colossal-school-15171
11/19/2020, 5:23 AMlet coreLabels = { app: "core" };
let coreDeployment = new k8s.apps.v1.Deployment("core", {
spec: {
selector: { matchLabels: coreLabels },
replicas: 1,
template: {
metadata: { labels: coreLabels },
spec: {
containers: [{
name: "core",
image:"<http://mappeddev.azurecr.io.blob.core.windows.net|mappeddev.azurecr.io.blob.core.windows.net>",
ports: [{ containerPort: 80 }]
}],
},
},
},
});
which gives this error diagnostic:
Type Name Status Info
pulumi:pulumi:Stack mapped_infrastructure-aks **failed** 1 error
~ ├─ kubernetes:apps/v1:Deployment core **updating failed** 1 error
~ ├─ azure-nextgen:containerregistry/v20190501preview:ScopeMap acrScopeMap **updating failed** [diff: ~actions]; 1 error
~ └─ azure:containerservice:KubernetesCluster aksCluster updated [diff: ~addonProfile]
Diagnostics:
kubernetes:apps/v1:Deployment (core):
error: 5 errors occurred:
* the Kubernetes API server reported that "core-1je2id4a" failed to fully initialize or become live: 'core-1je2id4a' timed out waiting to be Ready
* [MinimumReplicasUnavailable] Deployment does not have minimum availability.
* [ProgressDeadlineExceeded] ReplicaSet "core-1je2id4a-cd7d9599d" has timed out progressing.
* Minimum number of live Pods was not attained
* [Pod core-1je2id4a-cd7d9599d-k4n9v]: containers with unready status: [core] -- [ImagePullBackOff] Back-off pulling image "<http://mappeddev.azurecr.io.blob.core.windows.net|mappeddev.azurecr.io.blob.core.windows.net>"
I’ve tried creating a token using the example code here: https://www.pulumi.com/docs/reference/pkg/azure-nextgen/containerregistry/token/
it gives me this error
azure-nextgen:containerregistry/v20190501preview:Token (token):
error: Code="CertificateAuthNotSupported" Message="Certificate authentication is not yet supported. For more information on repository permissions, please visit <https://aka.ms/acr/repo-permissions>."
tall-librarian-49374
11/19/2020, 6:39 AMconst clusterPrincipalId = cluster.identityProfile.apply(p => p!["kubeletidentity"].objectId!);
new authorization.RoleAssignment("access-from-cluster", {
properties: {
principalId: clusterPrincipalId,
roleDefinitionId: "/subscriptions/0282681f-7a9e-424b-80b2-96babd57a8a1/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d",
},
roleAssignmentName: "923a52ca-a43c-5112-b7cb-12fe172d568f",
scope: registry.id,
});
colossal-school-15171
11/19/2020, 6:45 PMtall-librarian-49374
11/19/2020, 7:35 PM@pulumi/azure-nextgen/authorization/latest
colossal-school-15171
11/19/2020, 9:06 PMancient-megabyte-79588
11/19/2020, 11:00 PMcolossal-school-15171
11/27/2020, 9:55 PMrapid-oil-61997
12/01/2020, 7:27 PMtall-librarian-49374
12/01/2020, 7:53 PMrapid-oil-61997
12/01/2020, 8:09 PMtall-librarian-49374
12/01/2020, 8:17 PMrapid-oil-61997
12/01/2020, 8:30 PMtall-librarian-49374
01/12/2021, 11:11 AM