No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Has anyone tried or know of some project using Istio + Pulumi in k8s/eks?

I’ve been wondering how sidecar injection works with Pulumi. Would [automatic sidecar injection](<https://istio.io/docs/setup/kubernetes/sidecar-injection/#automatic-sidecar-injection>) mess with Pulumi’s notion of state?

I might be able to validate this in the next week. We’re currently doing POC work with ISTIO and Pulumi separately. We could combine them and see what happens.

I’ll probably be testing this today, but installing ISTIO with `kubectl`/`helm`, if it messes up Pulumi’s notion of state I’ll let you know

If current pulumi has issue with the auto injection of sidecar a fall back is to put the sidecar in the deployment definition so that it’s not being dynamically added at runtime.

That is at-least the theory our team was talking about when the subject came up

<@UCTBY7N3U> <@UCFDP1LUR> <@UCVL4L02F> no, sidecar injection is 100% compatible with Pulumi kubernetes

Our design set out with this goal explicitly enable this.

This is in contrast to Terraform, which is not compatible.

THe problem you may run into is that Istio involves ~23 new CRDs, none of which are encoded in our await logic yet.

<@UCVL4L02F> if you run into any problems please do file them and I’ll fix.

Thanks <@UBAJ7TD53>, I couldn’t make much progress because I’m trying to solve another problem: I created a vpc and eks cluster using Pulumi, installed istio using helm in a classic manner, in the terminal using `helm`, I started having timeouts on `pulumi destroy` and I see I can’t delet the vpc and it’s resource not even through aws console :disappointed:

Somehow there’s some resource holding some public address that doesn’t allowme to detach the internet gateway or the rest of the network part of the stack

Istio created ENI and security group that even though I’m admin I can’t delete :face_with_raised_eyebrow:

I made it, I had to delete an elb created I don’t know by who, so that I could delete the vpn.

I guess I have to install istio using pulumi

probably the install of istio has 1 or more services of type loadbalancer that get created as a part of installing istio