$30 off During Our Annual Pro Sale. View Details »

Modern Infrastructure as Code with Pulumi

Modern Infrastructure as Code with Pulumi

Paul Stack, Staff Software Engineer at Pulumi, joined us for a demo and discussion of their Infrastructure as Software tool. You can see a video recording of this talk at https://www.scalefactory.com/events/webinars/2020/08/26/an-introduction-to-pulumi/

The Scale Factory

August 26, 2020
Tweet

More Decks by The Scale Factory

Other Decks in Technology

Transcript

  1. Modern Infrastructure as Code with
    Pulumi
    Declare cloud infrastructure using real languages. Enable
    developers and operators to work better together.
    Paul Stack (@stack72/[email protected])
    Pulumi Engineer
    August 2020

    View Slide

  2. Cloud Transition
    Kubernetes
    Amazon
    Lambda
    AWS S3
    Azure
    Analytics
    Google ML
    MySQL
    DataDog
    App
    Docker
    DataDog
    New Relic
    App
    MySQL
    v1 v2 v3
    FIRST WAVE
    Mostly Static
    N-Tier Apps
    VMs
    Private Cloud
    TRANSITIONAL
    Partly Dynamic
    Less Monolithic
    VMs and Containers*
    Hybrid - Public/Private
    *Experimentation
    MODERN
    Fully Dynamic
    Hyper-Connected Services
    Containers and Serverless
    Mostly Public Cloud
    2

    View Slide

  3. What is Infrastructure as Code
    ● Eliminate manual error-prone
    provisioning and changes
    ● Bring software best practices to
    infrastructure management
    ● Gain visibility of changes through
    code reviews and previews

    View Slide

  4. Why Infrastructure as Code
    ● Automated and repeatable
    deployments
    ● Decreased time-to-market for new
    applications and ongoing
    maintenance
    ● Safe predictable changes

    View Slide

  5. Modern Infrastructure as Code
    5
    CREATE
    ● Real languages
    ● Share and reuse abstractions
    ● Use your favorite tools (IDE, testing, etc)
    DEPLOY
    ● Preview changes
    ● Flexible CLI for Dev and Ops familiarity
    ● Integrate into CI/CD workflows
    MANAGE
    ● Audit all changes
    ● Managed complex environments
    ● Implement policies and controls
    1
    2
    3
    PULUMI CONFIDENTIAL

    View Slide

  6. Bring Software Development
    Practices to Infrastructure
    Infrastructure as Code Software
    6
    Use semantic versioning, testing, and code
    review development practices for all aspects
    of your cloud software.
    Eliminate slow error-prone manual changes
    and bring automation and repeatability to
    infrastructure management.
    Enforce best practices using abstractions and
    reuse -- no more copy and paste.

    View Slide

  7. Modern Infrastructure Frameworks
    FOUNDATION
    PROVIDERS
    Unopinionated support
    for all clouds and their
    resources.
    Containers Serverless Infrastructure
    BEST PRACTICES
    FRAMEWORKS
    Create modern cloud
    software using best
    practices.
    PRODUCTIVITY CONTROL
    7
    PATTERNS
    LIBRARIES
    Cloud-specific libraries
    for common patterns
    and practices.
    PULUMI CONFIDENTIAL

    View Slide

  8. Deploy Code from/to Anywhere
    8
    SOURCE CODE LANGUAGES CI/CD ENVIRONMENTS
    Infrastructure as Code
    Applications
    Any Language

    View Slide

  9. Infrastructure as Code
    9

    View Slide

  10. This box is to provide a consistent background for variable
    width code snippets.
    Use a consistent object model for all resource
    types without needing to know the underlying
    API operations needed to create and manage
    the resources.
    Define the final end state of
    your resources.
    Resource Definitions
    10
    Pulumi lets you define the final
    configuration state of your resources and
    knows the steps to get there.

    View Slide

  11. This box is to provide a consistent background for variable
    width code snippets.
    The full functionality of programming
    languages brought to Infrastructure as Code.
    Create Infrastructure Using
    Real Programming Features
    Conditionals and Loops
    11
    Pulumi lets you program your infrastructure
    just like the rest of your applications with
    the expressiveness and flexibility of real
    programming languages.
    In this example, we provision a VPC and public
    subnets only if we’ve defined CIDR blocks for
    them in our configuration.

    View Slide

  12. This box is to provide a consistent background for variable
    width code snippets.
    Mix Kubernetes, Cloud, and
    Custom Resources
    A consistent programming model, tools, and
    workflow for deploying and managing IaaS,
    PaaS, SaaS, and custom resources.
    Multi-Provider Workflows
    12
    Pulumi makes it possible to declare and
    manage resources for multiple
    infrastructure services in a single Pulumi
    application.
    In this example, we provision an AWS S3
    bucket and use it with a Kubernetes cluster.

    View Slide

  13. This box is to provide a consistent background for variable
    width code snippets.
    Build and Share Reusable
    Components
    Compose resources into an architecture that
    fits your company’s requirements and then
    share that across teams.
    Reusability
    13
    Pulumi applications are real software
    projects that can be re-distributed through
    typical package managers.
    In this example, we provision a Jenkins cluster
    from a module from our internal software
    repository.

    View Slide

  14. This box is to provide a consistent background for variable
    width code snippets.
    Enable Advanced
    DevOps Strategies
    Advanced Orchestration
    14
    Pulumi enables previously difficult or
    impossible deployment scenarios for
    real-world Kubernetes environments.
    In this example, we check Prometheus for
    healthy metrics before proceeding to deploy to
    our Production cluster.
    Incorporate data from monitoring services into
    deployment procedures.

    View Slide

  15. Use familiar frameworks and
    techniques to test infrastructure
    Test Driven Infrastructure
    15
    Teams can perform unit, integration, and
    runtime testing, fully integrated into your
    development and CI/CD workflows.
    No need to master a new set of tools -- reuse
    what you and your team already knows.
    PULUMI CONFIDENTIAL

    View Slide

  16. Secrets Management
    Built-in encrypted secrets management and configuration.
    $ pulumi config set --secret dbPassword 2u%^JAEf*L6.?2}G
    Easy to store and use deployment-time secrets safely.
    Strong encryption for all state, ensuring secrets won’t leak.
    Use built-in Pulumi KMS, or choose seamless integration from leading providers.
    16
    KMS
    PULUMI CONFIDENTIAL

    View Slide

  17. 17

    View Slide

  18. 18
    pulumi login --cloud-url s3://my-bucket

    View Slide

  19. Organizations, Projects, and Stacks
    19
    Org: acme-corp
    Project: vpc
    Stack: dev
    env: dev
    region: us-east-1
    Stack: prod
    env: prod
    region: us-west-2
    Project: k8s-cluster
    Stack: dev
    env: dev
    region: us-east-1
    Stack: prod
    env: prod
    region: us-west-2
    Project: svc-userprofile
    Stack: dev
    env: dev
    region: us-east-1
    Stack: prod
    env: prod
    region: us-west-2
    Project: svc-email
    Stack: dev
    env: dev
    region: us-east-1
    Stack: prod
    env: prod
    region: us-west-2

    View Slide

  20. Demo time!
    Let’s program the cloud!
    20

    View Slide

  21. In Conclusion
    The Easiest Way to Program the Cloud

    View Slide

  22. Thank You
    https://www.pulumi.com/
    [email protected]
    @Stack72
    22

    View Slide