This message was deleted.
# kubernetess
sparse-intern-71089
08/06/2021, 1:28 AMThis message was deleted.
p
purple-plumber-90981
08/06/2021, 1:34 AMie when i deploy cert-manager by helm and subsequently `aws-load-balancer-controller`by helm i sometimes get
Copy code
error: resource kube-system/aws-load-balancer-serving-cert was not successfully created by the Kubernetes API server : Internal error occurred: failed calling webhook "<http://webhook.cert-manager.io|webhook.cert-manager.io>": Post "<https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s>": no endpoints available for service "cert-manager-webhook"purple-plumber-90981
08/06/2021, 1:34 AMthis is because the cert-manager-webhook endpoint is not yet ready
purple-plumber-90981
08/06/2021, 1:35 AMif i rerun pulumi up a couple of minutes later all is fine
purple-plumber-90981
08/06/2021, 1:36 AMi tried creating a test cert and depending on that, but it seems cert creation can work before the webhook endpoint is ready
b
billowy-army-68599
08/06/2021, 2:20 AM
there's a
.readyp
purple-plumber-90981
08/06/2021, 2:27 AMawesome, trying, thanks
b
bored-table-20691
08/06/2021, 2:35 AM@billowy-army-68599 what’s the semantics on it? Is it set to true/resolves once every part of the chart is ready?
p
purple-plumber-90981
08/06/2021, 2:38 AM Copy code
opts=pulumi.ResourceOptions(depends_on=[certmgr_namespace, k8s_h_cert_manager.ready], provider=k8s_provider),
AttributeError: 'Chart' object has no attribute 'ready'
error: an unhandled error occurred: Program exited with non-zero exit code: 1b
billowy-army-68599
08/06/2021, 2:50 AM
looks like it only exits for typescript 😞
p
purple-plumber-90981
08/06/2021, 2:53 AMlooking through the code for https://github.com/pulumi/pulumi-kubernetes/blob/master/sdk/python/pulumi_kubernetes/helm/v3/helm.py to see if i can find an alternative
b
bored-table-20691
08/06/2021, 3:05 AMIt looks like in TS it’s just doing apply on the resources list.
Looking at Go, the Resources field is public, so would it be possible to just do ApplyT on that?
p
purple-plumber-90981
08/06/2021, 5:35 AMok so that was a good hint… looks like in python i can depend on a subresource of a helm chart like :-
opts=pulumi.ResourceOptions(depends_on=[k8s_h_cert_manager.resources['v1/Service:cert-manager/cert-manager-webhook']], provider=k8s_provider),purple-plumber-90981
08/06/2021, 5:51 AMyou can get a list of the resource names with some pulumi futures hackery like :-
Copy code
wtf_resources = k8s_h_cert_manager.resources.apply(lambda resources: resources.keys())
pulumi.export('wtf_resources', wtf_resources)b
bored-table-20691
08/06/2021, 6:16 AM@purple-plumber-90981 any reason not to depend on the entire set of resources?
p
purple-plumber-90981
08/06/2021, 6:16 AMdoesnt wait for them to be created
purple-plumber-90981
08/06/2021, 6:17 AMi think once the helm yaml has been fired off thats it, the dependency is satisfied wether the resources are ready or not
purple-plumber-90981
08/06/2021, 6:19 AMi found that my cert-manager / alb race condition was satisfied by depending on the cert manager webhook service
purple-plumber-90981
08/06/2021, 6:19 AMthis is one of the last resources in that chart to be created
purple-plumber-90981
08/06/2021, 6:19 AMthe problem was intermittent but regular before… since i changed the depends, no failure
b
bored-table-20691
08/06/2021, 3:59 PMRight - I was more thinking that you would do what the TS code is doing and just wait on the entire array of
resources5 Views