Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
b
bumpy-summer-9075
04/07/2021, 3:57 PMDesign question; I have some infrastructure that is going to be quite re-used, for instance I'll have a single VPC for many "stacks". In Terraform I would probably have things like VPC, route53 zones, etc. defined in the root, and "sub-projects" defined as modules with ids as input. In pulumi I'm not sure what the best approach would be.
⢠I could have a stack that creates the common infrastructure and other stacks that refer to its resources using stack reference
⢠I could a single stack with everything combined (and using typescript features to split into logical folders/files)
⢠I could create a component resource that encapsulates "child projects"
Any thoughts?
g
green-musician-49057
04/07/2021, 4:01 PMI asked a similar question last week and the recommendations were to have multiple Pulumi projects for these different modules
And from there, we're looking at using Pulumi's Automation API to loosely couple the infra projects together
b
billowy-army-68599
04/07/2021, 4:17 PMIn this particular case, I'd do the following:
- define the VPC as its own project, output the VPC id as a stack output
- encapsulate the rest of your logic into component resources with an input arg of VPC id
- you can then either 1) grab the vpc id as a stack output or 2) use
vpc.get()⨠1
it gives you a lot of flexibility
my usual advice is to group projects together logically using considerations of "rate of change" or "blast radius" as a consideration. What I mean by that is, if you have a shared VPC for a lot of different stuff, that is likely to change a lot less than the things that live inside it, so it's useful to decouple them into different proijects
b
bumpy-summer-9075
04/07/2021, 5:05 PMMakes sense, thanks a lot @green-musician-49057 & @billowy-army-68599!
The only downside of this is that the subproject is not independant; if I were to start from scratch, but it's a very minor problem compared to the upsides
b
billowy-army-68599
04/07/2021, 5:06 PMcan you elaborate on that a little? not quite followingh
b
bumpy-summer-9075
04/07/2021, 5:31 PMLet's say I have two stacks:
commons3-websites3-websiteb
billowy-army-68599
04/07/2021, 5:33 PMahhh got it, yeah I'm following now
yeah that is a trade off, but I think you'll find the pros outweigh the cons đ
b
bumpy-summer-9075
04/07/2021, 5:34 PMFor sure! And the fact that it will break if the
commonb
billowy-army-68599
04/07/2021, 5:37 PMyou can even
throwâ¤ď¸ 1
b
bumpy-summer-9075
04/07/2021, 5:39 PMdamn that's true! It's cleaner than the way I used to "throw" in TF haha:
locals {
# Abusing the 'file' function to fail if the specified environment does not match the workspace
assert_environment_matches_workspace = terraform.workspace != var.environment ? file("ERROR: Environment needs to match the workspace") : null
}