sparse-intern-71089
07/26/2023, 6:18 PMglamorous-australia-21342
07/26/2023, 6:22 PMKUBECONFIG=~/Downloads/do-cluster-7b17531-kubeconfig.yaml pulumi preview
with the latest kubeconfig i get the same error.salmon-account-74572
07/26/2023, 6:55 PMglamorous-australia-21342
07/26/2023, 7:06 PMglamorous-australia-21342
07/27/2023, 6:48 PMsalmon-account-74572
07/27/2023, 7:36 PMglamorous-australia-21342
07/27/2023, 7:37 PMconst doK8sProvider = new k8s.Provider("do-k8s-provider", {
kubeconfig
}, {
parent: cluster
})
I did declare an explicit provider although i cant remember whyglamorous-australia-21342
07/27/2023, 7:37 PMglamorous-australia-21342
07/27/2023, 7:38 PMglamorous-australia-21342
07/27/2023, 7:38 PMsalmon-account-74572
07/27/2023, 7:45 PMcluster.provider
works for EKS but not for DOKS.
In any case, in reading through the issue I linked above and some related/linked issues, it sounds like running pulumi refresh
will re-generate a DO access token that will last for another seven days. Can you try running pulumi refresh
to see if that changes anything for you?glamorous-australia-21342
07/27/2023, 8:24 PMglamorous-australia-21342
07/27/2023, 8:24 PMglamorous-australia-21342
07/28/2023, 6:25 PMexport const kubeconfig = pulumi.secret(cluster.kubeConfigs[0].rawConfig)
const doK8sProvider = new k8s.Provider("do-k8s-provider", {
kubeconfig
}, {
parent: cluster
})
glamorous-australia-21342
07/28/2023, 6:25 PMglamorous-australia-21342
07/28/2023, 6:26 PMglamorous-australia-21342
07/28/2023, 6:26 PMglamorous-australia-21342
07/28/2023, 6:43 PMglamorous-australia-21342
07/28/2023, 6:43 PMsalmon-account-74572
07/28/2023, 7:12 PMglamorous-australia-21342
07/28/2023, 7:12 PMcluster.name
returns something differentglamorous-australia-21342
07/28/2023, 7:13 PMglamorous-australia-21342
07/28/2023, 7:13 PMsalmon-account-74572
07/28/2023, 7:14 PMglamorous-australia-21342
07/28/2023, 7:14 PMglamorous-australia-21342
07/28/2023, 7:16 PMkubernetes:apps/v1:Deployment (kube-system/metrics-server):
error: configured Kubernetes cluster is unreachable: unable to load Kubernetes client configuration from kubeconfig file. Make sure you have:
• set up the provider as per <https://www.pulumi.com/registry/packages/kubernetes/installation-configuration/>
invalid configuration: [context was not found for specified context: do-cluster-####, cluster has no server defined]
pulumi:pulumi:Stack (oxheadinfra_do-dev):
error: update failed
glamorous-australia-21342
07/28/2023, 7:16 PM// Manufacture a DO kubeconfig that uses a given API token.
//
// Note: this is slightly "different" than the default DOKS kubeconfig created
// for the cluster admin, which uses a new token automatically created by DO.
// <https://github.com/pulumi/pulumi-digitalocean/issues/312#issuecomment-1143432863>
export function createTokenKubeconfig(
cluster: digitalocean.KubernetesCluster,
user: pulumi.Input<string>,
apiToken: pulumi.Input<string>,
): pulumi.Output<any> {
const clusterName = cluster.name
return pulumi.interpolate`apiVersion: v1
clusters:
- cluster:
certificate-authority-data: ${cluster.kubeConfigs[0].clusterCaCertificate}
server: ${cluster.endpoint}
name: ${cluster.name}
contexts:
- context:
cluster: ${cluster.name}
user: ${cluster.name}-${user}
name: ${cluster.name}
current-context: ${cluster.name}
kind: Config
users:
- name: ${cluster.name}-${user}
user:
token: ${apiToken}
`;
}
const doCfg = new pulumi.Config("digitalocean")
export const kubeconfig = createTokenKubeconfig(cluster,"admin",doCfg.requireSecret("token"))
const doK8sProvider = new k8s.Provider("do-k8s-provider", {
kubeconfig
}, {
parent: cluster
})
glamorous-australia-21342
07/28/2023, 7:16 PMglamorous-australia-21342
07/28/2023, 7:18 PMglamorous-australia-21342
07/28/2023, 7:18 PMglamorous-australia-21342
07/28/2023, 7:24 PMsalmon-account-74572
07/28/2023, 7:26 PMname
field needs to be indented:
clusters:
- cluster:
certificate-authority-data: ...
server: ....
name: ....
glamorous-australia-21342
07/28/2023, 7:26 PMglamorous-australia-21342
07/28/2023, 7:27 PMglamorous-australia-21342
07/28/2023, 7:27 PMsalmon-account-74572
07/28/2023, 7:27 PMglamorous-australia-21342
07/28/2023, 7:27 PMsalmon-account-74572
07/28/2023, 7:28 PMglamorous-australia-21342
07/28/2023, 7:28 PMglamorous-australia-21342
07/28/2023, 7:29 PMname
and i get the cluster has no server defined
glamorous-australia-21342
07/28/2023, 7:29 PMsalmon-account-74572
07/28/2023, 7:31 PMclusters
section:
clusters:
- cluster:
certificate-authority-data: ...
server: ....
name: name
The name
field needs to be part of the list (array) created by the - cluster
line so it’s indented 2 spaces. The certificate-authority-data
and server
lines are indented 4 spaces.salmon-account-74572
07/28/2023, 7:31 PMsalmon-account-74572
07/28/2023, 7:31 PMglamorous-australia-21342
07/28/2023, 7:32 PMsalmon-account-74572
07/28/2023, 7:32 PMglamorous-australia-21342
07/28/2023, 7:32 PMglamorous-australia-21342
07/28/2023, 7:32 PMclusters:
- cluster:
certificate-authority-data: ${cluster.kubeConfigs[0].clusterCaCertificate}
server: ${cluster.endpoint}
name: ${cluster.name}
glamorous-australia-21342
07/28/2023, 7:33 PMnvalid configuration: [context was not found for specified context: do-cluster-#####, cluster has no server defined]
salmon-account-74572
07/28/2023, 7:33 PMglamorous-australia-21342
07/28/2023, 7:33 PMexport function createTokenKubeconfig(
cluster: digitalocean.KubernetesCluster,
user: pulumi.Input<string>,
apiToken: pulumi.Input<string>,
): pulumi.Output<any> {
const clusterName = cluster.name
return pulumi.interpolate`apiVersion: v1
clusters:
- cluster:
certificate-authority-data: ${cluster.kubeConfigs[0].clusterCaCertificate}
server: ${cluster.endpoint}
name: ${cluster.name}
contexts:
- context:
cluster: ${cluster.name}
user: ${cluster.name}-${user}
name: ${cluster.name}
current-context: ${cluster.name}
kind: Config
users:
- name: ${cluster.name}-${user}
user:
token: ${apiToken}
`;
}
glamorous-australia-21342
07/28/2023, 7:33 PMsalmon-account-74572
07/28/2023, 7:35 PMcontexts
section, you need to indent cluster
and user
under - context:
, and name
should be part of the list of contexts (indented 2 spaces).glamorous-australia-21342
07/28/2023, 7:35 PMsalmon-account-74572
07/28/2023, 7:35 PMcontexts
section should look (indentation wise) like the clusters
section.glamorous-australia-21342
07/28/2023, 7:35 PMalready exists
errorsglamorous-australia-21342
07/28/2023, 7:35 PMglamorous-australia-21342
07/28/2023, 7:36 PMglamorous-australia-21342
07/28/2023, 7:36 PMglamorous-australia-21342
07/28/2023, 7:36 PMsalmon-account-74572
07/28/2023, 7:36 PMglamorous-australia-21342
07/28/2023, 7:38 PMglamorous-australia-21342
07/28/2023, 7:38 PMglamorous-australia-21342
07/28/2023, 7:38 PMalready exists
errors besides importing everything?salmon-account-74572
07/28/2023, 7:44 PMalready exists
errors are you getting? Is this from a pulumi
command?glamorous-australia-21342
07/28/2023, 7:44 PMglamorous-australia-21342
07/28/2023, 7:44 PMsalmon-account-74572
07/28/2023, 7:44 PMpulumi refresh
firstglamorous-australia-21342
07/28/2023, 7:45 PMglamorous-australia-21342
07/28/2023, 7:45 PMglamorous-australia-21342
07/28/2023, 7:45 PMglamorous-australia-21342
07/28/2023, 7:46 PMglamorous-australia-21342
07/28/2023, 7:46 PMglamorous-australia-21342
07/28/2023, 7:47 PMglamorous-australia-21342
07/28/2023, 7:48 PMpreview
not refresh
still same unreachable errorsalmon-account-74572
07/28/2023, 7:48 PMpulumi up
was trying to replace things. If feeding the new Kubeconfig causes pulumi preview
to work, then feeding it to pulumi up
should give you the option to accept any replacements (or not).glamorous-australia-21342
07/28/2023, 7:48 PMsalmon-account-74572
07/28/2023, 7:49 PMglamorous-australia-21342
08/01/2023, 3:13 PMsalmon-account-74572
08/01/2023, 3:31 PMpulumi preview
and it works (suggests replacements but doesn’t give you the option to accept them), then feeding the new Kubeconfig to pulumi up
should also work, and would give you the option to accept replacements. Ideally there will be only one replacement, which is the provider, and then we don’t have to worry about an alias. While I’m in meetings today, I’d suggest trying this to see what happens. (Don’t worry, you can always decline the operation if you feel it will be disruptive to your environment.)
You could also use pulumi preview --diff
with the new Kubeconfig to get a more detailed indication of exactly what it would change; this might also give you a good indication of whether or not only the provider is changing.
Post your findings back here, and I’ll check back in as I have time today between meetings.glamorous-australia-21342
08/01/2023, 3:32 PMglamorous-australia-21342
08/01/2023, 3:32 PMglamorous-australia-21342
08/01/2023, 3:32 PMglamorous-australia-21342
08/01/2023, 3:33 PMglamorous-australia-21342
08/01/2023, 3:48 PMsalmon-account-74572
08/01/2023, 3:49 PMglamorous-australia-21342
08/01/2023, 3:49 PMglamorous-australia-21342
08/01/2023, 3:49 PMglamorous-australia-21342
08/01/2023, 3:50 PMsalmon-account-74572
08/01/2023, 3:53 PMglamorous-australia-21342
08/01/2023, 3:54 PMglamorous-australia-21342
08/01/2023, 3:54 PMglamorous-australia-21342
08/01/2023, 3:54 PMglamorous-australia-21342
08/01/2023, 9:27 PMglamorous-australia-21342
08/01/2023, 9:33 PMsalmon-account-74572
08/02/2023, 1:32 PMsalmon-account-74572
08/02/2023, 1:33 PMglamorous-australia-21342
08/02/2023, 1:46 PMsalmon-account-74572
08/02/2023, 2:02 PMup
reports duplicate errors, and refresh just plain doesn’t work.glamorous-australia-21342
08/02/2023, 2:03 PMglamorous-australia-21342
08/02/2023, 2:20 PMglamorous-australia-21342
08/02/2023, 2:20 PMsalmon-account-74572
08/02/2023, 3:01 PMglamorous-australia-21342
08/02/2023, 3:02 PMsalmon-account-74572
08/02/2023, 4:39 PMglamorous-australia-21342
08/02/2023, 4:58 PMglamorous-australia-21342
08/03/2023, 7:04 PMsalmon-account-74572
08/03/2023, 9:34 PMdeleteBeforeReplace
so pulumi up
can go ahead and update your Kubernetes resources.glamorous-australia-21342
08/03/2023, 9:35 PMsalmon-account-74572
08/03/2023, 9:38 PMsalmon-account-74572
08/03/2023, 9:43 PMglamorous-australia-21342
08/03/2023, 9:45 PMsalmon-account-74572
08/03/2023, 9:47 PMdeleteBeforeReplace
tells the provider to do exactly that---delete the resource first, then create its replacement.glamorous-australia-21342
08/03/2023, 9:48 PMglamorous-australia-21342
08/03/2023, 9:48 PMglamorous-australia-21342
08/03/2023, 9:48 PMsalmon-account-74572
08/03/2023, 9:49 PMglamorous-australia-21342
08/03/2023, 9:52 PMglamorous-australia-21342
08/03/2023, 9:52 PMglamorous-australia-21342
08/03/2023, 9:53 PMglamorous-australia-21342
08/03/2023, 9:53 PMglamorous-australia-21342
08/03/2023, 9:54 PMglamorous-australia-21342
08/03/2023, 9:54 PMsalmon-account-74572
08/03/2023, 9:58 PMpulumi state export
) and verify whether those resources are there or not. I haven’t seen the error messages and other outputs you’ve shared with Phil, so I’m only relaying what he passed on to me. I don’t know if your error messages are coming from Pulumi or from the Kubernetes API.glamorous-australia-21342
08/03/2023, 9:58 PMglamorous-australia-21342
08/03/2023, 9:59 PMglamorous-australia-21342
08/03/2023, 9:59 PMglamorous-australia-21342
08/03/2023, 9:59 PMglamorous-australia-21342
08/04/2023, 3:25 PMglamorous-australia-21342
08/04/2023, 3:58 PM