https://pulumi.com logo
Join Slack
Powered by
:wave: Pulumi newbie here. I'm working on getting...
# kubernetes
q
👋 Pulumi newbie here. I'm working on getting Cloudwatch/statsd/fluentd working from some preexisting k8s yaml files at https://github.com/aws-samples/amazon-cloudwatch-container-insights/blob/k8s/1.1.0/k8s-deployment-manifest-templates/deployment-mode/daemonset/combination/combination.yaml One issue I keep running into are errors like:
Copy code
kubernetes:core:ConfigMap (eks-cluster-nodeAccess):
  error: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials
I believe this has something to do with my 
ConfigGroup
and/or 
provider
parameter. Can anyone shed some light on this?
Code:
Copy code
export function createCloudwatchMetricsResources(
  cluster: eks.Cluster,
  clusterName: string
) {
  const awsRegion = aws.getRegion().name;
  const cloudwatchConfig = new k8s.yaml.ConfigGroup(
    "cloudwatch",
    {
      files: "cwagent/*.yaml",
      transformations: [
        (obj: any) => {
          // Transform the YAML to set the cluster and region names
          if (
            obj.kind === "ConfigMap" &&
            obj.metadata.name === "cwagentconfig"
          ) {
            obj.data["cwagentconfig.json"] = obj.data["cwagentconfig.json"]
              .replace(/{{cluster_name}}/g, clusterName)
              .replace(/{{region_name}}/g, awsRegion);
          }
        }
      ]
    },
    { providers: { kubernetes: cluster.provider } }
  );
}
g
How are you providing your 
kubeconfig
? It seems like Pulumi isn't finding it.
q
Hmm I'm not sure exactly. This is in the same program where we create the cluster and export the kubeconfig like
Copy code
export const eksClusterKubeconfig = eksCluster.kubeconfig;
Should I be making a new provider based on that config, or just using 
cluster.provider
g
You're using 
@pulumi/eks
and 
cluster.provider
is coming from there?
👍 1
Are you using assume role with AWS? If so, you might need to set your AWS credentials differently per https://github.com/pulumi/pulumi-eks/issues/140.
q
yes we are using assume role. From reading that, I presume you are suggeasting we need to add a 
CreationRoleProvider
to the cluster creation?
g
Yea, I think that might do it.
q
Maybe a dumb question: I understand which role to pass in, but which 
provider
goes into the 
CreationRoleProvider
?
nvm - I found 
eks.getRoleProvider
so it seems that pulumi doesn't like adding that to a previously created cluster. When running 
up
I get this error:
Copy code
aws:eks:Cluster (eks-cluster-eksCluster):
    error: error creating EKS Cluster (infra-test): ResourceInUseException: Cluster already exists with name: infra-test
    {
      ClusterName: "infra-test",
      Message_: "Cluster already exists with name: infra-test"
    }
is there a workaround other than 
destroy
?
A destroy followed by an up worked! Thanks so much. Are there any follow up items needed here on your end? Any way to make this more obvious in the error message and/or documentation?
g
I opened https://github.com/pulumi/docs/issues/2637 to better document this. Please add any additional thoughts to that if you have them on how this could be better documented.
8 Views
Open in Slack
PreviousNext
Powered by