https://pulumi.com logo
Powered by
Title
b

bumpy-summer-9075

04/20/2021, 12:40 AM
Is there a way to do this ins Pulumi? 
provider "kubernetes" {
  load_config_file       = "false"
  host                   = data.aws_eks_cluster.cluster.endpoint
  token                  = data.aws_eks_cluster_auth.cluster.token
  cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
}
From what I can see from the documentation, I need to provide a kubeconfig, which is not really doable since the kubeconfig that is given by terraform's eks module requires 
aws-iam-authenticator
b

billowy-army-68599

04/20/2021, 12:43 AM
aws-iam-authenticator
is (I believe) deprecated. You can build a Pulumi provider from our EKS module pretty easily - which language SDK are you uisng?
b

bumpy-summer-9075

04/20/2021, 12:49 AM
my EKS cluster is managed by Terraform right now 😕 I'm using TS
b

billowy-army-68599

04/20/2021, 12:49 AM
are you trying to rebuild the components from terraform?
b

bumpy-summer-9075

04/20/2021, 12:49 AM
https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=outputs The kubeconfig from that module uses aws-iam-authenticator, which is frankly annoying.
I'm not sure what you mean by rebuild the components
b

billowy-army-68599

04/20/2021, 12:50 AM
do you have an existing 
kubeconfig
you want to use?
b

bumpy-summer-9075

04/20/2021, 12:51 AM
No. I used the 
kubeconfig
output from that Terraform module but I don't even use that within Terraform (I used what I posted in the initial message) in the TF Kubernetes provider
I would actually even prefer to manage the EKS cluster using pulumi, but that would be quite a massive endeavour to import into Pulumi. It would probably be easier to delete the cluster from TF, and re-create it using Pulumi
b

billowy-army-68599

04/20/2021, 12:54 AM
i'm assuming here you want to use the existing cluster defined in terraform and then create a Pulumi provider to create Kubernetes resources, in which case, you have 2 options: run 
aws eks update-kubeconfig --name <your cluster name> --kubeconfig /tmp/kube
which will generate you a kubeconfig you can use pulumi-terraform to grab the outputs and build the provider manually like you do in terraform
b

bumpy-summer-9075

04/20/2021, 12:55 AM
you can use pulumi-terraform to grab the outputs and build the provider manually like you do in terraform
This is exactly what I would like to do
The K8S provider in Terraform accepts inputs such as 
token
, the Pulumi one does not, so I don't know if this is doable at this time
b

billowy-army-68599

04/20/2021, 12:56 AM
it doesn't, we don't build our Kubernetes provider from the terraform one, you'll need to generate a kubeconfig somehow
now I realise it, I don't think you can do option 2 without doing a bunch of manual querying...
b

bumpy-summer-9075

04/20/2021, 12:59 AM
I don't think the aws-iam-authenticator is deprecated: https://github.com/kubernetes-sigs/aws-iam-authenticator (but man, it should never has existed...)
b

billowy-army-68599

04/20/2021, 1:01 AM
if you run 
aws eks get-kubeconfig
it'll get you a valid kubernetes kubeconfig which you can pass to Pulumi, I would highly recommend that approach
b

bumpy-summer-9075

04/20/2021, 1:05 AM
Yeah that's what I'll do. I was hoping to reduce the number of external dependencies (since 
aws eks update-kubeconfig
requires 
kubectl
) Cheers 🙂
#generalJoin Slack
Powered by