wide-judge-30323
09/06/2019, 3:48 AMService
created without helm.
I've recently upgraded pulumi to 1.0 - This cluster has been running for some time, and updates have been ok till now - although we did experience a similar thing when pulumi updated the AMI for the EKS cluster.
Has anyone else observed something similar?white-balloon-205
@pulumi/eks
?wide-judge-30323
09/06/2019, 3:58 AM~ aws:ec2/securityGroup:SecurityGroup: (update)
[id=sg-01290dc7456d80e3a]
[urn=urn:pulumi:prod::insights-base::eks:index:Cluster$aws:ec2/securityGroup:SecurityGroup::cluster-nodeSecurityGroup]
description : "Managed by Pulumi"
egress : [
[0]: {
cidrBlocks : [
[0]: "0.0.0.0/0"
]
description: "Allow internet access."
fromPort : 0
protocol : "-1"
self : false
toPort : 0
}
]
ingress : [
[0]: {
description: "Allow nodes to communicate with each other"
fromPort : 0
protocol : "-1"
self : true
toPort : 0
}
[1]: {
description : "Allow worker Kubelets and pods to receive communication from the cluster control plane"
fromPort : 1025
protocol : "tcp"
securityGroups: [
[0]: "sg-02442ca8c9d39cd06"
]
self : false
toPort : 65535
}
[2]: {
description : "Allow pods running extension API servers on port 443 to receive communication from cluster control plane"
fromPort : 443
protocol : "tcp"
securityGroups: [
[0]: "sg-02442ca8c9d39cd06"
]
self : false
toPort : 443
}
]
name : "cluster-nodeSecurityGroup-bb73210"
revokeRulesOnDelete: false
tags : {
<http://kubernetes.io/cluster/cluster-eksCluster-50e3f63|kubernetes.io/cluster/cluster-eksCluster-50e3f63>: "owned"
}
vpcId : "vpc-8194a0e8"
white-balloon-205
@pulumi/EKS
are you using? Versions since 0.18.3
have managed these rules independently from the security group. Also see https://github.com/pulumi/pulumi-eks/blob/master/CHANGELOG.md#0185-released-may-09-2019.wide-judge-30323
09/06/2019, 4:20 AMāā eks:index:Cluster cluster
~ ā āā aws:ec2:SecurityGroup cluster-nodeSecurityGroup update
white-balloon-205
wide-judge-30323
09/06/2019, 4:46 AM