https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# kubernetes
s
This message was deleted.
p
this is what i get every time on second run of 
pulumi up
with code unchanged
in k8s the resource (being a crd instance) has no namespace as part of its name
Copy code
01:42:55 bmeehan@_ip-10-232-32-165:~$ kubectl get -A ingressclassparams

NAME                       GROUP-NAME   SCHEME   IP-ADDRESS-TYPE   AGE
alb-ingress-class-params                                           6m55s
01:43:11 bmeehan@_ip-10-232-32-165:~$
Copy code
02:04:03 bmeehan@_ip-10-232-32-165:~$ kubectl describe -A ingressclassparams alb-ingress-class-params
Name:         alb-ingress-class-params
Namespace:    
Labels:       <http://app.kubernetes.io/instance=itplat-helm-alb-controller|app.kubernetes.io/instance=itplat-helm-alb-controller>
              <http://app.kubernetes.io/managed-by=pulumi|app.kubernetes.io/managed-by=pulumi>
              <http://app.kubernetes.io/name=aws-load-balancer-controller|app.kubernetes.io/name=aws-load-balancer-controller>
              <http://app.kubernetes.io/version=v2.4.0|app.kubernetes.io/version=v2.4.0>
              <http://helm.sh/chart=aws-load-balancer-controller-1.4.0|helm.sh/chart=aws-load-balancer-controller-1.4.0>
Annotations:  <none>
API Version:  elbv2.k8s.aws/v1beta1
Kind:         IngressClassParams
Metadata:
  Creation Timestamp:  2022-02-28T01:36:16Z
  Generation:          1
  Managed Fields:
    API Version:  elbv2.k8s.aws/v1beta1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .:
          f:<http://kubectl.kubernetes.io/last-applied-configuration|kubectl.kubernetes.io/last-applied-configuration>:
        f:labels:
          .:
          f:<http://app.kubernetes.io/instance|app.kubernetes.io/instance>:
          f:<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>:
          f:<http://app.kubernetes.io/name|app.kubernetes.io/name>:
          f:<http://app.kubernetes.io/version|app.kubernetes.io/version>:
          f:<http://helm.sh/chart|helm.sh/chart>:
    Manager:         pulumi-resource-kubernetes
    Operation:       Update
    Time:            2022-02-28T01:36:16Z
  Resource Version:  3142930
  UID:               60287f23-183c-4316-b9a3-ce5bd2ae063b
Events:              <none>
the code to deploy this alb controller via helm is very basic :-
Copy code
# setup aws-load-balancer-controller (ALB) via helm
k8s_h_alb_controller = k8s.helm.v3.Chart(
    "itplat-helm-alb-controller",
    k8s.helm.v3.ChartOpts(
        chart="aws-load-balancer-controller",
        fetch_opts=k8s.helm.v3.FetchOpts(
            repo="<https://aws.github.io/eks-charts>",
        ),
        namespace='kube-system',
        transformations=[remove_status],
        values={
            "clusterName": pulumi_stack_info['name'],
            "createIngressClassResource": "true",
            "enableCertManager": "true",
            "ingressClassParams": {
                "name": "alb-ingress-class-params"
            }
        },
    ),
    opts=pulumi.ResourceOptions(depends_on=[k8s_h_cert_manager], provider=k8s_provider),
)
note that on first run, the "namespace" value is passing down to the crd resource as an input because it is the namespace the helm chart is deployed into :-
Copy code
02:16:28 bmeehan@_ip-10-232-32-165:~$ pulumi stack export -s ipd-eks-apse2-configure | jq '.deployment.resources[]|select(.id=="alb-ingress-class-params").inputs'
{
  "apiVersion": "elbv2.k8s.aws/v1beta1",
  "kind": "IngressClassParams",
  "metadata": {
    "labels": {
      "<http://app.kubernetes.io/instance|app.kubernetes.io/instance>": "itplat-helm-alb-controller",
      "<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>": "pulumi",
      "<http://app.kubernetes.io/name|app.kubernetes.io/name>": "aws-load-balancer-controller",
      "<http://app.kubernetes.io/version|app.kubernetes.io/version>": "v2.4.0",
      "<http://helm.sh/chart|helm.sh/chart>": "aws-load-balancer-controller-1.4.0"
    },
    "name": "alb-ingress-class-params",
    "namespace": "kube-system"
  }
}
02:17:38 bmeehan@_ip-10-232-32-165:~$
note2: its also in the output annotations
Copy code
02:17:38 bmeehan@_ip-10-232-32-165:~$ pulumi stack export -s ipd-eks-apse2-configure | jq '.deployment.resources[]|select(.id=="alb-ingress-class-params").outputs.metadata.annotations'
{
  "<http://kubectl.kubernetes.io/last-applied-configuration|kubectl.kubernetes.io/last-applied-configuration>": "{\"apiVersion\":\"elbv2.k8s.aws/v1beta1\",\"kind\":\"IngressClassParams\",\"metadata\":{\"labels\":{\"<http://app.kubernetes.io/instance\|app.kubernetes.io/instance\>":\"itplat-helm-alb-controller\",\"<http://app.kubernetes.io/managed-by\|app.kubernetes.io/managed-by\>":\"pulumi\",\"<http://app.kubernetes.io/name\|app.kubernetes.io/name\>":\"aws-load-balancer-controller\",\"<http://app.kubernetes.io/version\|app.kubernetes.io/version\>":\"v2.4.0\",\"<http://helm.sh/chart\|helm.sh/chart\>":\"aws-load-balancer-controller-1.4.0\"},\"name\":\"alb-ingress-class-params\",\"namespace\":\"kube-system\"}}\n"
}
02:19:55 bmeehan@_ip-10-232-32-165:~$
the details of the second run of 
pulumi up
look like :-
clearly showing the namespace is being dropped from the pulumi logical-resource name the second time around
with the result of any second (or subsequent) run being 
ingressclassparams.elbv2.k8s.aws "alb-ingress-class-params" already exists
:-
the upshot of which is that i cant replace my helm-deployed ALB now without destroying every service depending on it and removing it entirely and recreating it from scratch
causing an significant outage of every service with an ALB backed ingress in my cluster every time ALB helm chart is updated
q
Can you open an issue, please? I’ll try to reproduce this morning and raise this with the correct people
p
r
Any news on this? 🙂
v
I am experiencing same issue. I created an issue @quiet-wolf-18467 https://github.com/pulumi/pulumi-kubernetes/issues/2035
Copy code
ingressclassparams.elbv2.k8s.aws "alb" already exists
8 Views
Open in Slack
PreviousNext
Powered by