pulumi-eks icon indicating copy to clipboard operation
pulumi-eks copied to clipboard

Published 20 hours ago verified publisher icon pulumi

`getCluster` function for existing eks Clusters

Open beetahnator opened this issue 7 years ago • 5 comments

There should be a way to get a kubeconfig for eks clusters that already exist.

Similar to this PR for GCP: https://gist.github.com/geekflyer/b78adab2667d8526a1dd593bc5c844bf#file-gke-ts-L33-L66

beetahnator avatar Oct 15 '18 18:10 beetahnator

Definitely would make sense to expose it as a public API here - but note that you can construct it from aws.eks.Cluster.get() using this code from the implementation of the library:

https://github.com/pulumi/pulumi-eks/blob/4f4a75b17de98cf2f9c3d34a960b59503cbc4f0a/nodejs/eks/cluster.ts#L182-L233

lukehoban avatar Oct 16 '18 18:10 lukehoban

I was very disappointed to find that the object returned by getCluster does not have a kubeconfig or Kubernetes provider.

I wanted to move the code that installs stuff into the cluster into a different project from the project that creates the cluster. The project was getting way too big and the dependency handling was a problem, especially when trying to destroy and rebuild a cluster.

I tried using the source code for generateKubeConfig, copied into my pulumi project with this source code, but it still does not work:

const cluster = aws.eks.getClusterOutput({ name: config.accountName });

const kubeconfig = generateKubeconfig(cluster.name, cluster.endpoint, cluster.certificateAuthorities[0].data);

const kubernetesProvider = new kubernetes.Provider('kubernetes-provider', {
  kubeconfig: kubeconfig.apply(JSON.stringify),
});

const argoCdCrds = new kubernetes.kustomize.Directory(
  'argo-cd-crds',
  {
    directory: `https://github.com/argoproj/argo-cd/tree/${argoCdApplicationVersion}/manifests/crds`,
    resourcePrefix: 'argo-cd-crds',
  },
  {
    provider: kubernetesProvider,
  }
);

I know the connection to AWS is good, because getClusterOutput returns valid endpoints and certs. I can look at the value for kubconfig in an exported state.json file, and they are IDENTICAL to the values in my pulumi project that creates the cluster, where this code ran before.

But, I get this error:

 kubernetes:apiextensions.k8s.io/v1:CustomResourceDefinition (argo-cd-crds-appprojects.argoproj.io):
      warning: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials
      error: failed to read resource state due to unreachable cluster. If the cluster was deleted, you can remove this resource from Pulumi state by rerunning the operation with the PULUMI_K8S_DELETE_UNREACHABLE environment variable set to "true"

Does anyone know what I might be missing?

RobCannon avatar Sep 30 '23 15:09 RobCannon