colossal-kilobyte-61996
06/21/2023, 11:02 AMkubeconfig
from the output of a cluster creation by the DigitalOcean provider. (Typescript)
This is what I am doing to create the provider and export it so I can using it in other parts of the project:
const k8sCluster = new new digitalocean.KubernetesCluster (...)
(...)
export const provider = new k8s.Provider('k8s', {
kubeconfig: k8sCluster.kubeConfigs[0].rawConfig,
});
Later I am using the provider to create a Helm Release as follows:
import { provider } from '../path-to-the-provider';
const redis = new k8s.helm.v3.Release(
'redis',
{
chart: 'redis',
},
{
provider,
},
);
This is failing with the following error:
Diagnostics:
kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> (redis):
error: could not get server version from Kubernetes: the server has asked for the client to provide credentials
Note that if I don’t use the provider and I let the default provider kick in and use the kubeConfig
file in my system, everything works.
I am sure I am missing something but I am unsure what. I’d be grateful if anybody could guide me here. Thank you 🙏-v 3
and --debug
but I don’t see anything meaningful in the logssalmon-account-74572
06/21/2023, 4:05 PMcolossal-kilobyte-61996
06/21/2023, 4:07 PMsalmon-account-74572
06/21/2023, 5:05 PMimport * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const config = new pulumi.Config("aws");
const provider = new aws.Provider("aws", {
profile: config.require("profile"),
region: <aws.Region>config.require("region")
// where the below string is the URN of the default provider
}, { aliases: ["urn:pulumi:phil::provider-alias::pulumi:providers:aws::default_5_30_1"] });
// Create an AWS resource (S3 Bucket)
const bucket = new aws.s3.Bucket("my-bucket", {}, { provider: provider });
// Export the name of the bucket
export const bucketName = bucket.id;
The default provider’s URN should be accessible in the Pulumi state, assuming you haven’t already run an update (which I think you were holding on because of the resource replacements). That will give you what you need to put in the alias.colossal-kilobyte-61996
06/21/2023, 5:06 PM_5_30_1
suffix in the alias?salmon-account-74572
06/21/2023, 5:07 PMcolossal-kilobyte-61996
06/21/2023, 5:12 PMpulumi up
, it complained about missing credentials, which further confused me due do the fact that it had worked in the past.new digitalocean.KubernetesCluster
returns a kubeConfig
that expires after 7 days basically, and when it does, it’s confusing. It;s not something Pulumi can control obviously but a hint about this in the docs is what I would add.salmon-account-74572
06/21/2023, 5:18 PMcolossal-kilobyte-61996
06/21/2023, 5:23 PMsalmon-account-74572
06/21/2023, 5:24 PMcolossal-kilobyte-61996
06/21/2023, 5:24 PMacceptable-intern-25844
07/01/2023, 4:14 PMcreateTokenKubeconfig
. I’ve specified the alias for the k8s provider, but it still wants to replace everything, here are diff details:
pulumi:pulumi:Stack: (same)
[urn=urn:pulumi:qa.provision::crm::pulumi:pulumi:Stack::crm-qa.provision]
++pulumi:providers:kubernetes: (create-replacement)
[id=a318d097-7f31-40f1-baf7-51a549ebec6f]
[urn=urn:pulumi:qa.provision::crm::pulumi:providers:kubernetes::doks]
enableServerSideApply: "true"
kubeconfig : [secret]
version : "3.24.2"
+-pulumi:providers:kubernetes: (replace)
[id=a318d097-7f31-40f1-baf7-51a549ebec6f]
[urn=urn:pulumi:qa.provision::crm::pulumi:providers:kubernetes::doks]
enableServerSideApply: "true"
kubeconfig : [secret]
version : "3.24.2"
--pulumi:providers:kubernetes: (delete-replaced)
[id=a318d097-7f31-40f1-baf7-51a549ebec6f]
[urn=urn:pulumi:qa.provision::crm::pulumi:providers:kubernetes::doks]
any suggestions on how to deal with this?