Architect AWS Application Infrastructure

Paul Stack Paul Stack
Architect AWS Application Infrastructure

In this post, we will talk about the best way to architect your Pulumi applications. We are going to build out the following infrastructure in AWS:

  • AWS Fargate service that does not serve traffic directly
  • AWS ALB as the entry point to the Fargate Service
  • AWS RDS Instance that is stored in a separate network from the Application and does not service traffic directly from the internet

To do this, we are going to split the infrastructure into two AWS VPCs. One VPC will be used for the application based resources (e.g Fargate Service, ALB) and the other VPC will be for the database resources. The VPCs will be peered to allow communication between them so that the application can communicate with the database securely.

Read more →

Azure Functions on Kubernetes with KEDA

Mikhail Shilkov Mikhail Shilkov
Azure Functions on Kubernetes with KEDA

Azure Functions is a managed service for serverless applications in the Azure cloud. More broadly, Azure Functions is a runtime with multiple hosting possibilities. KEDA (Kubernetes-based Event-Driven Autoscaling) is an emerging option to host this runtime in Kubernetes.

In the first part of this post, I compare KEDA with cloud-based scaling and outline the required components. In the second part, I define infrastructure as code to deploy a sample KEDA application to an Azure Kubernetes Service (AKS) cluster.

The result is a fully working example and a high-level idea of how it works. Kubernetes expertise is not required!

Read more →

Manage DigitalOcean Kubernetes Clusters and Workloads

Joe Duffy Joe Duffy
Manage DigitalOcean Kubernetes Clusters and Workloads

We recently partnered with DigitalOcean to publish a new tutorial, How to Manage DigitalOcean and Kubernetes Infrastructure with Pulumi. This short tutorial walks you through provisioning a new DigitalOcean Kubernetes cluster, deploying an application to it, and then assigninging a stable domain name to your application’s load balancer — all in a handful of lines of infrastructure as code.

By using infrastructure as code to provision and update your infrastructure, it’s easy to create new environments, modify or scale existing ones, or automate your deployments using continuous delivery. This approach also ensures that deployments are reliable and repeatable, and can even standardize how you deploy code to different cloud providers, including DigitalOcean, AWS, Azure, GCP, and others.

Read more →

Run Your Own RSS Server on AWS with Pulumi

Christian Nunciato Christian Nunciato
Run Your Own RSS Server on AWS with Pulumi

Some of the code in this post is out of date. See the AWS guides for an updated overview and examples.

It’s been a few years since Google shut down Google Reader, and while a number of nice commercial alternatives have sprung in its wake, none of them has ever been quite the right fit for me personally.

So a while back, after far too much time spent wandering the blogsphere manually, typing URLs into address bars by hand, I decided to go looking to see whether the universe had produced an open-source solution to this problem — and to my surprise and delight, it had! Miniflux is an excellent little open-source RSS server and reader, written in Go and backed by PostgreSQL, that also happens to be packaged as a Docker container. So in this post, I’ll show how easy it is to deploy a Miniflux server of your own on AWS, using only Pulumi and a few lines of TypeScript.

Read more →

Infrastructure as Code Resource Naming

Eric Rudder Eric Rudder
Infrastructure as Code Resource Naming

We’ve introduced a new way to customize or disable auto-naming with a configuration option. See Auto-naming Configuration for more information about all the ways you can customize auto-naming.

“What’s in a name? That which we call a rose by any other name would smell as sweet.” William Shakespeare’s oft repeated quote was used to help Juliet explain that a “Montague” is worthy of love. Juliet may have underestimated the importance of a name, however, since things didn’t work out so well for everyone in Verona! Many customers have questions about “names” in Pulumi – and in an effort to make sure that things work out better for them than they did for Romeo, here’s a quick note on naming!

Read more →

Pulumi 1.0

Joe Duffy Joe Duffy
Pulumi 1.0

This blog post announces Pulumi 1.0, which has been superseded by newer versions. For information about the latest Pulumi release, please refer to the current documentation and recent release notes.

Today we are excited to announce the general availability of Pulumi 1.0. Pulumi is a modern infrastructure as code tool that lets you declare infrastructure using familiar, general-purpose languages, with a SaaS management console for configuring identities, organizations, and related policies. By using familiar languages, developers and operators are able to work better together, sharing and reusing best practices, accomplishing new levels of automation, and unlocking access to ecosystems of existing tools. The 1.0 release is a siginificant milestone for us, our community, and our customers, and signals completeness, stability, and compatibility.

Read more →

Ten Pearls With Azure Functions in Pulumi

Mikhail Shilkov Mikhail Shilkov
Ten Pearls With Azure Functions in Pulumi

In this post, we’ll take a look at 10 “pearls”—bite-sized code snippets—that demonstrate using Pulumi to build serverless applications with Azure Functions and infrastructure as code. These pearls are organized into four categories, each demonstrating a unique scenario:

  • Function App Deployment: Deploy an existing Azure Functions application using infrastructure as code.
  • HTTP Functions as Callbacks: Mix JavaScript or TypeScript functions with your infrastructure definition to produce strongly-typed, self-contained, serverless HTTP endpoints.
  • Cloud Event Handling: Leverage a variety of event sources available to Azure Functions with lightweight event handlers.
  • Data Flows with Function Bindings: Take advantage of function bindings—declarative connectors to Azure services.

Read more →

GitHub & Pulumi Join Forces To Ensure Pulumi Tokens Are Safe

Praneet Loke Praneet Loke
GitHub & Pulumi Join Forces To Ensure Pulumi Tokens Are Safe

We are very excited to announce that we have partnered with GitHub to offer our users better protection for their Pulumi Access Tokens.

By default, Pulumi users manage the state of their cloud infrastructure deployments using https://app.pulumi.com. This service provides state storage, concurrency control, audit history and access controls for both individuals and teams working with Pulumi. Each user and service account can generate one or more Pulumi Access Tokens to be used to authenticate with this service. These access tokens can be used on both local development machines, as well as in CI/CD systems for automated infrastructure deployments. These access tokens are sensitive secrets which should never be shared publicly, and in particular should never be committed to source control.

Read more →

Adopting Existing Cloud Resources into Pulumi

Luke Hoban Luke Hoban
Adopting Existing Cloud Resources into Pulumi

See Migrating From Terraform to Pulumi for updated documentation on migrating from Terraform.

Most cloud infrastructure projects involve working with existing cloud resources — either building on top of existing resources or adopting existing resources under management with a new and more robust infrastructure provisioning solution.

Whether you are adopting resources that were deployed manually using your cloud provider’s console or CLI — or migrating existing infrastructure from tools like Terraform or CloudFormation — Pulumi makes it easy to adopt and manage your existing resources.

Read more →