i've got a strange issue where pulumi keeps wantin...
# generalb
better-rainbow-14549
12/13/2018, 4:08 PMi've got a strange issue where pulumi keeps wanting to create kubernetes resources that already exist, but only if i run pulumi from a different machine (with shared state files). i assume it's a permissions issue of some sort but afaict pulumi's using the same ARM_CLIENT_ID etc. on both machiens and I haven't got anywhere with fixing it. any ideas please?
m
microscopic-florist-22719
12/13/2018, 7:20 PM
@gorgeous-egg-16927 any ideas?
g
gorgeous-egg-16927
12/14/2018, 12:02 AMMy guess would be something to do with the kubeconfig you're using @better-rainbow-14549 -- If you don't have the provider field specified for the k8s resources you're creating, it defaults to using the ambient k8s creds/context. That can lead to weird results where it deploys some of the resources to an unintended cluster. We're working to make that experience better in the near future.
gorgeous-egg-16927
12/14/2018, 12:02 AMhttps://github.com/pulumi/examples/blob/ca1269141f085762ac5bc003da288270b35f11c2/azure-ts-aks-mean/index.ts#L34 is an example of the provider field I'm talking about
b
better-rainbow-14549
12/14/2018, 10:36 AMyou were spot on about the providers, i'd missed it on one resource and when i ran it outside of CI they were going to a different cluster entirely!
better-rainbow-14549
12/14/2018, 10:36 AMi still have this problem though:
better-rainbow-14549
12/14/2018, 10:37 AM2018-12-14T103217.4224963Z ++ kubernetes:apiextensions.k8s.io:CustomResourceDefinition azureassignedidentities.aadpodidentity.k8s.io creating replacement [diff: ~provider]
2018-12-14T103217.4829687Z ++ kubernetes:apiextensions.k8s.io:CustomResourceDefinition azureidentitybindings.aadpodidentity.k8s.io creating replacement [diff: ~provider]
2018-12-14T103217.5532715Z ++ kubernetes:apiextensions.k8s.io:CustomResourceDefinition azureassignedidentities.aadpodidentity.k8s.io creating replacement [diff: ~provider]; error: Plan apply failed: customresourcedefinitions.apiextensions.k8s.io "azureassignedidentities.aadpodidentity.k8s.io" already exists
2018-12-14T103217.5535141Z ++ kubernetes:apiextensions.k8s.io:CustomResourceDefinition azureassignedidentities.aadpodidentity.k8s.io creating failed [diff: ~provider]; error: Plan apply failed: customresourcedefinitions.apiextensions.k8s.io "azureassignedidentities.aadpodidentity.k8s.io" already exists
2018-12-14T103217.5850312Z ++ kubernetes:apiextensions.k8s.io:CustomResourceDefinition azureidentitybindings.aadpodidentity.k8s.io creating replacement [diff: ~provider]; error: Plan apply failed: customresourcedefinitions.apiextensions.k8s.io "azureidentitybindings.aadpodidentity.k8s.io" already exists
2018-12-14T103217.5852450Z ++ kubernetes:apiextensions.k8s.io:CustomResourceDefinition azureidentitybindings.aadpodidentity.k8s.io creating failed [diff: ~provider]; error: Plan apply failed: customresourcedefinitions.apiextensions.k8s.io "azureidentitybindings.aadpodidentity.k8s.io" already exists
2018-12-14T103217.6527655Z pulumipulumiStack goodfellow-dev-goodfellow-dev
2018-12-14T103217.6528561Z
2018-12-14T103217.6528791Z Diagnostics:
2018-12-14T103217.6529188Z kubernetes:apiextensions.k8s.io:CustomResourceDefinition (azureassignedidentities.aadpodidentity.k8s.io):
2018-12-14T103217.6529473Z error: Plan apply failed: customresourcedefinitions.apiextensions.k8s.io "azureassignedidentities.aadpodidentity.k8s.io" already exists
2018-12-14T103217.6529676Z
2018-12-14T103217.6529889Z kubernetes:apiextensions.k8s.io:CustomResourceDefinition (azureidentitybindings.aadpodidentity.k8s.io):
2018-12-14T103217.6530559Z error: Plan apply failed: customresourcedefinitions.apiextensions.k8s.io "azureidentitybindings.aadpodidentity.k8s.io" already exists
better-rainbow-14549
12/14/2018, 11:17 AMi just manually patched the provider: in the state file... nothing i tried would make it delete the CRD before updating them, maybe that's simply not possible? or could this be a bug?
g
gorgeous-egg-16927
12/14/2018, 5:28 PM@creamy-potato-29402 ^ What's the expected behavior for CRDs?
c
creamy-potato-29402
12/14/2018, 5:32 PMWhat are you trying to do
creamy-potato-29402
12/14/2018, 5:34 PMWhat does the plan look like
b
better-rainbow-14549
01/17/2019, 8:30 PMI narrowed this issue to a couple of things - i had a CRD where i hadn't specified the provider so it was using the one from my KUBECONFIG env var... despite that not being a cluster i was using with pulumi. the second was i was doing kubernetes.Namespace.getNamespace() and that doesn't let you specify a provider at all, it was doing the same
better-rainbow-14549
01/17/2019, 8:30 PMfixed the first one but the second is still ongoing - i can't see a way to get a reference to a namespace that already exists without it falling back to the env cluster
c
creamy-potato-29402
01/17/2019, 8:54 PM@sparse-insurance-40223 second issue shoudl be resolved in the last release.
creamy-potato-29402
01/17/2019, 8:54 PMFirst issue I will take back to the team and use as evidence that we should have better ambient provider support.
👍 1