hey peeps im installing a helm chart to install an operator Pulumi Community #kubernetes

hey peeps, im installing a helm chart to install a...

victorious-church-57397

08/26/2022, 3:14 PM

hey peeps, im installing a helm chart to install an operator and all the CRDs i need, and then im using the pulumi k8s.

CustomResource

to try and deploy an instance of the resource which is configured on the cluster with the helm chart. I've got pulumi creating it, and it all looks good but no pods are actually being deployed, if i manually run

kubectl apply -f

on the yaml file, then it works fine but not when ive converted it to a JS object format, cant help but thinking the

CustomResource

might not be what im after?

billowy-army-68599

08/26/2022, 3:14 PM

it is, what error are you getting? can you share your code?

billowy-army-68599

08/26/2022, 3:15 PM

also, crd2pulumi helps 🙂 https://github.com/pulumi/crd2pulumi

victorious-church-57397

08/26/2022, 3:16 PM

im not getting any errors at all, its all deploying fine, the CRD is on the cluster as its installed via the helm chart, just the pods arent coming up

victorious-church-57397

08/26/2022, 3:16 PM

sure, code is here:

Copy code

new CustomResource(
      'runner-pool',
      {
        apiVersion: '<http://garo.tietoevry.com/v1alpha1|garo.tietoevry.com/v1alpha1>',
        kind: 'GithubActionRunner',
        metadata: {
          name: 'runner-pool',
          namespace: 'github-actions-runner-operator',
        },
        spec: {
          minRunners: config.minRunners,
          maxRunners: config.maxRunners,
          organization: 'jugo-io',
          reconciliationPeriod: '1m',
          tokenRef: {
            key: 'GH_TOKEN',
            name: 'actions-runner',
          },
          podTemplateSpec: {
            metadata: {
              annotations: { '<http://prometheus.io/scrape|prometheus.io/scrape>': 'false', '<http://prometheus.io/port|prometheus.io/port>': '3903' },
            },
            spec: {
              affinity: {
                podAntiAffinity: {
                  preferredDuringSchedulingIgnoredDuringExecution: [
                    {
                      weight: 100,
                      podAffinityTerm: {
                        topologyKey: '<http://kubernetes.io/hostname|kubernetes.io/hostname>',
                        labelSelector: {
                          matchExpressions: [
                            {
                              key: '<http://garo.tietoevry.com/pool|garo.tietoevry.com/pool>',
                              operator: 'In',
                              values: ['runner-pool'],
                            },
                          ],
                        },
                      },
                    },
                  ],
                },
              },

              containers: [
                {
                  name: 'runner',
                  env: [
                    {
                      name: 'RUNNER_DEBUG',
                      value: 'true',
                    },
                    {
                      name: 'DOCKER_TLS_CERTDIR',
                      value: '/certs',
                    },
                    {
                      name: 'DOCKER_HOST',
                      value: '<tcp://localhost:2376>',
                    },
                    {
                      name: 'DOCKER_TLS_VERIFY',
                      value: '1',
                    },
                    {
                      name: 'DOCKER_CERT_PATH',
                      value: '/certs/client',
                    },
                    {
                      name: 'GH_ORG',
                      value: 'jugo-io',
                    },
                  ],
                  envFrom: [
                    {
                      secretRef: {
                        name: 'runner-pool-regtoken',
                      },
                    },
                  ],
                  image: '<http://quay.io/evryfs/github-actions-runner:master|quay.io/evryfs/github-actions-runner:master>',
                  imagePullPolicy: 'IfNotPresent',
                  resources: {},
                  volumeMounts: [
                    {
                      mountPath: '/certs',
                      name: 'docker-certs',
                    },
                    {
                      mountPath: '/home/runner/_diag',
                      name: 'runner-diag',
                    },
                    {
                      mountPath: '/home/runner/_work',
                      name: 'runner-work',
                    },
                  ],
                },
                {
                  name: 'docker',
                  env: [
                    {
                      name: 'DOCKER_TLS_CERTDIR',
                      value: '/certs',
                    },
                  ],
                  image: 'docker:stable-dind',
                  imagePullPolicy: 'Always',
                  args: ['--mtu=1430'],
                  resources: {},
                  securityContext: {
                    privileged: true,
                  },
                  volumeMounts: [
                    {
                      mountPath: '/var/lib/docker',
                      name: 'docker-storage',
                    },
                    {
                      mountPath: '/certs',
                      name: 'docker-certs',
                    },
                    {
                      mountPath: '/home/runner/_work',
                      name: 'runner-work',
                    },
                  ],
                },
                {
                  name: 'exporter',
                  image: '<http://quay.io/evryfs/github-actions-runner-metrics:v0.0.3|quay.io/evryfs/github-actions-runner-metrics:v0.0.3>',
                  ports: [
                    {
                      containerPort: 3903,
                      protocol: 'TCP',
                    },
                  ],
                  volumeMounts: [
                    {
                      name: 'runner-diag',
                      mountPath: '/_diag',
                      readOnly: true,
                    },
                  ],
                },
              ],
              volumes: [
                {
                  emptyDir: {},
                  name: 'runner-work',
                },
                {
                  emptyDir: {},
                  name: 'runner-diag',
                },
                {
                  emptyDir: {},
                  name: 'mvn-repo',
                },
                {
                  emptyDir: {},
                  name: 'docker-storage',
                },
                {
                  emptyDir: {},
                  name: 'docker-certs',
                },
              ],
            },
          },
        },
      },
      { dependsOn: [operator], provider },
    );

billowy-army-68599

08/26/2022, 3:17 PM

what does the controller say about what’s happening when creating the pods?

victorious-church-57397

08/26/2022, 3:18 PM

2022-08-26T15:18:00.252Z	INFO	controllers.GithubActionRunner	Pods and runner API not in sync, returning early	{"githubactionrunner": "github-actions-runner-operator/runner-pool"}

hmm, not sure why that would be happening though

victorious-church-57397

08/26/2022, 3:19 PM

ill have to dig in to where thats coming from

victorious-church-57397

08/26/2022, 3:19 PM

im going to try applying it manually again and seeing if i get the same issues

victorious-church-57397

08/26/2022, 3:27 PM

ive been looking in the issues for the operator im using and they seem to imply it could be secret related, but the secret is correct and the token has relevant perms... ill keep digging anyway, just wanted to make sure i definitely had the right resource type, cheers

cold-orange-37453

08/29/2022, 2:04 PM

@billowy-army-68599 How can we use pulumi.Output types with CustomResource UntypedArgs ?

5 Views

Open in Slack

Previous Next