This message was deleted Pulumi Community #typescript

Join Slack

This message was deleted.

# typescript

sparse-intern-71089

04/25/2023, 11:55 AM

This message was deleted.

billowy-army-68599

04/25/2023, 3:51 PM

You will need to have network access into the cluster to hit that address, alternatively you can create an exposed service or an ingress

billowy-army-68599

04/25/2023, 3:51 PM

Either way, this isn’t really a Pulumi problem, it’s a networking problem

salmon-account-74572

04/25/2023, 4:19 PM

Are you able to share the

config

file from line 2? That will help us see how the Minio server is being configured. Perhaps that can be modified to create an exposed service as @billowy-army-68599 suggests, which is required in order to be able to communicate with Minio.

flat-planet-10000

04/26/2023, 9:13 AM

I tried to split up the infrastructure in a infra repo. There I install minio with the helm chart:

Copy code

const minioNs = new k8s.core.v1.Namespace('minio', {
    metadata: { name: 'minio' }
}, {
    provider: cluster.k8sProvider,
});
const chart = new k8s.helm.v3.Chart(
    "minio",
    {
        chart: "minio",
        version: "11.10.16",
        fetchOpts: {
            repo: "<https://marketplace.azurecr.io/helm/v1/repo>",
        },
        values: {
            global: {
                stroageClass: config.minioStorageClass,
            },
            auth: {
                rootUser: config.minioRootUser,
                rootPassword: rootPassword.result,
            },
            // defaultBuckets: "testbucket",
            config: {
                name: "region",
                options: {
                    name: config.minioRegion,
                }
            }
        },
        namespace: minioNs.metadata.name,
    },
    { provider: cluster.k8sProvider },
);
const service = chart.getResource("v1/Service", `minio/minio`);

export const minioServer = pulumi.interpolate`${service.metadata.name}.${minioNs.metadata.name}.svc.cluster.local:9000`;
export const minioSsl = false;
export const minioRootUser = config.minioRootUser;
export const minioRootPassword = pulumi.secret(s3.rootPassword.result);
export const minioRegion = config.minioRegion;

And the application deployment uses this stack. Here is the part of the config.

Copy code

import { Provider } from '@pulumi/kubernetes';
import * as pulumi from '@pulumi/pulumi';

const config = new pulumi.Config();
const env = pulumi.getStack();

const infra = new pulumi.StackReference(`<project>/${env}`);
export const k8sprovider = new Provider('k8s', {
  kubeconfig: infra.getOutput('kubeConfig'),
});
export const minioRegion = config.get('minioRegion') || infra.getOutput('minioRegion');
export const minioServer = infra.getOutput('minioServer');
export const minioSsl = infra.getOutput('minioSsl');
export const minioRootUser = infra.getOutput('minioRootUser');
export const minioRootPassword = infra.getOutput('minioRootPassword');

If I create an exposed service or an ingress, then I have to use SSL/TLS encryption. I wanted to avoid this and therefore just communicate within the cluster. Or do you have a ready solution how to do this?

flat-planet-10000

04/26/2023, 2:22 PM

OK, now I made an ingress and it is working as expected. Thanks for the answers.

salmon-account-74572

04/26/2023, 4:56 PM

Glad you got it working!

Open in Slack

Previous Next