pulumi-eks icon indicating copy to clipboard operation
pulumi-eks copied to clipboard

Published 20 hours ago verified publisher icon pulumi

Parameterize all endpoint/namespace values so that all AWS regions work properly

Open lblackstone opened this issue 3 years ago • 7 comments

Hello!

  • Vote on this issue by adding a 👍 reaction
  • To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already)

The EKS package currently hardcodes a number of values specific to the default US regions, which breaks usage in other regions (aws-global/aws-cn/aws-us-gov). While it is possible to work around the issue using transformations, the package logic should be parameterized to handle different regions appropriately.

The following issues are related: https://github.com/pulumi/pulumi-eks/issues/570 https://github.com/pulumi/pulumi-eks/issues/534 https://github.com/pulumi/pulumi-eks/issues/386

lblackstone avatar Apr 29 '21 15:04 lblackstone

@lblackstone - Any update on this? When this can be solved and pulumi-eks provides support for China?

I am also stuck with this now and cannot create cluster in China region.

arunsisodiya avatar Dec 01 '21 12:12 arunsisodiya

Can you check if the transformations workaround works for you?

I don't have an update on scheduling for this issue, but you can upvote issues to help us determine priority.

lblackstone avatar Dec 01 '21 18:12 lblackstone

@lblackstone - I was trying the transformation workaround but can you please tell me how that can be used? I am quite new to typescript so don't know that.

Do I have to put that snippet in index.ts as it is or do I need to create some method etc?

Can you share with me a working .ts file?

arunsisodiya avatar Dec 01 '21 23:12 arunsisodiya

We currently have this problem with private link on eu-central-1 ECR. If done so the default EKS setup doesn't work anymore since it wants to pull images from us-west-1. Being able to set the region or letting pulumi auto detect the correct ECR region for system images would be good.

geNAZt avatar Mar 16 '22 07:03 geNAZt

@lblackstone - I was trying the transformation workaround but can you please tell me how that can be used? I am quite new to typescript so don't know that.

Do I have to put that snippet in index.ts as it is or do I need to create some method etc?

Can you share with me a working .ts file?

const cluster = new eks.Cluster(
      this.clusterName,
      {
        instanceType: this.instanceType,
        desiredCapacity: this.desiredNodeNumber,
        minSize: this.minNodeNumber,
        maxSize: this.maxNodeNumber,
        enabledClusterLogTypes: [
          'api',
          'audit',
          'authenticator',
          'controllerManager',
          'scheduler',
        ],
      },
      {
        transformations: [
          // Update all RolePolicyAttachment resources to use aws-cn ARNs.
          args => {
            if (
              args.type === 'aws:iam/rolePolicyAttachment:RolePolicyAttachment'
            ) {
              const arn: string | undefined = args.props['policyArn'];
              if (arn && arn.startsWith('arn:aws:iam')) {
                args.props['policyArn'] = arn.replace(
                  'arn:aws:iam',
                  'arn:aws-cn:iam'
                );
              }
              return {
                props: args.props,
                opts: args.opts,
              };
            }
            return undefined;
          },
        ],
      }
    );

worldzhy avatar May 24 '22 12:05 worldzhy

@lblackstone Can I get an example of this exact transformation in golang, for govcloud?

tonybutt avatar Oct 03 '22 20:10 tonybutt

@lblackstone https://github.com/pulumi/pulumi-eks/pull/785

I am just using the already imported pulumi classic to fetch the Partition during the run.

tonybutt avatar Oct 04 '22 18:10 tonybutt