Pulumi Party!

Session Overview

  • Welcome
  • Workshop Logistics & Objectives
  • What is IAC?
  • Advantages and Disadvantages
  • Imperative vs Declarative Deployments
  • The IAC Landscape
  • When to use tools
  • Introducing Pulumi

Welcome!

Pulumi

VPC!

import pulumi
import pulumi_awsx as awsx

vpc = awsx.ec2.Vpc("custom")

pulumi.export("vpcId", vpc.vpc_id)
pulumi.export("publicSubnetIds", vpc.public_subnet_ids)
pulumi.export("privateSubnetIds", vpc.private_subnet_ids)


HTTP Server

import pulumi
import pulumi_aws as aws
import pulumi_awsx as awsx

cluster = aws.ecs.Cluster("default-cluster")

lb = awsx.lb.ApplicationLoadBalancer("nginx-lb")

service = awsx.ecs.FargateService("my-service",
    cluster=cluster.arn,
    assign_public_ip=True,
    task_definition_args=awsx.ecs.FargateServiceTaskDefinitionArgs(
        container=awsx.ecs.TaskDefinitionContainerDefinitionArgs(
            image="nginx:latest",
            name="nginx",
            cpu=512,
            memory=128,
            essential=True,
            port_mappings=[awsx.ecs.TaskDefinitionPortMappingArgs(
                target_group=lb.default_target_group
            )],
        )
    )
)

Logistics

Workshop Syllabus & Content

NCICS Dev

GitLab Repo


Objectives

  1. Skills, Tools, Knowledge to deploy production infrastructure with Pulumi.

  2. Leverage Pulumi Automation tools.

Objectives

This includes:

  • The ability to leverage high level automation modules to deploy pre-designed infrastructure stacks.
  • The ability to integrate Pulumi IAC deployments with existing infrastructure
  • The ability to share Pulumi stacks across the organization

Specifically, by the end of this workshop, participants will have:

  • Understood the IAC landscape and differences between Imperative and Declarative infrastructure deployments.
  • Used the Pulumi CLI and Pulumi Teams Platform.
  • Deployed infrastructure stacks using both the traditional Pulumi Engine and the Pulumi Automation API.
  • Used best practices to integrate Pulumi with existing infrastructure.
  • Leveraged pulumi to deploy and move resources across accounts and regions.

Session Overview

  • Welcome
  • Workshop Logistics & Objectives
  • What is IAC?
  • Advantages and Disadvantages
  • Imperative vs Declarative Deployments
  • The IAC Landscape
  • When to use tools
  • Introducing Pulumi

Infrastructure as Code


Infrastructure as Code (IaC) is the process of managing and provisioning computing infrastructure through machine-readable scripts, rather than through physical hardware configuration or interactive configuration tools.


… Software defined x …

Disadvantages

  • Learning Curve: Mo’tools, Mo’ learning :)
  • Extra Layer of Complexity: Additional Interface
  • Prototyping: Prototyping takes longer and can be challenging (console can be faster for experimentation)

Advantages

  • Automation: Reduces manual errors and increases efficiency.
  • Version Control: Infrastructure changes can be versioned and tracked.
  • Scalability: Easily scale resources up or down.
  • Reproducibility Exact same environments across accounts and regions.

Session Overview

  • Welcome
  • Workshop Logistics & Objectives
  • What is IAC?
  • Advantages and Disadvantages
  • Imperative vs Declarative Deployments
  • The IAC Landscape
  • When to use tools
  • Introducing Pulumi

Imperative vs Declarative Deployments

Imperative

Step by step instructions on how to reach an end state.


Building a House (Framing):

  • Measure all the 2x4s
  • Setup the Chop Saw
  • Insert wood to chop saw
  • Cut Wood
  • … further instructions for assembly

Imperative

  • Definition: Describes the steps to achieve the desired state.
  • Example: Traditional scripts (Bash, Python).
  • Pros: Fine-grained control over operations.
  • Cons: More error-prone and less maintainable.


Deploy Docker Image to ECR

# Authenticate
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 659949029828.dkr.ecr.us-east-1.amazonaws.com

# Build Docker Image
docker build -t nma-level-one-ecr-9a75cad .

# Tag Image
docker tag nma-level-one-ecr-9a75cad:latest 659949029828.dkr.ecr.us-east-1.amazonaws.com/nma-level-one-ecr-9a75cad:latest

# Push Image
docker push 659949029828.dkr.ecr.us-east-1.amazonaws.com/nma-level-one-ecr-9a75cad:latest

Declarative

Provide a Blueprint, and the service builds to the blueprint standard.


Building a House (Framing):

  • Give a Blueprint to the construction crew.

Declarative

  • Definition: Describes the desired state, not the steps to achieve it.
  • Example: Configuration files (YAML, JSON).
  • Pros: Easier to manage and reason about.
  • Cons: Less control over the specific operations.

Deploy Docker Image to ECR

# Build and publish our application's container image from ./app to the ECR repository
image = awsx.ecr.Image(
    "image",
    repository_url=repo.url,
    path="./app")

Session Overview

  • Welcome
  • Workshop Logistics & Objectives
  • What is IAC?
  • Advantages and Disadvantages
  • Imperative vs Declarative Deployments
  • The IAC Landscape
  • When to use tools
  • Introducing Pulumi

IAC Landscape

Choosing Tools

Features: Multi-Cloud, Programming, Declarative, Open Source

Session Overview

  • Welcome
  • Workshop Logistics & Objectives
  • What is IAC?
  • Advantages and Disadvantages
  • Imperative vs Declarative Deployments
  • The IAC Landscape
  • When to use tools
  • Introducing Pulumi

Introducing Pulumi

Pulumi is a modern (newer) IaC tool that allows you to define infrastructure resources using familiar programming languages.

  • Multi-language Support: Use Python, TypeScript, Go, C#, Java, and YAML.
  • Declarative: Highly declarative, but can combine both imperative and declarative paradigms.
  • Multi-cloud: Supports AWS, Azure, Google Cloud, Kubernetes, and many more…
  • Open Source: Team collaboration platform and managed state backend are paid.

Multi-Cloud Pulumi

Pulumi CLI

The Pulumi CLI is the primary interface for interacting with Pulumi.

Common Commands

  • pulumi new: Create a new project.
  • pulumi up: Deploy changes.
  • pulumi preview: Preview changes.
  • pulumi destroy: Tear down resources.

Getting Started

  1. Login to AWS via SSO: AWS Console

  2. Navigate to the Cloud9 Dashboard.

  3. Look under Shared with Me to find your environment.

It should be named: pw-cloud9-{your cics username}-*

  1. Open this Cloud9 Instance

  2. In a terminal, clone this GitLab Repo

  3. Run the 00-getting-started/install.sh script.

  4. Restart Terminal. Run pulumi whoami.

Team Collaboration Platform

Tour of Pulumi Teams Platform

Company

Open Source

  • Pulumi CLI
  • Automation API
  • Pulumi Packages (Registry)
  • Run your own state storage

Company

  • Teams Platform
  • State Management
  • Deployment Management
  • Pulumi ESC

Pulumi Party!