https://pulumi.com logo
Powered by
b

bitter-dentist-28132

06/05/2020, 2:23 AM
been a while since using pulumi on this repo, and now it doesn't work. i keep getting 
configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials
. any idea why this might be the case? i'm explicitly getting the kubeconfig and providing it as the 
provider
, so it's not like some sort of ambient credential problem.
c

creamy-potato-29402

06/05/2020, 2:35 AM
probably your kubeconfig file is not working.
this error is saying your credentials don’t work for that cluster
b

bitter-dentist-28132

06/05/2020, 2:36 AM
as i said, i am not using ambient credentials
perhaps i should clarify, i am requesting the kubeconfig, i am not loading it from a file
i.e. i'm basically doing a 
cluster.kubeConfig
Copy code
try {
    // first try to generate the kubeconfig from a pre-existing cluster.
    // this is done to workaround the 7-day expiry of kubeconfigs from DO.
    kubeConfig = pulumi.secret(digitalocean.getKubernetesCluster(
        {name: `infrastructure`}).kubeConfigs[0].rawConfig);
} catch (e) {
    // if we can't do that, simply grab the kubeconfig from the cluster we
    // just created
    kubeConfig = pulumi.secret(cluster.kubeConfigs[0].rawConfig);
}
maybe it's a pulumi version mismatch error...
do you know if there's a pulumi (binary) version manager?
c

creamy-potato-29402

06/05/2020, 3:07 AM
Uhm…. to me this looks a lot like a kube auth error?
that is, this looks like an error in the way the kubeconfig file is formatted? sometimes the data is wrong too, though.
pulumi in general is not smarter than kubectl, in the sense that it uses the exact same auth channels.
so if pulumi claims that the cluster is unreachable, this is usually not unique to pulumi
b

bitter-dentist-28132

06/05/2020, 3:18 AM
yeah, i mean i agree that's what it looks like, but i even printed the kubeconfig to a file and used it with 
kubectl
-- worked fine.
looks to be some problem with refreshing resources only... 🤔
oh.... maybe i need to 
up
just the provider to bump the kubeconfig
yup.... that's what it was 🤦‍♂️ the 
refresh
was using the stack's stored provider, which of course no longer works after 7 days because DO uses expiring certs for auth... sigh
sorry, user error on my part...
c

creamy-potato-29402

06/05/2020, 3:43 AM
that is super nice to know, thank you for sharing
👍 1
3 Views
Powered by