https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • l

    late-beach-61374

    06/18/2018, 3:43 PM
    cool, thank you very much, back on track and checking things out
    🚀 2
  • b

    bright-vase-36130

    06/18/2018, 4:26 PM
    I'd love to see some Kubernetes examples, can you point me at some?
    m
    • 2
    • 1
  • a

    adamant-restaurant-73893

    06/18/2018, 9:16 PM
    This week's Pulumi live stream is at 11am PDT, Wednesday 20th June, where @white-balloon-205 will walk through an introduction to multi-cloud with Pulumi. Hope to see you there.

    https://www.youtube.com/watch?v=Mt7Sr4_5TBk▾

    w
    m
    +2
    • 5
    • 7
  • s

    sparse-helmet-62296

    06/19/2018, 5:08 AM
    Pulumni feels like nixops w/extended scope past operating system deployment. Lambda over SaaS/IaaS/PaaS. Very interesting. Big fan of nix.

    https://youtu.be/tl9I-R83lKo▾

  • s

    sparse-helmet-62296

    06/19/2018, 7:54 AM
    https://twitter.com/GeoffreyHuntley/status/1008981162813939712?s=19
  • s

    sparse-helmet-62296

    06/19/2018, 7:54 AM
    🚢 https://noyaml.com is now a thing. 🚢
    🎉 1
  • q

    quick-football-95839

    06/19/2018, 10:07 AM
    Great project, thanks for shipping this! My company has been developing(and using) a project extremely similar to Pulumi - which we're planning to open-source - because there wasn't anything else out there. A question that'll help us decide whether to push ahead or get behind Pulumi: The tool seems to be tied to your platform. Is there any way we can configure a generic object store for checkpoint state?
    👍 2
    b
    b
    s
    • 4
    • 4
  • s

    stocky-spoon-28903

    06/19/2018, 2:11 PM
    That is a question I had too. Having something that isn't the local filesystem out the box is definitely valuable, but only having a service is a non-starter, not least because sensitive data ends up in state unless you're doing something with the Terraform providers to prevent that.
  • g

    green-pager-56999

    06/19/2018, 7:16 PM
    dotnetwhen
    b
    a
    +2
    • 5
    • 15
  • b

    blue-answer-29496

    06/20/2018, 4:01 AM
    Is it possible to use code to lookup references to existing infrastructure?
  • w

    white-balloon-205

    06/20/2018, 4:05 AM
    @blue-answer-29496 Yes - there are a variety of
    .getXYZ
    function available in the libraries which can be used to lookup existing resources. See for example https://pulumi.io/reference/pkg/nodejs/@pulumi/aws/ecs/#getCluster. You can see an example of using this sort of API here: https://github.com/pulumi/pulumi-aws-infra/blob/master/nodejs/aws-infra/network.ts#L94.
  • b

    blue-answer-29496

    06/20/2018, 4:08 AM
    Nice
  • b

    blue-answer-29496

    06/20/2018, 4:10 AM
    Can I create an EKS cluster and configure all my Kubernetes services currently or are there gaps
  • w

    white-balloon-205

    06/20/2018, 4:13 AM
    Yes - you can. EKS in particular is a bit of a beast to set up - but @microscopic-florist-22719 spent a bit of time on this last week and was planning on posting an example that can deploy a full EKS setup with a single
    pulumi update
    soon. Once you have that, you can deploy any Kubernetes services you want onto it easily by using
    @pulumi/kubernetes
    .
    👍 1
    b
    • 2
    • 2
  • b

    blue-answer-29496

    06/20/2018, 4:15 AM
    Sorry for all the questions. 😀 Is the idea for the cloud objects that they will eventually be like a lowest common denominator abstraction that works across clouds?
  • w

    white-balloon-205

    06/20/2018, 4:21 AM
    The
    @pulumi/cloud
    library in particular is designed to be high-level abstractions which could be created on multiple different cloud platforms. But that's just one kind of library that can be built. Things like
    @pulumi/aws-serverlesss
    and
    @pulumi/aws-infra
    provide helpful higher level abstractions that are still specific to AWS but making common patterns much easier to use.
    b
    b
    s
    • 4
    • 7
  • w

    white-balloon-205

    06/20/2018, 4:22 AM
    We have an implementation of
    @pulumi/cloud
    for AWS currently, and are starting to work on Azure and GCP. If others are interested in helping there - let us know!
  • b

    blue-answer-29496

    06/20/2018, 4:35 AM
    I have an open source application (Exceptionless) that I host but also people self host the application. I’m considering creating a Pulumi script to install it instead of a Helm chart, but I’m not sure if that’s good idea or not. What are your thoughts?
  • w

    white-balloon-205

    06/20/2018, 4:40 AM
    Sounds like a great place to use Pulumi! We've done a few ports of Helm charts ourselves as examples, and in general it's really simple to do, but then gives you a lot of flexibility in how you factor and reuse components. One example of this I really like is https://github.com/pulumi/examples/tree/master/kubernetes-ts-jenkins, which ultimately factors out the details of the Jenkins Helm chart into a resuable component which can be combined with other components into a larger application - and used with just:
    import * as pulumi from "@pulumi/pulumi";
    import * as jenkins from "./jenkins";
    
    const config = new pulumi.Config("jenkins");
    const instance = new jenkins.Instance("jenkins", {
        name: "jenkins",
        credentials: {
            username: config.require("username"),
            password: config.require("password"),
        },
        resources: {
            memory: "512Mi",
            cpu: "100m",
        }
    });
    /cc also @creamy-potato-29402 who has been doing a bunch of work in this area and probably has more thoughts as well.
    b
    • 2
    • 2
  • b

    blue-answer-29496

    06/20/2018, 4:45 AM
    Yeah I really love the idea of using code over yaml! I’m gonna try.
  • s

    stocky-spoon-28903

    06/20/2018, 4:47 AM
    Is there a way to forcibly delete a project via the web UI? I accidentally removed the files locally when playing around and now have a bunch of orphaned stuff. The actual resources in AWS I deleted manually, though.
    w
    b
    +2
    • 5
    • 7
  • b

    big-soccer-75859

    06/20/2018, 2:19 PM
    How does Pulumi handle configuring runtime environment variables? I couldn't find anything specific in the docs for this. I'm thinking specifically about the serverless side of things, but I guess it's not just limited to that.
  • b

    big-soccer-75859

    06/20/2018, 2:21 PM
    Nevermind I just found this https://pulumi.io/reference/config.html#config-stack
  • b

    big-soccer-75859

    06/20/2018, 2:22 PM
    Which leads to the next question, is there any way I could send runtime variables & secrets to a cloud specific storage option such as AWS Secrets Manager and then use that instead so that I'm not having decrypted secrets lying around in cloudformation stacks?
  • b

    big-soccer-75859

    06/20/2018, 2:24 PM
    It'd be even better if that could be automated and if I could specify shims for my functions to auto-decrypt those on function startup
  • b

    big-piano-35669

    06/20/2018, 3:45 PM
    We have planned to make this pluggable, so you can use AWS Secrets Manager, Vault, etc. for secrets management, but have not yet done so. Note that if you run
    pulumi config set ... --secret
    , we will encrypt that config value using KMS, and a stack-specific application key, and store the encrypted result instead of plaintext. This is clearly weaker than storing in one of the above systems and doing decryption as late as possible at runtime, with full auditing of all accesses, but it is good enough for some users and some classes of passwords, tokens, and the like. I couldn't find the work item on our side to make this pluggable, so just filed https://github.com/pulumi/pulumi/issues/1547. This has come up twice in the past 24 hours, so I suspect we'll want to get this on the roadmap (...which we'll be publishing next week, by the way.)
    👍 1
  • w

    white-balloon-205

    06/20/2018, 3:49 PM
    Note also that you can of course already use those existing systems like AWS Secrets Manager or Vault directly from within Pulumi, instead of using Pulumi
    config
    settings. And in fact this is a place where you can really benefit from infra + code being managed together to provision and configure the Secrets Manager along with the code that uses secrets from it. The work @big-piano-35669 is referring to is to make this sort of workflow something you can use directly from the Pulumi config system, which will make it easier - but it's absolutely possible to use any of these systems with Pulumi today.
    b
    • 2
    • 1
  • s

    stocky-spoon-28903

    06/20/2018, 3:57 PM
    Is the AWS provider using Cloudformation underneath? I didn’t spot that but now the question from @big-soccer-75859 has me thinking!
  • b

    big-soccer-75859

    06/20/2018, 3:58 PM
    I just assumed haha
  • b

    bitter-oil-46081

    06/20/2018, 3:58 PM
    No, it uses terraform’s AWS provider. We have tool called tfbridge that adapts a terraform provider to the interface the engine expects.
Powered by Linen
Title
b

bitter-oil-46081

06/20/2018, 3:58 PM
No, it uses terraform’s AWS provider. We have tool called tfbridge that adapts a terraform provider to the interface the engine expects.
View count: 3