https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# general
s
This message was deleted.
a
Copy code
= aws:ec2/instance:Instance: (import)
        [id=i-0fd1d213dcf923405]
        [urn=urn:pulumi:qa::peopleticker::aws:ec2/instance:Instance::redis]
        [provider=urn:pulumi:qa::peopleticker::pulumi:providers:aws::default_0_18_27::5506e064-4ed2-477b-a936-fc0ed79587cf]
      ~ userData: "30621d02b5ac13e6f64317c24a64c73d15c3ca1a" => "30621d02b5ac13e6f64317c24a64c73d15c3ca1a"
On the left seems to be a sha on the right I passed the string value of that sha
This is what code is being run with the password secret changed to simply 
$PASSWORD
for obvious reasons
Copy code
const existingUserData = `Content-Type: multipart/mixed; boundary="MIMEBOUNDARY"
MIME-Version: 1.0

--MIMEBOUNDARY
Content-Disposition: attachment; filename="setup.cnf"
Content-Transfer-Encoding: 7bit
Content-Type: text/x-shellscript
Mime-Version: 1.0

#!/bin/bash -x
service redis-server stop

sed -i 's/^bind 127.0.0.1/bind 0.0.0.0/' /etc/redis/redis.conf

# Protect
if [[ 0 == "1" ]]; then
	sed -i 's/^# requirepass foobared/requirepass "$PASSWORD"/' /etc/redis/redis.conf
fi
# Do not protect
if [[ 0 == "0" ]]; then
	sed -i 's/^protected-mode yes/protected-mode no/' /etc/redis/redis.conf
fi

service redis-server start
--MIMEBOUNDARY--
`; 
  const redisInstance = new aws.ec2.Instance(
    "redis",
    {
      ami: tfRedisConfig.amiId,
      instanceType: tfRedisConfig.instanceType,
      subnetId: tfRedisConfig.subnetId,
      vpcSecurityGroupIds:[tfRedisSg.id],
      associatePublicIpAddress: false,
      userData: existingUserData,
      tags: {
        Name: `${tfRedisConfig.name}-redis-${tfRedisConfig.env}-${tfRedisConfig.awsRegion}`,
        Region: tfRedisConfig.awsRegion,
        Env: tfRedisConfig.env
      }
    },
    {
      import: "i-0fd1d213dcf923405",
      deleteBeforeReplace: false
    }
  );
I pulled that userdata directly from the running EC2 instance. It seems to me like it's comparing the literal value of the userdata to the sha of the userdata in ec2
a
Might've figured this one out by using 
aws ec2 describe-instance-attribute --instance-id INSTANCE_ID --attribute userData | jq '.UserData.Value' - -r | base64 -D | pbcopy
to grab exact value for user data.
w
Note that you can also add 
{ ignoreChanges: [“userData”] }
in the resource options to skip any perceived changes to the userData. You then can’t update this property via Pulumi (unless you remove the ignoreChanges) but that might be what you want here.
👍 1
a
Yea, the ignoreChanges is what I had to do. I couldn't figure out what changed which caused the problem
Open in Slack
PreviousNext
Powered by