https://pulumi.com logo
Join Slack
Powered by
The reason I ask is yesterday it showed a new AMI ...
# general
d
The reason I ask is yesterday it showed a new AMI was used which is different from one of our other clusters and now the cluster is in a bad state
f
Maybe you’re also affected by this: https://github.com/pulumi/pulumi-eks/issues/84 ?
d
Holy shit..yes
Im running windows worker nodes
f
It’s also not immediately clear to me whether or not the ami is intended to be stable between pulumi updates
d
There are 2 issues..you don't want to update till you actually want to update and you cannot default to windows
How did that happen
f
d
Also I was running linux before that..so this is a crazy scenario
f
It seems that windows support was only added recently
But I assume it’s just because whatever API call they made before didn’t have a strict enough filter
d
Yes and whatever comes on the top wins
f
(And it was fine before since Linux was the only platform that was being used)
d
True..
f
there is a fix in the works it seems
I guess people that use pulumi for CD though got bitten by this
d
Luckily I didn't run this in production..
b
We have a fix in flight
d
Yes @breezy-hamburger-69619 following the PR 🙂
w
Definitely working to get a fix out here. Note that as a workaround - and in general to ensure you are always using a specific AMI that you specify - you can pass 
nodeAmiId
explicitly. For production installations, you most likely will want to do this so that you are in full control of the timing of new AMI rollouts to nodes.
👍 2
d
Absolutely..I think it should be made a requirement and not an optional to make sure best practices are followed
f
I don’t know if changing this behavior would break with how terraform does things, but I agree with @damp-book-35965. It seems like making the 
nodeAmiId
a mandatory field and moving the existing logic to an optional helper function would help prevent people from accidentally shooting themselves in the foot
Or maybe there could be a 
awsx.eks
package that has this behavior (since the theme of that package is “better defaults”)
w
Yes - that's something I do think we should consider. Feel free to open an issue to track.
b
Update: https://github.com/pulumi/pulumi-eks/pull/85 has merged, and we’ll be cutting a new release soon to include it.
f
b
Thank you @fierce-dinner-20116 for filing the very informative issue. It’s greatly appreciated!
b
@damp-book-35965 Meanwhile you can just pin the AMI to 
ami-032ed5525d4df2de3
.
👍 1
d
Yes doing exactly that..actually exposed a best practice for us..
So will be doing it for all clusters going forward
Open in Slack
PreviousNext
Powered by