi to deploy AKS clusters on azure with Dapr integration. My next step is where I am struggling. I want to use the Dapr Pub/Sub service, which of course requires some sort of message broker. I am using redis for this. My redis deployment is working fine, I did a fast deployment by using the docker image and just throwing it in the cluster like this (in C#):
    {
    ApiVersion = "apps/v1",
    Kind = "Deployment",
    Metadata = new ObjectMetaArgs
    {
    Name = "redis-deployment",
    Labels =
    {
    { "app", "redis" },
    },
    },
    Spec = new DeploymentSpecArgs
    {
    Replicas = 1,
    Selector = new LabelSelectorArgs
    {
    MatchLabels =
    {
    { "app", "redis" },
    },
    },
    Template = new PodTemplateSpecArgs
    {
    Metadata = new ObjectMetaArgs
    {
    Labels =
    {
    { "app", "redis" },
    },
    Annotations =
    {
    { "<http://dapr.io/enabled|dapr.io/enabled>", "true" },
    { "<http://dapr.io/app-id|dapr.io/app-id>", "redis" },
    { "<http://dapr.io/app-port|dapr.io/app-port>", "6379" },
    { "<http://dapr.io/enable-api-logging|dapr.io/enable-api-logging>", "true" }
    },
    },
    Spec = new PodSpecArgs
    {
    Containers =
    {
    new ContainerArgs
    {
    Name = "redis-message-broker",
    Image = "<http://registry.hub.docker.com/library/redis:latest|registry.hub.docker.com/library/redis:latest>",
    ImagePullPolicy = "Always",
    },
    },
    },
    },
    },
    }, new CustomResourceOptions()
    {
    Parent = this
    });
    How do I get the Redis secret key out of this deployment? The other problem is, that I don't know how to translate the dapr component yaml file into Pulumi resources. The Pulumi converter throws an error saying it is not able to convert. The yaml file looks like this:
    apiVersion: <http://dapr.io/v1alpha1|dapr.io/v1alpha1>
    kind: Component
    metadata:
      name: pubsub
      namespace: default
    spec:
      type: pubsub.redis
      version: v1
      metadata:
      - name: redisHost
        value: <REPLACE WITH HOSTNAME FROM ABOVE - for Redis on Kubernetes it is redis-master.default.svc.cluster.local:6379>
      - name: redisPassword
        secretKeyRef:
          name: redis
          key: redis-password
     # uncomment below for connecting to redis cache instances over TLS (ex - Azure Redis Cache)
      # - name: enableTLS
      #   value: true
    source: https://docs.dapr.io/getting-started/tutorials/configure-state-pubsub/#next-steps Did anyone of you deploy the Dapr Pub/Sub with Redis already?
  • v

    victorious-dusk-75271

    09/06/2022, 12:07 PM
    hi, does anyone know how to get coredns to work on tainted nodes? right now its only deploying pods to untainted nodes
    s
    • 2
    • 4
  • v

    victorious-dusk-75271

    09/06/2022, 12:20 PM
    My problem is right now DNS does not work from the tainted node. i am not really sure why
  • v

    victorious-dusk-75271

    09/06/2022, 10:17 PM
    does anyone know how to enable serverside apply with
    @pulumi/eks
    ?
    s
    • 2
    • 16
  • v

    victorious-dusk-75271

    09/07/2022, 3:48 PM
    is there anyway to make pulumi to update/patch deployment pod image instead of deleting everything?
    s
    f
    • 3
    • 8
  • b

    big-potato-91793

    09/07/2022, 11:28 PM
    iagnostics: kubernetes:apps/v1:Deployment (gitlab-runner): error: resource prd126/gitlab-runner-8cyi9fr7 was not successfully created by the Kubernetes API server : Could not create watcher for PersistentVolumeClaims objects associated with Deployment "gitlab-runner-8cyi9fr7": Get "https://k8s.nonprod9.us-east-1.tktm.io:443/api/v1/namespaces/prd126/persistentvolumeclaims?watch=true": unexpected EOF Any idea of what can cause this?
    s
    • 2
    • 4
  • v

    victorious-dusk-75271

    09/09/2022, 4:27 AM
    kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> (primary-eks-fluent-bit):
        warning: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: Get "<https://xxx/openapi/v2?timeout=32s>": dial tcp: lookup xxxxxxx on 172.22.160.1:53: read udp 172.22.161.178:34533->172.22.160.1:53: i/o timeout
        error: Preview failed: failed to read resource state due to unreachable cluster. If the cluster has been deleted, you can edit the pulumi state to remove this resource
    does anyone know how to remove those? removing those causes problem with dependency and take a lot of time to fix IaC
  • v

    victorious-dusk-75271

    09/09/2022, 5:15 AM
    its gets into dependency hell
Powered by Linen
Title
v

victorious-dusk-75271

09/09/2022, 5:15 AM
its gets into dependency hell
View count: 5