https://pulumi.com logo
Powered by
g

great-refrigerator-15198

09/18/2018, 12:39 PM
Has anyone tried or know of some project using Istio + Pulumi in k8s/eks?
1
d

dry-pilot-73614

09/18/2018, 3:43 PM
I’ve been wondering how sidecar injection works with Pulumi. Would [automatic sidecar injection](https://istio.io/docs/setup/kubernetes/sidecar-injection/#automatic-sidecar-injection) mess with Pulumi’s notion of state?
👍 1
f

flaky-receptionist-88878

09/18/2018, 3:48 PM
good question!
I might be able to validate this in the next week. We’re currently doing POC work with ISTIO and Pulumi separately. We could combine them and see what happens.
g

great-refrigerator-15198

09/18/2018, 4:44 PM
I’ll probably be testing this today, but installing ISTIO with `kubectl`/`helm`, if it messes up Pulumi’s notion of state I’ll let you know
f

flaky-receptionist-88878

09/18/2018, 4:48 PM
👍
If current pulumi has issue with the auto injection of sidecar a fall back is to put the sidecar in the deployment definition so that it’s not being dynamically added at runtime.
g

great-refrigerator-15198

09/18/2018, 4:50 PM
mmmmm, I’ll keep that in mind, thanks
f

flaky-receptionist-88878

09/18/2018, 4:54 PM
That is at-least the theory our team was talking about when the subject came up
c

creamy-potato-29402

09/18/2018, 5:42 PM
@dry-pilot-73614 @flaky-receptionist-88878 @great-refrigerator-15198 no, sidecar injection is 100% compatible with Pulumi kubernetes
🔝 2
Our design set out with this goal explicitly enable this.
This is in contrast to Terraform, which is not compatible.
THe problem you may run into is that Istio involves ~23 new CRDs, none of which are encoded in our await logic yet.
@great-refrigerator-15198 if you run into any problems please do file them and I’ll fix.
g

great-refrigerator-15198

09/18/2018, 7:15 PM
Thanks @creamy-potato-29402, I couldn’t make much progress because I’m trying to solve another problem: I created a vpc and eks cluster using Pulumi, installed istio using helm in a classic manner, in the terminal using 
helm
, I started having timeouts on 
pulumi destroy
and I see I can’t delet the vpc and it’s resource not even through aws console 😞 Somehow there’s some resource holding some public address that doesn’t allowme to detach the internet gateway or the rest of the network part of the stack
Istio created ENI and security group that even though I’m admin I can’t delete 🤨
I made it, I had to delete an elb created I don’t know by who, so that I could delete the vpn. I guess I have to install istio using pulumi
f

flaky-receptionist-88878

09/18/2018, 10:50 PM
probably the install of istio has 1 or more services of type loadbalancer that get created as a part of installing istio
2 Views
Powered by