hallowed-horse-57635
11/11/2022, 1:28 AMbitter-carpenter-93554
11/14/2022, 11:05 PMdamp-honey-93158
11/15/2022, 10:05 AMhallowed-horse-57635
11/15/2022, 3:39 PMdelightful-mouse-18472
11/16/2022, 12:21 PM@pulumi/kubernetes/core/v1/persistentVolumeClaim
and I want to store the current storage size used, I did manage to do that.
Now, I have another challenge, I want to run an update and use the current storage size, compare it with the one that’s coming up from the update and use the biggest storage size. Why? because PVC cannot scale down. The idea is to have a Pulumi resource that self-check its current values and run some logic before invoking the super
methodpolite-napkin-90098
11/16/2022, 5:22 PMvictorious-dusk-75271
11/18/2022, 3:18 AMkubernetes:apps/v1:DeploymentPatch (primary-eks-coredns-deployment-patch):
warning: Refreshed resource is in an unhealthy state:
* Resource 'coredns' was created but failed to initialize
* [MinimumReplicasUnavailable] Deployment does not have minimum availability.
* Minimum number of live Pods was not attained
* [Pod kube-system/coredns-6d5cf8bdbd-5t8lj]:
* [Pod kube-system/coredns-6d5cf8bdbd-xztm8]:
victorious-dusk-75271
11/18/2022, 3:18 AMvictorious-dusk-75271
11/18/2022, 3:18 AMbored-baker-95734
11/21/2022, 8:03 AMstraight-arm-50771
11/21/2022, 6:26 PMerror: failed to create chart from template: chart requires kubeVersion: >=1.22.0-0 which is incompatible with Kubernetes v1.20.0
My cluster that worked is v1.23.8-gke.1900. The one that doesn't is v1.23.12-gke.100. I don't see an open issue, is there a long-term fix inbound?proud-pizza-80589
11/23/2022, 6:35 AMvictorious-church-57397
11/23/2022, 7:23 PM--feature-gate
arguments through to helm releases? i cant see any options for it in the providersparse-spring-91820
11/24/2022, 8:20 AMError: Failed to parse kubectl version JSON output
but when I run it locally it works. This happened after I update some of the circleci orbs and pulumi plugins to the newest versions:
// circleci config
orbs:
node: circleci/node@4.5.1
aws-cli: circleci/aws-cli@3.1.3
aws-ecr: circleci/aws-ecr@7.0.0
pulumi: pulumi/pulumi@2.1.0
shellcheck: circleci/shellcheck@2.2.4
kubernetes: circleci/kubernetes@1.3.1
// package.json
"dependencies": {
"@pulumi/aws": "^5.21.1",
"@pulumi/awsx": "^0.40.1",
"@pulumi/eks": "^0.42.7",
"@pulumi/kubernetes": "^3.22.1",
"@pulumi/pulumi": "^3.47.2"
}
When I see output from pulumi program inside circleci it looks something like this:
Outputs:
- cidr : "10.0.0.0/16"
- provider : {
- id : "some-id"
- kubeconfig: (json) {
- apiVersion : "v1"
- clusters : [
...
But by running it locally I have output in this format:
cidr : "10.0.0.0/16"
provider : {
id : "some-id"
kubeconfig: (json) {
apiVersion : "v1"
clusters : [
[0]: {
cluster: {
...
It looks to me that error is thrown because of different output format, but how to change it?
This is my pulumi program output:
module.exports = {
vpcId: vpc.id,
publicSubnetIds: pulumi.output(vpc.publicSubnetIds),
privateSubnetIds: pulumi.output(vpc.privateSubnetIds),
cidr: vpc.vpc.cidrBlock,
provider: cluster.provider
};
Before updating orbs and pulumi plugins I didn’t have this issue, output was the same both locally and on circleci but I had to update plugins because I was receiving: Kubeconfig user entry is using deprecated API version <http://client.authentication.k8s.io/v1alpha1|client.authentication.k8s.io/v1alpha1>. Run 'aws eks update-kubeconfig' to update.
error so I had to make update
Does anyone know what is the issue?
Thanks in advance 🙌straight-arm-50771
11/26/2022, 11:11 PMpulumi/pulumi:latest
and deploys a k8s cluster & apps. Consistently getting the error stemming from Helm chart deploy:
kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> (argo-deploy):
error: failed to create chart from template: chart requires kubeVersion: >=1.22.0-0 which is incompatible with Kubernetes v1.20.0
This is preventing the pulumi up
to fire at all.
update- appears to be this stack overflow report, detailing how Pulumi reports kubeversion https://stackoverflow.com/questions/74291076/helm-reads-wrong-kubeversion-1-22-0-0-for-v1-23-0-as-v1-20-0?newreg=967f4794b98e4a319902a9848e3a8a2d
update2- this update to ArgoCD Helm is what uncovered this issue: https://github.com/argoproj/argo-helm/commit/3d9e2f35a6e6249c27fd4ccd8129622d886ef4eapolite-zoo-26802
11/30/2022, 11:53 PMstraight-arm-50771
12/01/2022, 11:38 PMkubernetes:yaml:ConfigFile
transformations for YAML available yet? Trying to inject a value in a the YAML to be applied, not seeing any examples on this for YAML.billowy-horse-79629
12/04/2022, 4:27 PMtransport is closing
error while upgrading Helm Releases.
Actually, i’m not changing anything in my pulumi stack, but the helm release doesn’t know how to keep the ServiceAccount list in order, so Pulumi is trying to upgrade it anyway, you can see here the changes that found (nothing really change, just the order of the list) -
Anyway, applying this change (pulumi up) is broken and i’m getting transport is closing
, which happened to me a while a go and the only solution that I found was to fully destroy the k8s cluster and re-create it (Which is the worst solution I could imagine to use).
I don’t want to destroy this cluster, especially by the fact that it’s a new one that I created it a week ago so nothing changed there.
The full log is in the thread.
I’m completely lost by this error, so any help I can get would be super appreciated.most-lighter-95902
12/05/2022, 4:46 PMpvc
-> deployment
(sequentially) in two separate pulumi stacks in CI/CD. My StorageClass
has binding mode of WaitForFirstConsumer
which means the first pvc
stack is stuck at PENDING state, which means the pipeline fails before it attempts to create the deployment
. Is this a correct use case for skipAwait
so that deployment
stack will run before pvc
stack times out?dry-keyboard-94795
12/06/2022, 4:44 PMyaml.ConfigFile
doesn't respect opts.providers
, only opts.provider
.
Adding the explicit .provider
also results in warning spam about this issue, even though the providers are identical, ie:
opts=p.ResourceOptions(provider=k8s_provider, providers=[k8s_provider])
I've a workaround already, just flagging it. Was hoping to move to using .providers
going forward, as we have Component Resources that utilise multiple providerssticky-horse-12214
12/06/2022, 9:25 PMallow_null_values
argument in the helm.Release
object in the python SDK. Does that argument need to be added to that SDK manually or did I missing something in the build process?busy-receptionist-43812
12/07/2022, 2:09 PMPulumi plugin install resource actions
Not finding anything useful in the docs, but api is not locating latest for this. Found an issue while back where we needed to set version, but that was fixed so it will fetch latest if omitted. Anyone had similar issue? Thxdamp-honey-93158
12/07/2022, 3:01 PMschedule:
- name: "daily-backup"
schedule: "0 0 * * *"
keep: 5
storageName: fs-pvc
It's the "- name" part that has me asking questions 🙂 For the other config I've got it worked out, e.g. for the following
volume:
persistentVolumeClaim:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 6G
I just wrote:
["volume"] = new Dictionary<string, object>
{
["persistentVolumeClaim"] = new Dictionary<string, object>
{
["accessModes"] = new InputList<string> { "ReadWriteOnce" },
["resources"] = new Dictionary<string, object>
{
["requests"] = new Dictionary<string, object>
{
["storage"] = "6G"
}
}
}
}
Help appreciated and thank you!
microscopic-cpu-38113
12/15/2022, 8:38 AMloud-balloon-25685
12/19/2022, 2:56 AMconst trailingSlashMiddleware = new k8s.apiextensions.CustomResource(`${name}-trailing-slash`, {
apiVersion: '<http://traefik.containo.us/v1alpha1|traefik.containo.us/v1alpha1>',
kind: 'Middleware',
metadata: { namespace: args.namespace },
spec: {
redirectRegex: {
regex: `^.*\\${args.prefix}$`,
replacement: `${args.prefix}/`,
permanent: false,
},
},
}, { provider: opts?.provider });
-----------ERROR----------
warning: apiVersion "<http://apiextensions.k8s.io/v1beta1/CustomResourceDefinition|apiextensions.k8s.io/v1beta1/CustomResourceDefinition>" was removed in Kubernetes 1.22. Use "<http://apiextensions.k8s.io/v1/CustomResourceDefinition|apiextensions.k8s.io/v1/CustomResourceDefinition>" instead.
error: resource <http://middlewares.traefik.containo.us|middlewares.traefik.containo.us> was not successfully created by the Kubernetes API server : apiVersion "<http://apiextensions.k8s.io/v1beta1/CustomResourceDefinition|apiextensions.k8s.io/v1beta1/CustomResourceDefinition>" was removed in Kubernetes 1.22.
Use "<http://apiextensions.k8s.io/v1/CustomResourceDefinition|apiextensions.k8s.io/v1/CustomResourceDefinition>" instead.
icy-jordan-58549
12/21/2022, 4:02 PMerror: [resource plugin kubernetes-1.0.2] downloading from : failed to download plugin: kubernetes-1.0.2: 403 HTTP error fetching plugin from <https://get.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v1.0.2-darwin-amd64.tar.gz>
clever-painter-96148
12/22/2022, 11:47 AMsteep-winter-68060
12/22/2022, 11:18 PMignoreChanges
list? I’ve tried these without any suscess: ignoreChanges: ['data', 'data.token', 'metadata.managedFields[*]'],
kubernetes:<http://helm.sh/v3:Chart$kubernetes:core/v1:Secret|helm.sh/v3:Chart$kubernetes:core/v1:Secret> (datadog/datadog-agent-cluster-agent)
++ kubernetes:core/v1:Secret (create-replacement)
[id=datadog/datadog-agent-cluster-agent]
[urn=urn:pulumi:development::eks-cluster::kubernetes:<http://helm.sh/v3:Chart$kubernetes:core/v1:Secret::datadog/datadog-agent-cluster-agent|helm.sh/v3:Chart$kubernetes:core/v1:Secret::datadog/datadog-agent-cluster-agent>]
__fieldManager : "pulumi-kubernetes-db5ac33a" => "pulumi-kubernetes-c6b496ec"
metadata : {
managedFields : [
[0]: {
fieldsV1 : {
f:data : {
f:token: {}
}
}
}
[1]: {
apiVersion: "v1"
fieldsType: "FieldsV1"
fieldsV1 : {
f:data : {
f:token: {}
}
f:metadata: {
f:labels: {
f:<http://app.kubernetes.io/instance|app.kubernetes.io/instance> : {}
f:<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>: {}
f:<http://app.kubernetes.io/name|app.kubernetes.io/name> : {}
f:<http://app.kubernetes.io/version|app.kubernetes.io/version> : {}
f:<http://helm.sh/chart|helm.sh/chart> : {}
}
}
f:type : {}
}
manager : "pulumi-kubernetes-c6b496ec"
operation : "Apply"
time : "2022-12-22T22:24:32Z"
}
]
}
microscopic-city-74409
12/28/2022, 5:55 PMsparse-hairdresser-15357
01/05/2023, 3:46 PMpulumi refresh
does nothing. I guess because it only looks at the resources in the state.
pulumi import
fails with an authorisation error, I think because in our setup we are confined to namespaces and cannot just enumerate all the namespaces. Maybe if there is a way to specify the namespace where Pulumi needs to look this can be resolved?
The error we get is:
error: Preview failed: <http://ingresses.networking.k8s.io|ingresses.networking.k8s.io> "ingress-name" is forbidden: User "user-token" cannot get resource "ingresses" in API group "<http://networking.k8s.io|networking.k8s.io>" in the namespace "default"