important-leather-28796
03/12/2019, 10:51 PMConfigFile
with the published manifests, and optionally using a transformation
. I had assumed the helm approach to be easier - but surprised to find it the other way around. If anyone has issues with those two components, let me know. I put in quite a bit of time learning the ins-and-outs of pulumi with them and getting them running properly, which actually ended up being quite easy in hindsight. My new approach to anything will be to look at the component and manifests first, then go from there.creamy-potato-29402
03/12/2019, 10:52 PMhelm template
?important-leather-28796
03/12/2019, 10:54 PM// Install the CustomResourceDefinitions and cert-manager itself
const certManager = new k8s.yaml.ConfigFile(
'<https://raw.githubusercontent.com/jetstack/cert-manager/release-0.7/deploy/manifests/cert-manager.yaml>',
undefined,
{ parent: this },
)
creamy-potato-29402
03/12/2019, 11:00 PMimportant-leather-28796
03/12/2019, 11:02 PMorange-tailor-85423
03/12/2019, 11:12 PMcreamy-potato-29402
03/12/2019, 11:13 PMmillions-judge-24978
03/12/2019, 11:13 PMorange-tailor-85423
03/12/2019, 11:13 PMcreamy-potato-29402
03/12/2019, 11:14 PMdependsOn
does not set the namespaceorange-tailor-85423
03/12/2019, 11:14 PMcreamy-potato-29402
03/12/2019, 11:14 PMorange-tailor-85423
03/12/2019, 11:14 PMmillions-judge-24978
03/12/2019, 11:14 PMnamespace
input field does not actually cause the resources to end up there. Instead I do this:
transformations: [(y) => {
y.metadata.namespace = 'kube-system'; // eslint-disable-line
}],
creamy-potato-29402
03/12/2019, 11:14 PMmillions-judge-24978
03/12/2019, 11:15 PMtransformations
hack to actually change them.orange-tailor-85423
03/12/2019, 11:15 PMmillions-judge-24978
03/12/2019, 11:16 PMnamespace: kube-system
on the k8s.helm.v2.Chart
, since the chart may interpolate on .Release.namespace
namespace: kube-system
, and no transformations
type hackorange-tailor-85423
03/12/2019, 11:16 PMmillions-judge-24978
03/12/2019, 11:17 PMconst chartIgnored = new k8s.helm.v2.Chart('ingress', {
repo: 'incubator',
chart: 'aws-alb-ingress-controller',
version: '0.1.4',
namespace: 'kube-system',
values: {
clusterName: name,
autoDiscoverAwsRegion: true,
autoDiscoverAwsVpcID: true,
},
transformations: [(y) => {
y.metadata.namespace = 'kube-system'; // eslint-disable-line
}],
}, defaultOpts);
creamy-potato-29402
03/12/2019, 11:17 PMnamespace: kube-system
thing, but this week is very likely to fix the transforms stuff.namespace: kube-system
thing is so, so annoying, because it’s something helm shoudl be doing itself, and we’ll have to work around.millions-judge-24978
03/12/2019, 11:18 PMtransformations: [(y) => {
// Fix stupid name changing
if (y.kind === 'Pod' && y.metadata.name.indexOf('jenkins-ui-test') !== -1) {
y.metadata.name = 'jenkins-ui-test'; // eslint-disable-line
}
}],
The jenkins helm chart has a pod that gets random characters appended to its name, causing a constant diff. This fixes it.orange-tailor-85423
03/12/2019, 11:21 PMexport function Install(
name: string,
kubestateMetricsVersion: string,
version: string,
licenseKey: string,
env: string,
cluster: k8s.Provider
): k8s.helm.v2.Chart {
const namespace = new k8s.core.v1.Namespace(
`newrelic3`,
{
metadata: { name: `newrelic3` }
},
{ provider: cluster }
);
new k8s.helm.v2.Chart(
name,
{
repo: 'stable',
chart: 'kube-state-metrics',
version: kubestateMetricsVersion,
namespace: 'newrelic3'
},
{
dependsOn: [namespace],
providers: { kubernetes: cluster }
}
);
return new k8s.helm.v2.Chart(
`${name}-infra`,
{
repo: 'stable',
chart: 'newrelic-infrastructure',
namespace: 'newrelic3',
version,
values: { licenseKey, cluster: env }
},
{
dependsOn: [namespace],
providers: { kubernetes: cluster }
}
);
}
Type Name Plan Info
pulumi:pulumi:Stack drogon-casey-robertson
> ├─ pulumi:pulumi:StackReference networkStorageCluster read
+ ├─ kubernetes:core:Namespace newrelic3 create
├─ kubernetes:helm.sh:Chart newrelic-infra
~ │ └─ kubernetes:<http://rbac.authorization.k8s.io:ClusterRoleBinding|rbac.authorization.k8s.io:ClusterRoleBinding> newrelic-infra-newrelic-infrastructure update [diff: ~subjects]
├─ kubernetes:helm.sh:Chart newrelic
~ │ └─ kubernetes:<http://rbac.authorization.k8s.io:ClusterRoleBinding|rbac.authorization.k8s.io:ClusterRoleBinding> newrelic-kube-state-metrics update [diff: ~subjects]
- └─ kubernetes:core:Namespace newrelic2 delete
Resources:
+ 1 to create
~ 2 to update
- 1 to delete
millions-judge-24978
03/12/2019, 11:23 PMtransformations
hack:
return new k8s.helm.v2.Chart(
`${name}-infra`,
{
repo: 'stable',
chart: 'newrelic-infrastructure',
namespace: 'newrelic3',
version,
values: { licenseKey, cluster: env },
transformations: [(y) => {
y.metadata.namespace = 'newrelic3'; // eslint-disable-line
}],
},
{
dependsOn: [namespace],
providers: { kubernetes: cluster }
}
);
creamy-potato-29402
03/12/2019, 11:25 PMmillions-judge-24978
03/12/2019, 11:27 PMcreamy-potato-29402
03/12/2019, 11:28 PMorange-tailor-85423
03/12/2019, 11:29 PMmillions-judge-24978
03/12/2019, 11:30 PMorange-tailor-85423
03/12/2019, 11:59 PM