I m installing AWS s k8s load balancer controller via helm w Pulumi Community #general

I’m installing AWS’s k8s load balancer controller ...

gifted-balloon-26385

12/14/2023, 12:06 AM

I’m installing AWS’s k8s load balancer controller via helm (which is their recommended installation approach):

Copy code

new k8s.helm.v3.Chart(
  "aws-load-balancer-controller",
  {
    chart: "aws-load-balancer-controller",
    version: "1.6.2",
    fetchOpts: {
      repo: "<https://aws.github.io/eks-charts>",
    },

    namespace: "kube-system",
    values: {
      clusterName: eksCluster.name,
      serviceAccount: {
        create: false,
        name: "aws-load-balancer-controller",
      },
    },
  }
);

This works fine, but I believe the controller automatically updates its own TLS secret, so whenever I run

pulumi up

again, it tries to re-replace the changes with the original ones from the helm chart. Is there a solution or workaround to this?

gifted-balloon-26385

12/14/2023, 12:29 AM

gifted-balloon-26385

12/14/2023, 12:48 AM

actually switching from Chart to Release does seem to fix the issue. yay!

dry-keyboard-94795

12/14/2023, 1:06 PM

The workaround for the Chart resource would be to use a transformation to set

ignoreChange

on the secret/certificate's data. See here for an example of transformations: https://www.pulumi.com/registry/packages/kubernetes/api-docs/helm/v3/chart/#chart-with-transformations

stale-answer-34162

12/14/2023, 2:46 PM

try using it the aws.eks.addon

Copy code

export const csiAddon = new aws.eks.Addon(
  'aws-ebs-csi-driver-addon',
  {
    clusterName: eksCluster.name,
    addonName: 'aws-ebs-csi-driver',
    resolveConflictsOnUpdate: 'OVERWRITE',
    // addonVersion: 'v1.24.1-eksbuild.1',
  },
  { dependsOn: [eksCluster, nodeGroup] },
)

Open in Slack

Previous Next