0 Infrastructure as Code: Intro to Pulumi 2024-05-10 第89回NearMe技術勉強会 Cyan Chen

1 What is infrastructure? ● How do we provide a public service? ○ We may want to have… ■ a computer => AWS Elastic Compute 2 ■ public internet access => AWS Internet Gateway ■ data storage => AWS RDS, AWS S3 (simple storage service) ○ We may ■ Buy a computer and hire managing people ■ Rent from AWS

2 Let’s say we want to rent from AWS We can go to AWS webpage, add a credit card and click, click, click… https://aws.amazon.com/products/?aws-products-all.sort-by=item.additionalFields.productNam eLowercase&aws-products-all.sort-order=asc&awsf.re%3AInvent=*all&awsf.Free%20Tier%20Type =*all&awsf.tech-category=*all - Cumbersome to click deeply nested ui. - Forget what have been done. - Resources are mutual dependent - Unable to find correct sequence

3 Infrastructure as Code (IaC) comes to rescure Code Intensions ● I want a computer (EC2) ● Use operating system (ami) ● Execute the bash script when starting (userData) ● Publish to the internet (vpc, subnet, security group)

4 Given that we can have ● Automatic instead of Manual ● Reproducibility ○ Something went wrong, destroy and recreate ○ No hidden changes ● Version controlled: 😍 Git ○ Visibility ○ Pinpoint your problem

5 Infrastructure as Code Tools Terraform https://registry.terraform.io/provi ders/hashicorp/aws/latest/docs/r esources/instance AWS CloudFormation https://docs.aws.a mazon.com/AWSC loudFormation/late st/UserGuide/quick ref-ec2-instance-co nfig.html Pulumi

6 Let’s try it out git clone https://github.com/yukimotochern/pulumi-nearme-study-session.git https://www.pulumi.com/templates/ virtual-machine/aws/

7 Setup 1. Install dependencies ○ npm install 2. Copy .env from chat to project root (I will delete this key after study session) 3. Export env to bash ○ export $(cat .env | xargs) 4. Install pulumi cli ○ brew install pulumi/tap/pulumi 5. Login to pulumi, you may need to sign up ○ pulumi login 6. [Skip if error]Select dev as current working stack ○ pulumi stack select dev 7. Deploy ○ pulumi up 8. Destroy (Don’t forget!!) ○ pulumi destroy

8 A closer look at the pulumi state

9 Pulumi Architecture https://www.pulumi.com/docs/conce pts/how-pulumi-works/ 1. The first run of code ⇒ vpc, subnets, efs 2. engine fulfilled with 3 public subnets 3. Apply callback runs ⇒ engine see another 3 efs.MountTargets

10 Pulumi Input/Output ● Pulumi Resources are functions that map ○ Input ⇒ Output https://www.pulumi.com/docs/conce pts/inputs-outputs/apply/

11 Pulumi Input/Output (conti.) ● Output can be considered as a Promise that will be fulfilled by Pulumi engine, except you can not await it. ● Input/Output chains are used to determine the deployment/destroy sequence.

12 Pulumi Policy as Code

13 Treat Infrastructure Like Cattle Instead of Pets https://upload.wikimedia.org/wikipe dia/commons/8/8c/Cow_%28Fleckv ieh_breed%29_Oeschinensee_Sla unger_2009-07-07.jpg

14 Thank you