https://pulumi.com logo
#general
Title
# general
b

big-piano-35669

10/26/2018, 5:35 PM
I'm not sure about that specific error (@microscopic-florist-22719, any idea?). Note that we have a component that makes creating EKS clusters much easier; see https://github.com/pulumi/examples/blob/96a59f4256412988e9d5d0f744905fe0b1a3b202/aws-ts-eks/index.ts#L8.
e

early-musician-41645

10/26/2018, 5:37 PM
That doesn't yet support userdata to run at worker node start-up, so I'm going the route of a separate cluster and Cloudformation template
w

white-balloon-205

10/26/2018, 5:41 PM
We can definitely add that support in the very near term if it is blocking. Probably easier to add that one small knob than to recreate the whole library yourself. You could also fork that library and make changes to it if thats helpful to unblock and get going right away?
You can look at how the
eks.Cluster
library handles all of this at https://github.com/pulumi/eks/blob/master/nodejs/eks/cluster.ts. In particular the `vcpConfig`: https://github.com/pulumi/eks/blob/master/nodejs/eks/cluster.ts#L190
e

early-musician-41645

10/26/2018, 5:44 PM
Thanks. I have a meeting now but will explore further on it
I've got a couple extra requirements - let me know how possible those are currently: - Install a set of packages (e.g.
yum install
) on all worker nodes in the autoscale group - Add some ingress rules, e.g. SSH for allowing worker-node access. I see the optional public-key option, but I don't see the accompanying ingress rule for port 22 - Run custom actions on all worker nodes, e.g.
curl
to install some specific drivers/volumes
If those aren't supported right now out of the box with the eks code, what could I expect for an ETA? All 3 of those are blockers for my use cases.
w

white-balloon-205

10/26/2018, 6:39 PM
Let me check with @microscopic-florist-22719 and we'll get back to you on an ETA. All should in principle be small additions to the library.
e

early-musician-41645

10/26/2018, 6:39 PM
thanks!
m

microscopic-florist-22719

10/26/2018, 8:22 PM
Working on the custom userdata now.
@early-musician-41645 this PR should address the userdata piece of this: https://github.com/pulumi/eks/pull/15
re: allowing ingress on port 22, you can do this today by creating a
SecurityGroupRule
after declaring the cluster
e.g.
Copy code
const cluster = new eks.Cluster("cluster", {
    nodePublicKey: fs.readFileSync("~/.ssh/id_rsa.pub").toString(),
});

// Allow SSH ingress.
new aws.ec2.SecurityGroupRule("ssh", {
    type: "ingress",
    fromPort: 22,
    toPort: 22,
    protocol: "tcp",
    securityGroupId: cluster.nodeSecurityGroup.id,
    cidrBlocks: [ "0.0.0.0/0" ],
});
I originally opted not to add this rule by default because it's quite permissive w.r.t. the allowed source IPs
But we can always add this and throw it under a flag.
e

early-musician-41645

10/29/2018, 5:20 PM
@microscopic-florist-22719 Thanks! I just saw the merge for the fix of issue #14, looks great. Can you post a sample of how to use the
new eks.Cluster
with the
nodeUserData
in the docs somewhere, or in an example?
Also, I just tried an
npm install
of the eks module but it's not getting the change for
nodeUserData
, e.g.
Copy code
Object literal may only specify known properties, and 'nodeUserData' does not exist in type 'ClusterOptions'.
m

microscopic-florist-22719

10/29/2018, 6:03 PM
You'll need to be on the
dev
label. So your package.json should include a line like
"@pulumi/eks": "dev"
@white-balloon-205 what do you think about cutting a new release of
@pulumi/eks
?
@early-musician-41645 here's an example of using `nodeUserData`:
Copy code
// Create an EKS cluster with the default configuration.
const cluster = new eks.Cluster("cluster", {
    nodeUserData: `#!/bin/python

from __future__ import print_function

print("hello, world!")
`
});
If you just need to run shell commands, you can change the interpreter directive to
#!/bin/bash
and add whatever invocations you need
e

early-musician-41645

10/29/2018, 6:53 PM
okay, I'll try the dev label
Maybe I didn't do it right?
Copy code
$ cat package.json
{
  "name": "eks-cluster",
  "devDependencies": {
    "@types/node": "latest"
  },
  "dependencies": {
    "@pulumi/aws": "latest",
    "@pulumi/eks": "dev",
    "@pulumi/pulumi": "latest"
  }
}
followed by
npm install
Same error - did I miss a step?
m

microscopic-florist-22719

10/29/2018, 7:12 PM
No, that should be correct. I’m at lunch at the moment—I’ll look into this as soon as I’m back at a workstation.
@early-musician-41645 we've just published a new version of
@pulumi/eks
with the
nodeUserData
change. Updating to
v0.16.1
should work.