https://pulumi.com logo
Powered by
t

thankful-telephone-29600

06/11/2019, 9:54 PM
hey all - i stood up the eks example and i'm trying to deploy a helm chart like the example, except it's a different one. it's failing to start and i think it's my syntax.
Copy code
export const kubeconfig = cluster.kubeconfig;

const myk8s = new k8s.Provider("myk8s", {
    kubeconfig: cluster.kubeconfig.apply(JSON.stringify),
});

const nginx = new helm.v2.Chart("rancher-nginx", {
    namespace: "rancher",
    repo: "stable",
    chart: "nginx-ingress",
    values: {
        "rbac.create": "true"
    },
 }, { providers: { kubernetes: myk8s }});
Error is:
Copy code
F0611 21:51:10.809459       6 main.go:98] ✖ The cluster seems to be running with a restrictive Authorization mode and the Ingress controller does not have the required permissions to operate normally.
I'm trying to get the equivalent of this command: 
helm install stable/nginx-ingress --name my-nginx --set rbac.create=true
(from https://kubernetes.github.io/ingress-nginx/deploy/)
have to run but will check back later -- sorry for the n00bish question!
h

handsome-actor-1155

06/12/2019, 4:04 AM
Quick thought: try
Copy code
values: {
  rbac: {
    create: "true" 
 } 
}
t

thankful-telephone-29600

06/12/2019, 3:05 PM
that looks reasonable -- i tried it and get the same error. going to drop to helm
n

narrow-area-11460

06/12/2019, 3:57 PM
Copy code
const nginxingresscntlr = new k8s.helm.v2.Chart("nginxingresscontroller", {
  repo: "stable",
  chart: "nginx-ingress",
  version: "0.24.1",
  values: {},
}, { providers: { kubernetes: myk8s }});
try this - should work
once this works, then we can try with 
rbac create = true
also btw, why are you using nginx ingress -- if the idea is to use EKS, I would go with alb-ingress-controller which is supported by EKS and scales much better:
t

thankful-telephone-29600

06/12/2019, 4:56 PM
thanks for your suggestions! as far as the nginx choice, i was trying to install rancher2 on EKS, per https://forums.rancher.com/t/install-rancher-on-aws-eks/11637/4 -- i'm still completely new to EKS and pulumi; alb-ingress-controller sounds like the way to go for sure
i dropped down to helm and was able to install both, though i'm not sure i configured the ingress exactly right
n

narrow-area-11460

06/12/2019, 5:03 PM
you can test this -- you should be able to see the nginx controller in the namespace and the default backend
t

thankful-telephone-29600

06/12/2019, 5:06 PM
cool - i am able to hit the elb and i see 'default backend - 404' from what i can tell it seems like i have the ingress and service in different namespaces possibly
n

narrow-area-11460

06/12/2019, 5:07 PM
as long as your EKS cluster is running, you can slowly work the code in
and test the steps one at a time
try deploying an ingress
and see if it works
t

thankful-telephone-29600

06/12/2019, 5:08 PM
ok cool i feel more comfortable w whats going on. i'll start from there and see if i can get things tested, then try to write in pulumi
my assumption was some of my problems were with not having helm syntax correct for pulumi to evaluate the chart without using tiller -- do you think that's a safe assumption? i had trouble w other charts too
n

narrow-area-11460

06/12/2019, 5:11 PM
yes if the syntax is wrong, then you would have trouble but if you are using VSCode, it will immediately tell you whats wrong.
for eg. you used 
new helm.v2.Chart()
which is not correct syntax as you need to use the Pulumi kubernetes library imported as k8s
and a new instance of 
k8s.helm.v2.Chart ()
makes sense
the nice part is with pulumi you dont need tiller running
and the 
kubernetes
library converts the helm charts and reuses them
t

thankful-telephone-29600

06/12/2019, 5:13 PM
ok - vscode was happy with these imports: import * as
Copy code
awsx from "@pulumi/awsx";
import * as eks from "@pulumi/eks";
import * as k8s from "@pulumi/kubernetes";
import * as helm from "@pulumi/kubernetes/helm";
n

narrow-area-11460

06/12/2019, 5:14 PM
ah! I didn't even import helm
t

thankful-telephone-29600

06/12/2019, 5:14 PM
yeah i think that is what i wanted to dive deeper into - the translation of the chart by pulumi so it doesn't need to run the template through tiller
n

narrow-area-11460

06/12/2019, 5:14 PM
I just import k8s
t

thankful-telephone-29600

06/12/2019, 5:14 PM
i forgot i added that and it wasnt in the example
sorry
n

narrow-area-11460

06/12/2019, 5:14 PM
🙂
np at all - we are learning here!
t

thankful-telephone-29600

06/13/2019, 10:12 PM
any example of eks with the alb-ingress-controller out there that you know of? is it prebaked into the eks example already? i tried to add it in today and was running into problems
n

narrow-area-11460

06/13/2019, 10:17 PM
https://github.com/pulumi/pulumi-eks/issues/29 -- just realized we dont have a 1st class citizen yet -- coming soon. but you can manually do this for now: https://github.com/kubernetes-sigs/aws-alb-ingress-controller
💯 1
Powered by