https://pulumi.com logo
Title
s

swift-intern-18856

12/09/2021, 5:53 PM
I think there’s a regression here with the EKS provider? https://github.com/pulumi/pulumi-eks/issues/88 An update to the ami on our nodes in our non production cluster just caused all the nodes to roll. Thankfully I caught this in non-prod but super scary!! You can see the replace strategy on imageId in the plan for our production cluster here:
Previewing update (base.prod):
     Type                                     Name                                               Plan        Info
     pulumi:pulumi:Stack                      yd-base-base.prod
     └─ yd:eks:Cluster                        yd-eks
        └─ eks:index:Cluster                  yd-eks
           ├─ eks:index:NodeGroup             yd-eks-nodes-datomic-http
 +-        │  ├─ aws:ec2:LaunchConfiguration  yd-eks-nodes-datomic-http-nodeLaunchConfiguration  replace     [diff: ~imageId]
 ~         │  └─ aws:cloudformation:Stack     yd-eks-nodes-datomic-http-nodes                    update      [diff: ~templateBody]
           └─ eks:index:NodeGroup             yd-eks-nodes-default
 +-           ├─ aws:ec2:LaunchConfiguration  yd-eks-nodes-default-nodeLaunchConfiguration       replace     [diff: ~imageId]
 ~            └─ aws:cloudformation:Stack     yd-eks-nodes-default-nodes                         update      [diff: ~templateBody]
b

billowy-army-68599

12/09/2021, 5:54 PM
@swift-intern-18856 are you hardcoding your AMI or allowing it to pull the latest? this doesn't look like a regression, it's expected behaviour as far as I'm aware
s

swift-intern-18856

12/09/2021, 5:54 PM
am i understanding the resolution of the linked ticket incorrectly?
it seems to suggest image id will be ignored after the cluster is created
b

billowy-army-68599

12/09/2021, 5:57 PM
the linked issue is from 2019, I believe we changed the behaviour since then again because otherwise it becomes difficult to update a launchconfiguration ami id
in any case, it's relatively easy to fix by specifying an amiId
❤️ 1
s

swift-intern-18856

12/09/2021, 5:59 PM
okay yeah, not hard to specify
a little surprising that that’s the default behavior, kinda agree with the original ticket that’s a huge foot gun
thanks for your help!
r

rich-businessperson-35436

12/10/2021, 12:21 PM
@swift-intern-18856 btw a complete node roll is normal and healthy in kubernetes. If you can't roll you got problems that will bite you eventually. Unplanned version upgrades... not so much. I can see why people want this but it seems a not grow defailt