Infrastructure Management for Kubernetes

Kubernetes Superpowers

Pulumi empowers organizations to automate Kubernetes applications, clusters, and entire cloud environments through code, tame secrets sprawl through centralized secrets management, and manage cloud assets and compliance with the help of AI. Pulumi encourages infrastructure, platform, development, DevOps, and security teams to collaborate and accelerates time to market with greater control and minimized risk.

import * as pulumi from "@pulumi/pulumi";
import * as kubernetes from "@pulumi/kubernetes";

// Create a K8s namespace.
const devNamespace = new kubernetes.core.v1.Namespace("devNamespace", {
    metadata: {
        name: "dev",
    },
});

// Deploy the K8s nginx-ingress Helm chart into the created namespace.
const nginxIngress = new kubernetes.helm.v3.Chart("nginx-ingress", {
    chart: "nginx-ingress",
    namespace: devNamespace.metadata.name,
    fetchOpts:{
        repo: "https://charts.helm.sh/stable/",
    },
});
import pulumi_kubernetes as kubernetes

# Create a K8s namespace.
dev_namespace = kubernetes.core.v1.Namespace(
    "devNamespace",
    metadata={
        "name": "dev",
    })

# Deploy the K8s nginx-ingress Helm chart into the created namespace.
nginx_ingress = kubernetes.helm.v3.Chart(
    "nginx-ingress",
    kubernetes.helm.v3.ChartOpts(
        chart="nginx-ingress",
        namespace=dev_namespace.metadata["name"],
        fetch_opts=kubernetes.helm.v3.FetchOpts(
            repo="https://charts.helm.sh/stable/",
        ),
    ),
)
package main

import (
    corev1 "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/core/v1"
    "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/helm/v3"
    metav1 "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/meta/v1"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {

        // Create a K8s namespace.
        ns, err := corev1.NewNamespace(ctx, "devNamespace", &corev1.NamespaceArgs{
            Metadata: &metav1.ObjectMetaArgs{
                Name: pulumi.String("dev"),
            },
        })
        if err != nil {
            return err
        }

        // Deploy the K8s nginx-ingress Helm chart into the created namespace.
        _, err = helm.NewChart(ctx, "nginx-ingress", helm.ChartArgs{
            Chart: pulumi.String("nginx-ingress"),
            Namespace: ns.Metadata.ApplyT(func(metadata interface{}) string {
                return *metadata.(*metav1.ObjectMeta).Name
            }).(pulumi.StringOutput),
            FetchArgs: helm.FetchArgs{
                Repo: pulumi.String("https://charts.helm.sh/stable/"),
            },
        })
        if err != nil {
            return err
        }

        return nil
    })
}
using Pulumi;
using Kubernetes = Pulumi.Kubernetes;

class MyStack : Stack
{
    public MyStack()
    {
        // Create a K8s namespace.
        var devNamespace = new Kubernetes.Core.V1.Namespace("devNamespace", new Kubernetes.Types.Inputs.Core.V1.NamespaceArgs
        {
            Metadata = new Kubernetes.Types.Inputs.Meta.V1.ObjectMetaArgs
            {
                Name = "dev",
            },
        });

        // Deploy the K8s nginx-ingress Helm chart into the created namespace.
        var nginx = new Kubernetes.Helm.V3.Chart("nginx-ingress", new Kubernetes.Helm.ChartArgs
        {
            Chart = "nginx-ingress",
            Namespace = devNamespace.Metadata.Apply(x => x.Name),
            FetchOptions = new Kubernetes.Helm.ChartFetchArgs
            {
                Repo = "https://charts.helm.sh/stable/"
            },
        });
    }
}
package com.pulumi.example.infra;

import com.pulumi.Context;
import com.pulumi.Exports;
import com.pulumi.Pulumi;
import com.pulumi.kubernetes.core_v1.Namespace;
import com.pulumi.kubernetes.core_v1.NamespaceArgs;
import com.pulumi.kubernetes.meta_v1.inputs.ObjectMetaArgs;
import com.pulumi.kubernetes.helm.sh_v3.Release;
import com.pulumi.kubernetes.helm.sh_v3.ReleaseArgs;
import com.pulumi.kubernetes.helm.sh_v3.inputs.RepositoryOptsArgs;

public class Main {

    public static void main(String[] args) {
        Pulumi.run(Main::stack);
    }

    private static Exports stack(Context ctx) {
        var devNamespace = new Namespace("devNamespace", NamespaceArgs.builder()
                  .metadata(ObjectMetaArgs.builder()
                            .name("dev")
                            .build())
                  .build());

        var nginxIngress = new Release("nginx-ingress", ReleaseArgs.builder()
                  .chart("nginx-ingress)
                  .namespace(devNamespace.metadata.name)
                  .repositoryOpts(RepositoryOptsArgs.builder()
                            .repo("https://charts.helm.sh/stable/")
                            .build())
                  .build());

        return ctx.exports();
    }
}
name: simple-kubernetes
runtime: yaml
resources:
  devNamespace:
    type: kubernetes:core:Namespace
    properties:
      metadata:
        name: "dev"
  nginxIngress:
    type: kubernetes:helm.sh:Chart
    properties:
      chart: "nginx-ingress"
      namespace: ${devNamespace.metadata.name}
      fetchOpts:
          repo: "https://charts.helm.sh/stable/"

Powering top engineering teams

Cloud Native Engineering with Pulumi

Pulumi Infrastructure as Code (IaC) streamlines Kubernetes cluster configuration, management, and app workload deployments to your clusters. With Pulumi for Kubernetes you can:

  • Manage Kubernetes clusters on all major cloud providers.
  • Increase productivity using the full ecosystem of dev tools such as IDE auto-completion, type & error checking, linting, refactoring, and test frameworks to validate Kubernetes clusters, app workloads, or both.
  • Automate Kubernetes deployments with CI/CD integrations for Flux, Spinnaker, Octopus, GitHub Actions, GitLab, Azure DevOps and more.
  • Seamlessly manage both Kubernetes and cloud resources using GitOps with the Pulumi Kubernetes Operator.
  • Use Kubernetes Server-Side Apply to safely manage shared Kubernetes resources with Pulumi and your existing controllers.
Run On Any Cloud

Support for all clouds including Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), DigitalOcean Kubernetes (DOKS), and more, with hundreds of integrations with popular infrastructure service providers.

Learn more
Intelligent Cloud Management

Gain security, compliance, and cost insights into the entirety of an organization’s Kubernetes applications and cloud assets and automatically remediate issues through AI-powered workflows.

Learn more
Automate Delivery

You can integrate Pulumi directly with your favorite CI/CD systems and testing frameworks to continuously deliver Kubernetes infrastructure and applications. Improve the velocity and visibility into your deployments from simple to complex global environments.

Learn more
Smart Architecture

YAML and templated DSLs force you to write the same boilerplate code over and over. Pulumi’s Kubernetes library allows you to codify those patterns and best practices so you can stop reinventing the wheel and start inventing the platforms of the future.

Learn more
Be Proactive, Not Reactive

When you enable Pulumi’s Policy as Code feature, you instantly gain the power to prevent mistakes from being deployed. Enforce security, compliance, cost controls, and best practices using policies defined in modern languages.

Learn more
Centralize Secrets

Pulumi ESC is integrated with External Secrets Operator (ESO), enabling the passing of secrets from ESC directly as environment variables of applications running in Kubernetes.

Learn more

Continue using the tools you love

Pulumi has first-class support for popular Kubernetes tools, such as Helm, Kustomize, YAML, Secret Managers, Open Policy Agent (OPA), Custom Resource Definitions (CRDs), and Server-Side Apply (SSA).

Everything In One Place

Easily make the best use of existing Kubernetes tools such as Helm, and reduce the friction caused by multiple deployment tools and models across complex architectures.

Efficient Adoption

There’s no need to rewrite your existing Kubernetes configurations to get started with Pulumi. You can efficiently adopt existing K8s resources to deploy your application to save time and effort.

Secrets Management

Use Pulumi to ensure secret data is encrypted in transit, at rest, and physically anywhere it gets stored. Bring your own preferred cloud encryption provider or use Pulumi’s native secrets provider.

Pulumi Kubernetes Operator

Deploy both Kubernetes resources and cloud infrastructure from within the Kubernetes resource model using a GitOps workflow. Use Pulumi’s Flux integration and many other CI/CD integrations.

AI-powered Kubernetes Management

Pulumi Copilot, an AI-powered assistant, makes discovering cost savings, running compliance checks, and debugging deployments across your Kubernetes resources as easy as typing a question.

Discover Cost Savings

Pulumi Copilot can access infrastructure stack and resource data, so you can analyze the cost of your infrastructure and reclaim cloud waste.

Run Compliance Checks

Pulumi Copilot leverages knowledge about compliance frameworks to analyze your infrastructure and check for policy compliance.

Debug Cloud Failures

Pulumi Copilot can access update and deployment logs of your stacks as well as access history, logs, and runtime metrics, so you can easily debug deployment and infrastructure failures.

Stay Secure

Pulumi Copilot combines Pulumi’s supergraph of your cloud infrastructure and knowledge about security best practices to identify security violations and and detect anomalous activity.

Pulumi In Action

Watch how easy it is to set up Amazon Elastic Kubernetes Service (EKS) in 5 minutes with Pulumi.

Get Started with Pulumi

Use Pulumi's open source SDK to create, deploy, and manage infrastructure on any cloud.

AWS
Azure
Google Cloud
Kubernetes

Need Help?

Need technical help?

Use our Support Portal to get in touch.

Need help getting started?

Send us a note, and someone will reach out to help you.

Want a demo?

Talk with an expert to see how Pulumi fits your use case.

Something else on your mind?

Send us a note.