tall-shoe-66375
03/25/2021, 2:17 PMbrave-planet-10645
03/25/2021, 2:19 PMtall-shoe-66375
03/25/2021, 2:20 PMbrave-planet-10645
03/25/2021, 2:20 PMconst stagingCertificate = new k8s.apiextensions.CustomResource("stagingCertificate", {
apiVersion: "<http://cert-manager.io/v1alpha2|cert-manager.io/v1alpha2>",
kind: "ClusterIssuer",
metadata: {
name: "letsencrypt-staging",
namespace: certManagerNamespace.metadata.name
},
spec: {
acme: {
server: "<https://acme-staging-v02.api.letsencrypt.org/directory>",
email: "<mailto:email@example.com|email@example.com>",
privateKeySecretRef: {
name: "letsencrypt-staging"
},
solvers: [
{
http01: {
ingress: {
class: "nginx"
}
}
}
]
}
}
}, {provider: args.provider, parent: chart});
tall-shoe-66375
03/25/2021, 2:21 PMpulumi import gcp:sql/databaseInstance:DatabaseInstance db_instance projects/mystical-moon-307818/instances/prod-mysql
gcp:sql:DatabaseInstance (db_instance):
error: gcp:sql/databaseInstance:DatabaseInstance resource 'db_instance' has a problem: AtLeastOne: "settings": one of `clone,settings` must be specified
error: gcp:sql/databaseInstance:DatabaseInstance resource 'db_instance' has a problem: AtLeastOne: "clone": one of `clone,settings` must be specified
error: Preview failed: one or more inputs failed to validate
loud-helicopter-75345
03/25/2021, 2:26 PMtall-shoe-66375
03/25/2021, 2:26 PMloud-helicopter-75345
03/25/2021, 2:28 PMbrave-planet-10645
03/25/2021, 2:28 PMconst chart = new k8s.helm.v3.Chart("certmanagerchart", {
fetchOpts: {
repo: "<https://charts.jetstack.io>"
},
chart: "cert-manager",
namespace: certManagerNamespace.metadata.name,
values: {
installCRDs: true
}
}, {
provider: provider
});
tall-shoe-66375
03/25/2021, 2:29 PMloud-helicopter-75345
03/25/2021, 2:29 PMtall-shoe-66375
03/25/2021, 2:30 PMloud-helicopter-75345
03/25/2021, 2:30 PMtall-shoe-66375
03/25/2021, 2:30 PMloud-helicopter-75345
03/25/2021, 2:30 PMtall-shoe-66375
03/25/2021, 2:30 PMbrave-planet-10645
03/25/2021, 2:31 PMtall-shoe-66375
03/25/2021, 2:32 PMError: invocation of kubernetes:helm:template returned an error: failed to generate YAML for specified Helm chart: failed to pull chart: non-absolute URLs should be in form of repo_name/path_to_chart, got: jetstack
brave-planet-10645
03/25/2021, 2:33 PMprovider
is correctly pointing to the correct oneloud-helicopter-75345
03/25/2021, 2:34 PMtall-shoe-66375
03/25/2021, 2:35 PMexport const cert_manager_controller = new k8s.helm.v3.Chart("cert_manager_controller",
{
namespace: cert_manager_namespace,
chart: cert_manager_repo,
version: certManagerChartVersion,
//fetchOpts: {repo: "<https://charts.jetstack.io>"},
values: {
set: {
installCRDS: true,
},
},
},
{provider: clusterProvider, dependsOn: [namespace_cert_manager]},
);
brave-planet-10645
03/25/2021, 2:36 PMconst nginxIngress = new k8s.helm.v3.Chart(`${name}-helm`, {
fetchOpts: {
repo: "<https://kubernetes.github.io/ingress-nginx>"
},
chart: "ingress-nginx",
namespace: ingressNamespace.metadata.name,
values: {
controller: {
replicaCount: 1,
nodeSelector: {
"<http://beta.kubernetes.io/os|beta.kubernetes.io/os>": "linux"
},
admissionWebhooks: {
patch: {
nodeSelector: {
"<http://beta.kubernetes.io/os|beta.kubernetes.io/os>": "linux"
}
}
}
},
defaultBackend: {
nodeSelector: {
"<http://beta.kubernetes.io/os|beta.kubernetes.io/os>": "linux"
}
}
}
}, {provider: provider});
fetchOpts
so it won't know where to go get the chart from. You'll need to specify the path:
const nginxIngress = new k8s.helm.v3.Chart("nginx-ingress", {
path: "./nginx-ingress",
});
tall-shoe-66375
03/25/2021, 2:37 PMloud-helicopter-75345
03/25/2021, 2:45 PMvalues: {
set: {
installCRDS: true,
},
},
I think it should just be:
values: {
installCRDS: true,
},
tall-shoe-66375
03/25/2021, 2:50 PM+ ββ kubernetes:<http://helm.sh/v3:Chart|helm.sh/v3:Chart> cert_manager_controller created
+ ββ kubernetes:core/v1:ServiceAccount cert-manager/cert_manager_controller-cert-manager-webhook **creating failed**
+ ββ kubernetes:<http://rbac.authorization.k8s.io/v1:ClusterRoleBinding|rbac.authorization.k8s.io/v1:ClusterRoleBinding> cert_manager_controller-cert-manager-controller-certificates **creating failed**
+ ββ kubernetes:core/v1:ServiceAccount cert-manager/cert_manager_controller-cert-manager-cainjector **creating failed**
+ ββ kubernetes:core/v1:ServiceAccount cert-manager/cert_manager_controller-cert-manager **creating failed**
loud-helicopter-75345
03/25/2021, 3:04 PMtall-shoe-66375
03/25/2021, 3:12 PMloud-helicopter-75345
03/25/2021, 3:24 PMtall-shoe-66375
03/25/2021, 3:29 PMNote: When running on GKE (Google Kubernetes Engine), you may encounter a 'permission denied' error when creating some of these resources. This is a nuance of the way GKE handles RBAC and IAM permissions, and as such you should 'elevate' your own privileges to that of a 'cluster-admin' before running the above command. If you have already run the above command, you should run them again after elevating your permissions:
kubernetes:apps/v1:Deployment (cert-manager/cert_manager_controller-cert-manager-cainjector):
error: resource cert-manager/cert_manager_controller-cert-manager-cainjector was not successfully created by the Kubernetes API server : Deployment.apps "cert_manager_controller-cert-manager-cainjector" is invalid: [metadata.name: Invalid value: "cert_manager_controller-cert-manager-cainjector": a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. '<http://example.com|example.com>', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'), spec.template.spec.serviceAccountName: Invalid value: "cert_manager_controller-cert-manager-cainjector": a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. '<http://example.com|example.com>', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')]
loud-helicopter-75345
03/26/2021, 4:23 PM