# general
Is the only option to shell out to kubectl?
@white-balloon-205 apologies for the @mention but the above is another common pattern I'm seeing and hoping for some direction / ideas
Is there a "nice" way to do read-modify-write / patching of existing k8s resources with pulumi?
If it means shelling out, then even that could do with some help from pulumi, making "kubectl" more first class?
It would be good to open an issue in pulumi-kubernetes with details of the use cases here. We did add a
function to the Kubernetes provider related to this - but I'm not sure it really completely solves for common scenarios - and would love to have an issue tracking these to make sure we think about what a great solution here would look like. https://github.com/pulumi/pulumi-kubernetes/pull/579
This is killing us a bit. We've written our own Python eks pulumi library that stands up the control plane/worker nodes, and we're flying with it, however we have a massive hole in our upgrade story as we're unable to nicely upgrade kube-proxy/coredns/aws-vpc-cni.
You can see how this is handled in the
package for Node.js here: https://github.com/pulumi/pulumi-eks/blob/master/nodejs/eks/cni.ts#L160
You should be able to do the same from a Python package.
Very intimately familiar, we've written our own dynamic provider code using a python kubernetes lib (instead of shelling out). just unfortunate that it has to be done that way.
FWIW - this is an issue tracking this - definitely feel free to add a note about your scenario and an upvote: https://github.com/pulumi/pulumi-kubernetes/issues/264
❤️ 1