Two questions I have I am using pulumi to provision azure st Pulumi Community #getting-started

Two questions I have. I am using pulumi to provisi...

witty-vegetable-61961

07/20/2023, 1:46 PM

Two questions I have. I am using pulumi to provision azure storage accounts (amongst other resources). My app will also be provisioning containers in these storage accounts). So when Pulumi next interacts with these storage accounts, it would want to delete these containers? How can I tell it to ignore this. Also, if I use pulumi to lock resource groups how does pulumi handle this if the resource group needs recreating?

stocky-restaurant-98004

07/20/2023, 2:40 PM

Are you deleting the storage containers from your program?

salmon-account-74572

07/20/2023, 2:41 PM

Are you able to share the relevant portions of your Pulumi program? To @stocky-restaurant-98004’s point, that will help us determine what the expected behavior should be.

witty-vegetable-61961

07/20/2023, 2:43 PM

The app will create containers using sdks. As pulumi wouldn't have created this wouldn't it delete it? Both questions are actually hypothetical but things I will be doing in the future

stocky-restaurant-98004

07/20/2023, 3:04 PM

Pulumi has a Docker provider that can create containers for you FYI. But with an IaC tool, you'll want the entire lifecycle of the resource to be controlled by IaC. If you never want something deleted, Pulumi has an option that will enable this behavior: https://www.pulumi.com/docs/concepts/options/retainondelete/ A common use case for retainOnDelete would be any persistent storage in your production environment (object storage, prod DB, etc.)

stocky-restaurant-98004

07/20/2023, 3:05 PM

Because Pulumi uses real programming languages you can easily conditionally set

retainOnDelete

, e.g. if the stack name is "prod".

witty-vegetable-61961

07/20/2023, 3:05 PM

Ah this is containers in azure storage account not docker:)

stocky-restaurant-98004

07/20/2023, 3:06 PM

Are you storing the containers in a container registry?

stocky-restaurant-98004

07/20/2023, 3:06 PM

IDK about Azure storage, but s3 buckets will not delete if there's items in the bucket (unless you set

forceDestroy: true

. Azure storage may behave similarly.

clever-sunset-76585

07/20/2023, 3:39 PM

@witty-vegetable-61961 you can create a storage account container using Pulumi instead of the SDK, which would mean that Pulumi will manage the storage account and the containers within it. Is there a reason you would want to create them through the Azure SDK and not use Pulumi?

witty-vegetable-61961

07/20/2023, 4:49 PM

Yeah that can work fine, I am happy to use that. However, how would Pulumi update the state file, it must need the project name to update state?

little-library-54601

07/20/2023, 6:39 PM

I use Azure storage accounts and blob containers for Pulumi state, i.e. the output of

pulumi whoami -v

Backend URL: azblob://{storage-containername}

I create that storage account and blob container with a separate Pulumi project altogether (I call it the "bootstrap-state" project). And for that "bootstrap" project I use local file system state. I've never had to run the bootstrap project more than once. And I put the state "stuff" under the root of that bootstrap project so that it's in git. FWIW.

Open in Slack

Previous Next