This message was deleted.
# generals
sparse-intern-71089
02/28/2023, 11:45 PMThis message was deleted.
đź‘€ 1
b
billowy-army-68599
02/28/2023, 11:47 PM
the screenshot isn’t super clear I’m afraid, can you show this in another way?
k
kind-jelly-61624
02/28/2023, 11:52 PMis that better @billowy-army-68599?
b
billowy-army-68599
02/28/2023, 11:52 PM
Much better. Can you share your code?
k
kind-jelly-61624
02/28/2023, 11:53 PMsure thing.
So I first create an instance, and then I have a resource method that can attach an ALB to that instance
b
billowy-army-68599
02/28/2023, 11:54 PM
are you able to paste the code?
billowy-army-68599
02/28/2023, 11:54 PM
this is pretty unusual, i’ve never seen this behaviour before
k
kind-jelly-61624
02/28/2023, 11:55 PMyeah just give me 5 seconds to try to remove sensitive stuff from it
kind-jelly-61624
02/28/2023, 11:57 PM Copy code
def attachALB(__self__, attach_alb_args):
if attach_alb_args.inputs.alb_logs_bucket is not None:
bucket = pulumi_aws.s3.get_bucket(bucket=attach_alb_args.inputs.alb_logs_bucket)
rcb.components.s3.BucketPolicy(
component_name="enable-alb-access-logs",
resource_type="rcb:s3:BucketPolicy",
rough_inputs={
"policy": {
"Statements": rcb.components.s3.get_bucket_policy_statements(
{
"statement_names": ["allow_load_balancer_access_logs"],
"values": {
"bucket_id": bucket.id,
"bucket_arn": bucket.arn,
"prefix": "alb_access_logs",
"aws_account_id": rcb_utils.PulumiHelpers.get_aws_account_id()
}
}
)
},
"bucket": attach_alb_args.inputs.alb_logs_bucket
}
)
alb_security_group = pulumi_aws.ec2.SecurityGroup(
f"{rcb_utils.naming_factory.get_resource_name('alb-sg')}",
vpc_id=attach_alb_args.inputs.vpc_id
)
instance_security_group = pulumi_aws.ec2.SecurityGroup(
f"{rcb_utils.naming_factory.get_resource_name('instance-sg')}",
vpc_id=attach_alb_args.inputs.vpc_id
)
alb = pulumi_aws.lb.LoadBalancer(f"{rcb_utils.naming_factory.get_resource_name('alb')}",
internal=attach_alb_args.inputs.internal,
load_balancer_type="application",
security_groups=[alb_security_group.id],
subnets=attach_alb_args.inputs.subnets,
enable_deletion_protection=False)
pulumi_aws.ec2.NetworkInterfaceSecurityGroupAttachment(
f"{rcb_utils.naming_factory.get_resource_name('alb-sg')}",
security_group_id=instance_security_group.id,
network_interface_id=__self__.outputs["instance"].primary_network_interface_id)
for l in attach_alb_args.inputs.listener_to_target_mapping:
pulumi_aws.ec2.SecurityGroupRule(f"{rcb_utils.naming_factory.get_resource_name('allow-ingress-to-alb')}",
type="ingress",
from_port=l["listener_port"],
to_port=l["listener_port"],
protocol="TCP",
cidr_blocks=l["listener_cidr_blocks"],
security_group_id=alb_security_group.id)
pulumi_aws.ec2.SecurityGroupRule(f"{rcb_utils.naming_factory.get_resource_name('allow-ingress-to-instance')}",
type="ingress",
from_port=l["target_port"],
to_port=l["target_port"],
protocol="TCP",
source_security_group_id=alb_security_group.id,
security_group_id=instance_security_group.id)
target_group = pulumi_aws.lb.TargetGroup(f"{rcb_utils.naming_factory.get_resource_name('target-group')}",
port=l["target_port"],
protocol=l["target_protocol"],
health_check=attach_alb_args.inputs.health_check,
vpc_id=attach_alb_args.inputs.vpc_id)
pulumi_aws.lb.TargetGroupAttachment(
f"{rcb_utils.naming_factory.get_resource_name('target-group-attachment')}",
target_group_arn=target_group.arn,
target_id=__self__.outputs["instance"].id,
port=l["target_port"])
pulumi_aws.lb.Listener(f"{rcb_utils.naming_factory.get_resource_name('listener')}",
load_balancer_arn=alb.arn,
port=l["listener_port"],
protocol=l["listener_protocol"],
# ssl_policy="ELBSecurityPolicy-2016-08",
certificate_arn=attach_alb_args.inputs.certificate_arn,
default_actions=[pulumi_aws.lb.ListenerDefaultActionArgs(
type="forward",
target_group_arn=target_group.arn,
)])
return {"outputs": {"result": alb.id}}kind-jelly-61624
02/28/2023, 11:58 PMthat’s the resource method, it’s ssuper messy cause I’ve been trying to see what the problem could be
kind-jelly-61624
02/28/2023, 11:58 PMI thought it could be cause of the loop that i’m creating resources in, but removing the loop didn’t really fix the issue
kind-jelly-61624
02/28/2023, 11:59 PMi also have an invoke that runs within this method, could it be because of that?
b
billowy-army-68599
03/01/2023, 12:24 AM
it’s not super clear, you might want to wind some of this back, I can’t see any immediate issue
l
little-cartoon-10569
03/01/2023, 12:27 AMIs it possible that rcb_utils.naming_factory is returning different values during preview and up?
k
kind-jelly-61624
03/01/2023, 12:28 AMHmm, true, but all it does for now is this
Copy code
def get_resource_name(resource_type):
stack_name = helpers.PulumiHelpers.get_stack_name()
return f"{stack_name}-{resource_type}"l
little-cartoon-10569
03/01/2023, 12:30 AMAny chance that stack_name has a newline in it? There's some pretty weird formatting in the console output....
little-cartoon-10569
03/01/2023, 12:31 AMOh wait, the 2nd output fixed that...
k
kind-jelly-61624
03/01/2023, 12:31 AMyeah sorry about that, the first one had a bunch of random debug params in it i tried to hide
b
billowy-army-68599
03/01/2023, 12:32 AM
yeah that’s a good point, if you do
pulumi stack export Copy code
pulumi stack export | jq '.deployment.resources | length'k
kind-jelly-61624
03/01/2023, 12:32 AMah let me check
kind-jelly-61624
03/01/2023, 12:35 AMi only see the ones that were created, not the ones that got skipped
b
billowy-army-68599
03/01/2023, 12:36 AM
hrm
k
kind-jelly-61624
03/01/2023, 7:30 PMHeyy @billowy-army-68599, @little-cartoon-10569 Thanks for the help debugging yesterday!
I thought the “self” variable in the resource method would contain the entire output returned by the resource but it looks like I only have the ARN
Copy code
def attachALB(self, args: pulumi.input_type):
return {"outputs": {"result": self}} Copy code
result: "urn:pulumi:test::riotcloudbricks-test-stack::riotcloudbricks:ec2:Instance::jjjjj"kind-jelly-61624
03/01/2023, 7:46 PMwhen i remove the resources that reference the resource (through self) from the method it’s all good
l
little-cartoon-10569
03/01/2023, 8:12 PMI don't understand. Resource outputs are used for stack references. When you're inside the same project as a resource was created in, do you not simply pass the entire resource around? There shouldn't be any need to think about resource outputs in this code.
little-cartoon-10569
03/01/2023, 8:13 PMHave you solved the problem? Are you able to deploy all resources now?
k
kind-jelly-61624
03/01/2023, 8:36 PMah, i’m using Components that i’ve built seperately and I import them into my stack. In this case, my stack has imported the component that deploys an instance and then calls a resource method that can then attach an ALB to it.
It looks like the method only recieves the ARN of the instance but not the instance itself. I will troubleshoot more to make sure it’s not some schema issue or something else on my end. For now, it seems I can’t use resource methods so I’ll have to look at creating another component to attach the ALB 🙂
l
little-cartoon-10569
03/01/2023, 8:51 PMNot clear on that. Is the imported component created from another stack, and imported into this one? Or is the code that creates the component imported into this project, and run only from here?
If the resource is created in another stack, you shouldn't attempt to manage it from this stack. You cold use a get method to create a read-only Pulumi resource to wrap it, or you could use the AWS SDK to get details about the resource. If you need only the ARN, it looks like you're already set.
k
kind-jelly-61624
03/01/2023, 8:53 PMnot creating the resource in another stack, it’s being created in the stack that’s run. It’s a similar concept to this https://github.com/pulumi/pulumi-component-provider-py-boilerplate
l
little-cartoon-10569
03/01/2023, 8:59 PMI'm not a Python user, but when you create an object from a Python class, do you need to return
self__self__