Hi there I m trying to create a k8s Cluster on DigitalOcean Pulumi Community #typescript

Hi there, I’m trying to create a k8s Cluster on D...

numerous-airport-64744

01/27/2020, 9:26 PM

Hi there, I’m trying to create a k8s Cluster on DigitalOcean and then provision stuff using the k8s provider. This actually works fine for 7 days and then I got a problem: DO only generates kubeconfigs that at valid for 7 days so after a week the credentials I get from the cluster resource are no longer valid because the credentials are not updated on every run and

cluster.kubeConfigs[0].rawConfig

always returns the credentials from the time the cluster was actually created. I tried to get the credentials by using a data source but I still have 2 problems with it: • I’m unable to create a data source for the cluster from the generated name because GetKubernetesClusterArgs does not accept Output<string> as a name and my clusters name is dynamic. • If I hard code the cluster name after it is being created the kubeconfig property of the k8s provider is changed on every

pulumi up

pulumi:providers:kubernetes k8s updated [diff: ~kubeconfig]

Here are the relevant parts for clarification:

Copy code

const cluster = new digitalocean.KubernetesCluster("cluster", {...});
const clusterDataSource = digitalocean.getKubernetesCluster({ name: cluster.name }); // error TS2322: Type 'Output<string>' is not assignable to type 'string'.
const kubeConfig = clusterDataSource.kubeConfigs[0].rawConfig;
const k8sProvider = new k8s.Provider("k8s", { kubeconfig: kubeConfig });

Any idea how to solve those two issues - primarily of course dynamic cluster name?

gorgeous-egg-16927

01/27/2020, 11:14 PM

This worked for me once the cluster was created.

Copy code

const clusterDataSource = cluster.name.apply(name => digitalocean.getKubernetesCluster({name}));
const kubeconfig = clusterDataSource.kubeConfigs[0].rawConfig;

gorgeous-egg-16927

01/27/2020, 11:15 PM

The

certificate-authority-data

field changes on every update, but shouldn’t affect things otherwise AFAICT

gorgeous-egg-16927

01/27/2020, 11:36 PM

I was getting an error on

getKubernetesCluster

if the cluster didn’t exist yet, but this should do the trick:

Copy code

const cluster = new digitalocean.KubernetesCluster("do-cluster", {
    region: digitalocean.Regions.SFO2,
    version: digitalocean.getKubernetesVersions({versionPrefix: "1.16"}).then(p => p.latestVersion),
    nodePool: {
        name: "default",
        size: digitalocean.DropletSlugs.DropletS2VCPU2GB,
        nodeCount: 2,
    },
});
const kubeconfig = cluster.status.apply(status => {
    if (status === 'running') {
        const clusterDataSource = cluster.name.apply(name => digitalocean.getKubernetesCluster({name}));
        return clusterDataSource.kubeConfigs[0].rawConfig;
    } else {
        return cluster.kubeConfigs[0].rawConfig;
    }
});
const provider = new k8s.Provider("k8s", {kubeconfig});

numerous-airport-64744

01/27/2020, 11:51 PM

Thank you @gorgeous-egg-16927! Didn’t try it with a new cluster yet but so far it seems to work.

🎉 1

numerous-airport-64744

01/27/2020, 11:53 PM

I also figured out how to avoid the diff on kubeconfig everytime:

new k8s.Provider("k8s", {kubeconfig}, { ignoreChanges: ["kubeconfig"] });

Not sure if this will have some side effects but for now it seems to work.

gorgeous-egg-16927

01/27/2020, 11:56 PM

The provider has logic to replace resources if the underlying cluster changes. We try to detect that from the kubeconfig, so

ignoreChanges

will bypass that checking. As long as you’re aware of that, should be fine

Open in Slack

Previous Next