Infrastructure as Code: Intro to Pulumi

Transcript

1. 0 Infrastructure as Code: Intro to Pulumi 2024-05-10 第89回NearMe技術勉強会 Cyan

   Chen

2. 1 What is infrastructure? • How do we provide a

   public service? ◦ We may want to have… ▪ a computer => AWS Elastic Compute 2 ▪ public internet access => AWS Internet Gateway ▪ data storage => AWS RDS, AWS S3 (simple storage service) ◦ We may ▪ Buy a computer and hire managing people ▪ Rent from AWS

3. 2 Let’s say we want to rent from AWS We

   can go to AWS webpage, add a credit card and click, click, click… https://aws.amazon.com/products/?aws-products-all.sort-by=item.additionalFields.productNam eLowercase&aws-products-all.sort-order=asc&awsf.re%3AInvent=*all&awsf.Free%20Tier%20Type =*all&awsf.tech-category=*all - Cumbersome to click deeply nested ui. - Forget what have been done. - Resources are mutual dependent - Unable to find correct sequence

4. 3 Infrastructure as Code (IaC) comes to rescure Code Intensions

   • I want a computer (EC2) • Use operating system (ami) • Execute the bash script when starting (userData) • Publish to the internet (vpc, subnet, security group)

5. 4 Given that we can have • Automatic instead of

   Manual • Reproducibility ◦ Something went wrong, destroy and recreate ◦ No hidden changes • Version controlled: 😍 Git ◦ Visibility ◦ Pinpoint your problem

6. 5 Infrastructure as Code Tools Terraform https://registry.terraform.io/provi ders/hashicorp/aws/latest/docs/r esources/instance AWS

   CloudFormation https://docs.aws.a mazon.com/AWSC loudFormation/late st/UserGuide/quick ref-ec2-instance-co nfig.html Pulumi

7. 6 Let’s try it out git clone https://github.com/yukimotochern/pulumi-nearme-study-session.git https://www.pulumi.com/templates/ virtual-machine/aws/

8. 7 Setup 1. Install dependencies ◦ npm install 2. Copy

   .env from chat to project root (I will delete this key after study session) 3. Export env to bash ◦ export $(cat .env | xargs) 4. Install pulumi cli ◦ brew install pulumi/tap/pulumi 5. Login to pulumi, you may need to sign up ◦ pulumi login 6. [Skip if error]Select dev as current working stack ◦ pulumi stack select dev 7. Deploy ◦ pulumi up 8. Destroy (Don’t forget!!) ◦ pulumi destroy

9. 8 A closer look at the pulumi state

10. 9 Pulumi Architecture https://www.pulumi.com/docs/conce pts/how-pulumi-works/ 1. The first run of

    code ⇒ vpc, subnets, efs 2. engine fulfilled with 3 public subnets 3. Apply callback runs ⇒ engine see another 3 efs.MountTargets

11. 10 Pulumi Input/Output • Pulumi Resources are functions that map

    ◦ Input ⇒ Output https://www.pulumi.com/docs/conce pts/inputs-outputs/apply/

12. 11 Pulumi Input/Output (conti.) • Output can be considered as

    a Promise that will be fulfilled by Pulumi engine, except you can not await it. • Input/Output chains are used to determine the deployment/destroy sequence.

13. 12 Pulumi Policy as Code

14. 13 Treat Infrastructure Like Cattle Instead of Pets https://upload.wikimedia.org/wikipe dia/commons/8/8c/Cow_%28Fleckv

    ieh_breed%29_Oeschinensee_Sla unger_2009-07-07.jpg

15. 14 Thank you