Kubernetes with Pulumi

Kubernetes Superpowers

Pulumi lets you use a single infrastructure as code workflow for managing cloud native resources and infrastructure with software engineering. Eliminate complex YAML, JSON, and DSLs by using your favorite programming languages and automate deployments to AWS, Azure, Google Coud, and 100+ providers.

Get Started Request A Demo

index.ts
__main__.py
main.go
MyStack.cs
Main.java
Pulumi.yaml

import * as pulumi from "@pulumi/pulumi";
import * as kubernetes from "@pulumi/kubernetes";

// Create a K8s namespace.
const devNamespace = new kubernetes.core.v1.Namespace("devNamespace", {
    metadata: {
        name: "dev",
    },
});

// Deploy the K8s nginx-ingress Helm chart into the created namespace.
const nginxIngress = new kubernetes.helm.v3.Chart("nginx-ingress", {
    chart: "nginx-ingress",
    namespace: devNamespace.metadata.name,
    fetchOpts:{
        repo: "https://charts.helm.sh/stable/",
    },
});

import pulumi_kubernetes as kubernetes

# Create a K8s namespace.
dev_namespace = kubernetes.core.v1.Namespace(
    "devNamespace",
    metadata={
        "name": "dev",
    })

# Deploy the K8s nginx-ingress Helm chart into the created namespace.
nginx_ingress = kubernetes.helm.v3.Chart(
    "nginx-ingress",
    kubernetes.helm.v3.ChartOpts(
        chart="nginx-ingress",
        namespace=dev_namespace.metadata["name"],
        fetch_opts=kubernetes.helm.v3.FetchOpts(
            repo="https://charts.helm.sh/stable/",
        ),
    ),
)

package main

import (
    corev1 "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/core/v1"
    "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/helm/v3"
    metav1 "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/meta/v1"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {

        // Create a K8s namespace.
        ns, err := corev1.NewNamespace(ctx, "devNamespace", &corev1.NamespaceArgs{
            Metadata: &metav1.ObjectMetaArgs{
                Name: pulumi.String("dev"),
            },
        })
        if err != nil {
            return err
        }

        // Deploy the K8s nginx-ingress Helm chart into the created namespace.
        _, err = helm.NewChart(ctx, "nginx-ingress", helm.ChartArgs{
            Chart: pulumi.String("nginx-ingress"),
            Namespace: ns.Metadata.ApplyT(func(metadata interface{}) string {
                return *metadata.(*metav1.ObjectMeta).Name
            }).(pulumi.StringOutput),
            FetchArgs: helm.FetchArgs{
                Repo: pulumi.String("https://charts.helm.sh/stable/"),
            },
        })
        if err != nil {
            return err
        }

        return nil
    })
}

using Pulumi;
using Kubernetes = Pulumi.Kubernetes;

class MyStack : Stack
{
    public MyStack()
    {
        // Create a K8s namespace.
        var devNamespace = new Kubernetes.Core.V1.Namespace("devNamespace", new Kubernetes.Types.Inputs.Core.V1.NamespaceArgs
        {
            Metadata = new Kubernetes.Types.Inputs.Meta.V1.ObjectMetaArgs
            {
                Name = "dev",
            },
        });

        // Deploy the K8s nginx-ingress Helm chart into the created namespace.
        var nginx = new Kubernetes.Helm.V3.Chart("nginx-ingress", new Kubernetes.Helm.ChartArgs
        {
            Chart = "nginx-ingress",
            Namespace = devNamespace.Metadata.Apply(x => x.Name),
            FetchOptions = new Kubernetes.Helm.ChartFetchArgs
            {
                Repo = "https://charts.helm.sh/stable/"
            },
        });
    }
}

package com.pulumi.example.infra;

import com.pulumi.Context;
import com.pulumi.Exports;
import com.pulumi.Pulumi;
import com.pulumi.kubernetes.core_v1.Namespace;
import com.pulumi.kubernetes.core_v1.NamespaceArgs;
import com.pulumi.kubernetes.meta_v1.inputs.ObjectMetaArgs;
import com.pulumi.kubernetes.helm.sh_v3.Release;
import com.pulumi.kubernetes.helm.sh_v3.ReleaseArgs;
import com.pulumi.kubernetes.helm.sh_v3.inputs.RepositoryOptsArgs;

public class Main {

    public static void main(String[] args) {
        Pulumi.run(Main::stack);
    }

    private static Exports stack(Context ctx) {
        var devNamespace = new Namespace("devNamespace", NamespaceArgs.builder()
                  .metadata(ObjectMetaArgs.builder()
                            .name("dev")
                            .build())
                  .build());

        var nginxIngress = new Release("nginx-ingress", ReleaseArgs.builder()
                  .chart("nginx-ingress)
                  .namespace(devNamespace.metadata.name)
                  .repositoryOpts(RepositoryOptsArgs.builder()
                            .repo("https://charts.helm.sh/stable/")
                            .build())
                  .build());

        return ctx.exports();
    }
}

name: simple-kubernetes
runtime: yaml
resources:
  devNamespace:
    type: kubernetes:core:Namespace
    properties:
      metadata:
        name: "dev"
  nginxIngress:
    type: kubernetes:helm.sh:Chart
    properties:
      chart: "nginx-ingress"
      namespace: ${devNamespace.metadata.name}
      fetchOpts:
          repo: "https://charts.helm.sh/stable/"

Powering top engineering teams

Cloud Native Engineering with Pulumi

Pulumi streamlines Kubernetes cluster configuration, management, and app workload deployments to your clusters. With Pulumi for Kubernetes you can:

Manage Kubernetes clusters on all major cloud providers.
Increase productivity using the full ecosystem of dev tools such as IDE auto-completion, type & error checking, linting, refactoring, and test frameworks to validate Kubernetes clusters, app workloads, or both.
Automate Kubernetes deployments with CI/CD integrations for Flux, Spinnaker, Octopus, GitHub Actions, GitLab, Azure DevOps and more.
Seamlessly manage both Kubernetes and cloud resources using GitOps with the Pulumi Kubernetes Operator.
Use Kubernetes Server-Side Apply to safely manage shared Kubernetes resources with Pulumi and your existing controllers.

Learn More

Run On Any Cloud
Support for all clouds including Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), DigitalOcean Kubernetes (DOKS), and more, with dozens of integrations with popular infrastructure service providers.
Learn more →
Reduce Provisioning Time
With Pulumi you are able to take advantage of the features of programming languages, helping you reduce boilerplate code and ultimately ship Kubernetes infrastructure and applications faster with greater consistency.
Learn more →
Automate Delivery
You can integrate Pulumi directly with your favorite CI/CD and SCM systems to continuously deliver Kubernetes infrastructure and applications. Improve the velocity and visibility into your deployments from simple to complex global environments.
Learn more →
Smart Architecture
YAML and templated DSLs force you to write the same boilerplate code over and over. Pulumi’s Kubernetes library allows you to codify those patterns and best practices so you can stop reinventing the wheel and start inventing the platforms of the future.
Learn more →
Be Proactive, Not Reactive
When you enable Pulumi's Policy as Code feature, you instantly gain the power to prevent mistakes from being deployed. Enforce security, compliance, cost controls, and best practices using policies defined in modern languages.
Learn more →
Reduce Deployment Complexity
Deploying untested code can lead to some unexpected results. Pulumi lets you take advantage of common tools, frameworks, and techniques to unit, integration, and property test your Kubernetes infrastructure. Ensure your infrastructure is correct before and after deployment.
Learn more →

Continue using the tools you love

Pulumi has first-class support for popular Kubernetes tools, such as Helm, Kustomize, YAML, Secret Managers, Open Policy Agent (OPA), Custom Resource Definitions (CRDs), and Server-Side Apply (SSA).

Learn More

Everything In One Place

Easily make the best use of existing Kubernetes tools such as Helm, and reduce the friction caused by multiple deployment tools and models across complex architectures.

Efficient Adoption

There’s no need to rewrite your existing Kubernetes configurations to get started with Pulumi. You can efficiently adopt existing K8s resources to deploy your application to save time and effort.

Secrets Management

Use Pulumi to ensure secret data is encrypted in transit, at rest, and physically anywhere it gets stored. Bring your own preferred cloud encryption provider or use Pulumi’s native secrets provider.

Pulumi Kubernetes Operator

Deploy both Kubernetes resources and cloud infrastructure from within the Kubernetes resource model using a GitOps workflow. Use Pulumi’s Flux integration and many other CI/CD integrations.

Learn More

Kubernetes Best Practices with Pulumi Crosswalk

Create, deploy, and manage production-ready infrastructure leveraging hosted Kubernetes offerings such as Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), or Google Kubernetes Engine (GKE).

Learn More

Day 2 and Beyond

By using Pulumi Crosswalk for Kubernetes, you can benefit from tried-and-true “Day Two and beyond” integrations and playbooks, improving your infrastructure security, manageability, and cost effectiveness.

Accessible Kubernetes

Through Pulumi’s Crosswalk for Kubernetes library extensions, the authorship experience has improved to make the Kubernetes API more accessible and approachable to operators and developers of all backgrounds.

Focus on Delivering Value

With Pulumi you’ll focus more on functionality and business logic of your Kubernetes infrastructure and applications, and less on low-level implementation details.

Avoid Pitfalls

Discover solutions to the hardest Kubernetes problems to avoid mitigating pitfalls around infrastructure, security, governance, reliability, and maintainability of the K8s cluster, its workloads, and underlying resources.

Learn More