pulumi-kubernetes
pulumi-kubernetes copied to clipboard
pulumi
Enabling SSA errors when working with ECK
What happened?
Received an error:
kubernetes:elasticsearch.k8s.elastic.co/v1:Elasticsearch (family):
error: error reading from server: EOF
panic: fatal: An assertion has failed: path: [spec nodeSets 0 podTemplate metadata creationTimestamp] | v: <nil> | old: <nil> | oldInput: <nil>
goroutine 231 [running]:
github.com/pulumi/pulumi/sdk/v3/go/common/util/contract.failfast(...)
/home/runner/go/pkg/mod/github.com/pulumi/pulumi/sdk/[email protected]/go/common/util/contract/failfast.go:23
github.com/pulumi/pulumi/sdk/v3/go/common/util/contract.Assertf(0x80?, {0x2289b8c?, 0x8?}, {0xc002985668?, 0xc002fe5620?, 0x1dd52e0?})
/home/runner/go/pkg/mod/github.com/pulumi/pulumi/sdk/[email protected]/go/common/util/contract/assert.go:33 +0xed
github.com/pulumi/pulumi-kubernetes/provider/v3/pkg/provider.(*patchConverter).addPatchValueToDiff(0xc0029
When I tried to update an elasticsearch object after turnning on enableServerSideApply
I see something similar with the CRDs:
kubernetes:apps/v1:StatefulSet (elastic-system/elastic-operator):
error: Preview failed: 1 error occurred:
* the Kubernetes API server reported that "elastic-system/elastic-operator" failed to fully initialize or become live: use `pulumi.com/patchForce` to override the conflict: Apply failed with 4 conflicts: conflicts with "pulumi-resource-kubernetes" using apps/v1:
- .spec.template.spec.containers[name="manager"].env[name="OPERATOR_NAMESPACE"].valueFrom.fieldRef
- .spec.template.spec.containers[name="manager"].env[name="POD_IP"].valueFrom.fieldRef
- .spec.template.spec.containers[name="manager"].resources.requests.cpu
- .spec.template.spec.containers[name="manager"].resources.requests.cpu
Steps to reproduce
- Create a provider with
enableServerSideApplyomitted. - Deploy ECK's CRDs via
k8s.yamlfrom https://download.elastic.co/downloads/eck/2.1.0/crds.yaml and operator:https://download.elastic.co/downloads/eck/2.1.0/operator.yaml - Run Pulumi up
- Set
enableServerSideApplytotrue, run again and see errors.
Expected Behavior
Make switch seemingless.
Actual Behavior
Error gets thrown
Versions used
CLI Version 3.33.2 Go Version go1.17.10 Go Compiler gc
Host OS ubuntu Version 20.04 Arch x86_64
@pulumi/kubernetes is at 3.20.3
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
I wasn't able to reproduce the panic, but the second error is a validation error that can be resolved with patchForce. Since the resources were created with a different manager, you need to explicitly force the apply as stated in the error message. Here's an example that worked for me:
// Create a Provider with SSA enabled.
const provider = new k8s.Provider("k8s", {
enableServerSideApply: true,
});
new k8s.yaml.ConfigGroup("test", {
files: ["crds.yaml", "operator.yaml"],
transformations: [
// Add the "patchForce" annotation to take ownership of the resources with SSA.
(obj: any, opts: pulumi.CustomResourceOptions) => {
if (obj.metadata.annotations) {
obj.metadata.annotations["pulumi.com/patchForce"] = "true"
} else {
obj.metadata.annotations = {"pulumi.com/patchForce": "true"}
}
},
]
}, {provider})
I'm sorry for the lack of response, here things have been backed up, let's close this for now and I'll circle back with my results. Thank you!
On Thu, Sep 22, 2022, 8:56 AM Levi Blackstone @.***> wrote:
Any further problems here, or can this issue be closed out?
— Reply to this email directly, view it on GitHub https://github.com/pulumi/pulumi-kubernetes/issues/2139#issuecomment-1255426360, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABIHRG4CXKWE6ZNNDH6N5PDV7STVXANCNFSM56TGV35Q . You are receiving this because you authored the thread.Message ID: @.***>