https://pulumi.com logo
Join Slack
Powered by
I am trying to create a new stack. After running `...
# general
f
I am trying to create a new stack. After running 
pulumi up
, I receive this message in the preview.
Copy code
error: Running program '/home/kenny/compute_software/infrastructure/pulumi-k8s-src' failed with an unhandled exception:
    Error: invocation of aws:ec2/getSubnet:getSubnet returned an error: invoking aws:ec2/getSubnet:getSubnet: multiple subnets matched; use additional constraints to reduce matches to a single subnet
        at monitor.invoke (/home/kenny/compute_software/infrastructure/pulumi-k8s-src/node_modules/@pulumi/pulumi/runtime/invoke.js:74:33)
        at Object.onReceiveStatus (/home/kenny/compute_software/infrastructure/pulumi-k8s-src/node_modules/grpc/src/client_interceptors.js:1205:9)
        at InterceptingListener._callNext (/home/kenny/compute_software/infrastructure/pulumi-k8s-src/node_modules/grpc/src/client_interceptors.js:568:42)
        at InterceptingListener.onReceiveStatus (/home/kenny/compute_software/infrastructure/pulumi-k8s-src/node_modules/grpc/src/client_interceptors.js:618:8)
        at callback (/home/kenny/compute_software/infrastructure/pulumi-k8s-src/node_modules/grpc/src/client_interceptors.js:845:24)
I've never received an exception during the preview. None of those lines in the stack trace are pointing to my code. Any idea what could cause this?
c
this error is saying that you are not providing enough information to select a single subnet.
f
What is selecting a subnet?
Perhaps I don't understand what subnet selection means... But all the subnets in my stack should be computed off a previous resource.
c
I don’t know. You’re not calling 
get
anywhere in your code?
f
Yes - in a few places.
c
are you getting a subnet?
f
No. 
aws.cloudformation.Stack.get
and 
aws.acm.getCertificate
c
are you using aws or awsx
f
Both
c
could this be coming from awsx?
f
Possibly. Hard to tell given this stacktrace.
I think I have an idea. I have a 
pulumi.ComponentResource
that calls 
awsx.ec2.Vpc.fromExistingIds
in the constructor. Perhaps this is getting called during the preview? Would that be a problem?
Though the error occurs on this line in the preview:
Copy code
+   pulumi:pulumi:Stack                                            vm-scaler-prod                                      create     1 error; 2 messages
 +   │  ├─ kubernetes:<http://rbac.authorization.k8s.io:ClusterRoleBinding|rbac.authorization.k8s.io:ClusterRoleBinding>  dd-agent-kube-state-metrics                         create     
 +   │  ├─ kubernetes:extensions:Deployment                         dd-agent-kube-state-metrics                         create     
 +   │  ├─ kubernetes:<http://rbac.authorization.k8s.io:ClusterRole|rbac.authorization.k8s.io:ClusterRole>         dd-agent-datadog                                    create     
 +   │  ├─ kubernetes:<http://rbac.authorization.k8s.io:ClusterRole|rbac.authorization.k8s.io:ClusterRole>         dd-agent-kube-state-metrics                         create     
 +   │  └─ kubernetes:extensions:DaemonSet                          dd-agent-datadog                                    create
c
hard to say for sure. @lemon-spoon-91807?
l
Looking!
f
Going to try the classic debugging technique of commenting everything out until I figure out who is causing this.
l
so we definitely call "awsec2/getSubnetgetSubnet" if you call Vpc.fromExistingIds
going to go googling about the error you ran into
f
I know that I don't call 
getSubnet
in my code.
This error occurs when this call exists:
Copy code
eksCluster.createNodeGroup(`k8s-${env}-ng`, {
        instanceType: "c5.2xlarge",
        desiredCapacity: k8sNodeCount || 3,
        minSize: 1,
        maxSize: k8sNodeCount || 3,
        instanceProfile: eksInstanceProfile,
        // autoScalingGroupTags: envTags,
        // cloudFormationTags: envTags
    });
Commenting out that block removes the error.
l
not sure about that last bit. @creamy-potato-29402 may know more there.
however, for your getSubnet issue, i have something we can try
f
This is how I create the eks cluster:
Copy code
eksCluster = new eks.Cluster(`k8s-cluster-${env}`, {
        vpcId: vpc.id,
        subnetIds: vpc.publicSubnetIds,
        deployDashboard: false,
        skipDefaultNodeGroup: true,
        instanceRoles: [eksRole1],
        tags: envTags
    });
vpc
is an `awsx.ec2.Vpc`that is outputted from a 
pulumi.ComponentResource
.
l
Quick question though (though it may not be quick)
do you know what subnetId is being used here? and is it possible that that subnetId isn't unique in your aws infrastructure?
f
The subnet id is an ouput from a CloudFormation stack
Copy code
const vpcId = storageStack.outputs.apply(o => o["VpcId"]);
const subnetIds = [
            storageStack.outputs.apply(o => o["Subnet0"]),
            storageStack.outputs.apply(o => o["Subnet1"]),
            storageStack.outputs.apply(o => o["Subnet2"])
        ];
this.vpc = awsx.ec2.Vpc.fromExistingIds(`${name}-vpc`, {
            vpcId: vpcId,
            publicSubnetIds: subnetIds,
        }, {parent: this});
That's in my 
ComponentResource
ctor ^
l
right.
f
So the subnet ids have not been created yet
l
minor thing, that can be simplified (if you're on a recent pulumi) to:
storageStack.outputs.VpcId
👍 1
interesting. i wonder if this is actually passing 'undefined' along.
f
It feels like that
l
and i wonder what happens. then. since getSubnet just calls DescribeSubnets... i imagine that it might then return all the subnets (and then cause this error).
f
l
do you need the Vpc?
as opposed to just exposing the VpcId?
i see why you want to do this. but i think it's a hole in our system afaict.
f
I suppose I could. It's useful to have the 
Vpc
though.
I'd also need to expose the subnet ids.
l
yup. i see totally why you'd want to be able to do this (and the code seems totally reasonable)
yes. this is a hole. i'll file an issue
👍 1
basically, you have the "i'm going to use Cloudformation to make something, hten i want to create the rich resources from it"
"and i don't want it to die during preview" 🙂
very interesting case
sorry!
Can you give me your github alias again?
f
kennyjwilli
l
thanks!
i promise, i'll only ask you 5 more times
😂 1
are you ok with the workaround for now?
unfortunately, i have no better ideas, and this isn't a case of a quick fix
we'll have to design something appropriate here.
f
Yeah. Need to change how some downstream components work for now but that's ok.
l
alternative is to do things in waves. i.e. run your app to make the cloudformation stack
then run again, this time able to use Vpc.fromExistingIds. because now it will be there.
8 Views
Open in Slack
PreviousNext
Powered by