https://pulumi.com logo
Powered by
#kubernetes
Title
# kubernetes
v

victorious-church-57397

08/26/2022, 3:14 PM
hey peeps, im installing a helm chart to install an operator and all the CRDs i need, and then im using the pulumi k8s. 
CustomResource
to try and deploy an instance of the resource which is configured on the cluster with the helm chart. I've got pulumi creating it, and it all looks good but no pods are actually being deployed, if i manually run 
kubectl apply -f
on the yaml file, then it works fine but not when ive converted it to a JS object format, cant help but thinking the 
CustomResource
might not be what im after?
b

billowy-army-68599

08/26/2022, 3:14 PM
it is, what error are you getting? can you share your code?
also, crd2pulumi helps 🙂 https://github.com/pulumi/crd2pulumi
v

victorious-church-57397

08/26/2022, 3:16 PM
im not getting any errors at all, its all deploying fine, the CRD is on the cluster as its installed via the helm chart, just the pods arent coming up
sure, code is here:
Copy code
new CustomResource(
      'runner-pool',
      {
        apiVersion: '<http://garo.tietoevry.com/v1alpha1|garo.tietoevry.com/v1alpha1>',
        kind: 'GithubActionRunner',
        metadata: {
          name: 'runner-pool',
          namespace: 'github-actions-runner-operator',
        },
        spec: {
          minRunners: config.minRunners,
          maxRunners: config.maxRunners,
          organization: 'jugo-io',
          reconciliationPeriod: '1m',
          tokenRef: {
            key: 'GH_TOKEN',
            name: 'actions-runner',
          },
          podTemplateSpec: {
            metadata: {
              annotations: { '<http://prometheus.io/scrape|prometheus.io/scrape>': 'false', '<http://prometheus.io/port|prometheus.io/port>': '3903' },
            },
            spec: {
              affinity: {
                podAntiAffinity: {
                  preferredDuringSchedulingIgnoredDuringExecution: [
                    {
                      weight: 100,
                      podAffinityTerm: {
                        topologyKey: '<http://kubernetes.io/hostname|kubernetes.io/hostname>',
                        labelSelector: {
                          matchExpressions: [
                            {
                              key: '<http://garo.tietoevry.com/pool|garo.tietoevry.com/pool>',
                              operator: 'In',
                              values: ['runner-pool'],
                            },
                          ],
                        },
                      },
                    },
                  ],
                },
              },

              containers: [
                {
                  name: 'runner',
                  env: [
                    {
                      name: 'RUNNER_DEBUG',
                      value: 'true',
                    },
                    {
                      name: 'DOCKER_TLS_CERTDIR',
                      value: '/certs',
                    },
                    {
                      name: 'DOCKER_HOST',
                      value: '<tcp://localhost:2376>',
                    },
                    {
                      name: 'DOCKER_TLS_VERIFY',
                      value: '1',
                    },
                    {
                      name: 'DOCKER_CERT_PATH',
                      value: '/certs/client',
                    },
                    {
                      name: 'GH_ORG',
                      value: 'jugo-io',
                    },
                  ],
                  envFrom: [
                    {
                      secretRef: {
                        name: 'runner-pool-regtoken',
                      },
                    },
                  ],
                  image: '<http://quay.io/evryfs/github-actions-runner:master|quay.io/evryfs/github-actions-runner:master>',
                  imagePullPolicy: 'IfNotPresent',
                  resources: {},
                  volumeMounts: [
                    {
                      mountPath: '/certs',
                      name: 'docker-certs',
                    },
                    {
                      mountPath: '/home/runner/_diag',
                      name: 'runner-diag',
                    },
                    {
                      mountPath: '/home/runner/_work',
                      name: 'runner-work',
                    },
                  ],
                },
                {
                  name: 'docker',
                  env: [
                    {
                      name: 'DOCKER_TLS_CERTDIR',
                      value: '/certs',
                    },
                  ],
                  image: 'docker:stable-dind',
                  imagePullPolicy: 'Always',
                  args: ['--mtu=1430'],
                  resources: {},
                  securityContext: {
                    privileged: true,
                  },
                  volumeMounts: [
                    {
                      mountPath: '/var/lib/docker',
                      name: 'docker-storage',
                    },
                    {
                      mountPath: '/certs',
                      name: 'docker-certs',
                    },
                    {
                      mountPath: '/home/runner/_work',
                      name: 'runner-work',
                    },
                  ],
                },
                {
                  name: 'exporter',
                  image: '<http://quay.io/evryfs/github-actions-runner-metrics:v0.0.3|quay.io/evryfs/github-actions-runner-metrics:v0.0.3>',
                  ports: [
                    {
                      containerPort: 3903,
                      protocol: 'TCP',
                    },
                  ],
                  volumeMounts: [
                    {
                      name: 'runner-diag',
                      mountPath: '/_diag',
                      readOnly: true,
                    },
                  ],
                },
              ],
              volumes: [
                {
                  emptyDir: {},
                  name: 'runner-work',
                },
                {
                  emptyDir: {},
                  name: 'runner-diag',
                },
                {
                  emptyDir: {},
                  name: 'mvn-repo',
                },
                {
                  emptyDir: {},
                  name: 'docker-storage',
                },
                {
                  emptyDir: {},
                  name: 'docker-certs',
                },
              ],
            },
          },
        },
      },
      { dependsOn: [operator], provider },
    );
b

billowy-army-68599

08/26/2022, 3:17 PM
what does the controller say about what’s happening when creating the pods?
v

victorious-church-57397

08/26/2022, 3:18 PM
2022-08-26T15:18:00.252Z	INFO	controllers.GithubActionRunner	Pods and runner API not in sync, returning early	{"githubactionrunner": "github-actions-runner-operator/runner-pool"}
hmm, not sure why that would be happening though
ill have to dig in to where thats coming from
im going to try applying it manually again and seeing if i get the same issues
ive been looking in the issues for the operator im using and they seem to imply it could be secret related, but the secret is correct and the token has relevant perms... ill keep digging anyway, just wanted to make sure i definitely had the right resource type, cheers
c

cold-orange-37453

08/29/2022, 2:04 PM
@billowy-army-68599 How can we use pulumi.Output types with CustomResource UntypedArgs ?
5 Views
Powered by