Introducing DevOps for Developers Pulumi Setup
Transcript from the "Pulumi Setup" Lesson
>> Before we go any step further, can all of you just type in the pulumi command really quickly and tell me if it asks you to log in or create an account? It might ask you to do that. No? Okay, cool, might ask you later, but if it does, it's okay.
[00:00:21] It's free, so it's not that big of a deal. But let's move forward. There's a few things that we have to do to setting up pulumi with Node.js. And I can actually show you the documentation on it as well, let's go to pulumi nodejs get started. Go here and here we go.
[00:00:45] So we've already done the brew install process and we've installed our language runtime. In this sense, it's gonna be TypeScript, right, and we've got Node js. The next thing that it suggests us doing is actually setting up access to our AWS account. We are gonna be using AWS, like I said, so you will wanna make sure that you have some type of credentials that you can connect to.
[00:01:09] And again, I can show you all that in a second so we can get that set up. We don't need to necessarily do this yet, though. We really don't because even though we can set this up and run it, we have other things to be more concerned about right now, which is like how we define these things.
[00:01:23] So we're gonna just go ahead and go forward to Create a New Project. And so what I'm gonna do is I'm going to follow these instructions here, except for I'm just going to do, there we go. [LAUGH] Okay, so project name is gonna be service-directory, Centralized automation for internal services.
[00:01:42] Now, here's where we start getting into the Pulumi stuff, which is pretty fun. Pulumi has this concept of stacks, and basically stacks are your environments. So you'll have like a dev environment or DevStack or ProdStack, whatever. For right now, we're just gonna use dev, so we'll hit Enter.
[00:02:01] And then it's gonna ask us what region we want to deploy it to. I actually want to do us-west-2 because that's where I normally work. And then it's gonna set up my project for me. So actually, as I said, you can just disregard the npm in it, it's gonna take care of all of that with Pulumi new AWS TypeScript.
[00:02:19] So let's all get that setup so that we can move forward. Also, we may have all just throttled the Internet. [LAUGH]
>> It did ask me to log in.
>> Did it?
>> Yeah, once you do the new thing, it asks you to log in.
>> Okay, cool, yeah, so if it asks you to log in, just create an account really easily, it should be entirely free.
[00:02:47] And what's nice about it is if you've ever used Terraform or anything like that, it's basically like Terraform Cloud a bit, where it can help you. And if you wanna see, you can actually go to pulumi.com, Sign in, Email. And so this is what Pulumi Cloud can look like, essentially.
[00:03:15] And here are your stacks. So you'll see all of my stacks here that I've got, and that's what we're gonna do, we're gonna create a stack basically. Yep.
>> So if I'm using Linode or Oracle VM, I'll be able to use Pulumi?
>> Absolutely, yep. Pulumi has what are called providers, and again, if you use Terraform, this is a very similar concept.
[00:03:41] What were the ones again? It was what and what?
>> Linode or Oracle VM.
>> So yep, there you go, there's automation for Linode. And if we go to pulumi oracle, there we go, Oracle Cloud as well. Now, I will be fair, I don't know how far it supports these platforms.
[00:04:05] But I do know that, yes, it at least has beginning. Pulumi is still newer than Terraform. So Terraform's just been around a lot longer, it has support for a lot of other things, but yeah, for example, if you wanted to create an instance, ComputeInstanceAgent, there you go. It's probably this, I don't know, but yeah, you could definitely use Pulumi with it for sure, yeah.
[00:04:29] And we're gonna be using AWS with this actually so. Cool, everybody gets signed up? Yep, cool, awesome. Good, cool. All right, so let's move forward. So now that we've created our stack, you'll notice that it says to performe an initial deployment, run pulumi up. Because you guys haven't gotten your credentials yet or anything like that, which you're more than welcome to if you'd like to, we'll do it in a second, don't worry about it.
[00:04:59] I'm just gonna show you what it looks like from my end, which is really nothing. We're gonna look at our code first before we do that, and so if we see in our code, we'll see that we have a Pulumi.dev. We have a Pulumi.yaml, an index.ts, a package.lock, package.json, and tsconfig, right?
[00:05:18] Let's talk about these first two files here. Well, the first file, Pulumi.dev.yaml, is the actual stack configuration. So Pulumi literally stores your configuration in the source code. And you might say, well, what does that mean for secrets and stuff? Pulumi can actually encrypt secrets and store those in your repository as well.
[00:05:40] So if you've ever found yourself in a circumstance where you're like, I don't know where to keep secrets, or we don't have a really good structured secrets service, you could lean on this. You could basically encrypt your secrets into the config here, and then just whenever it runs, it decrypts them and then injects them into the configuration the way that it needs.
[00:06:00] So for example, if I wanted to store a secret, I could say, pulumi config set, right? hi-chat, right? And then we could say, hello-world, right? Now, if I do this, and then I go back to that, look at that, there's my new option, right? So if we were to take this one step further and lean on the concept of stacks, right, what I could do is I could say, pulumi stack new.
[00:06:35] Or wait, sorry, pulumi stack, I think it might be init. Yeah, and then I'm gonna say, you know what, I actually want a prod one as well. Now, there's nothing there yet because I haven't actually added anything to the configuration. But if I do pulumi stack ls, we'll see I have dev and prod, and you'll see my star is currently on prod.
[00:06:58] So if I go back here and then I save that variable again, but this time, it's hello-world-2. [COUGH] Feature flagging, right, go back in here. Now, in prod, I have hello-world-2, whereas in dev, I have hello-world, right? So this is another reason why Pulumi is really nice, is it kind of is completely out of the box.
[00:07:22] It'll give you secrets for you, it'll give you configuration for you, and it also gives you that automation as well. So for now, we're not gonna worry about prod, I'm just gonna delete it cuz I'm not worried about it, and I'm gonna do pulumi stack select dev, okay?
[00:07:38] Cuz that's what we care about. Now, as I said, it created a whole bunch of boilerplate for us. So before we actually do pulumi up, I'm gonna look at this index.ts. So when you go back into index.ts, what do we have? Well, it would appear that Pulumi decided to put something in there.
[00:07:58] So in the off chance that I would have done pulumi up, I would have seen that it was gonna try and create a random bucket. I have a way of injecting my secrets, so disregard the secrets --, but essentially all you need to really know is that it just injects my secrets directly into the command for me so that I don't accidentally share myself to all of you.
[00:08:19] But if I do the main command, which is aws s3 ls, we should be able to see that, boom, I am actually able to access my buckets and see all that stuff. So what I'm gonna do is I'm just gonna say secrets -- pulumi up. Again, you will just need to do pulumi up and you'll add the environment variables to your show.
[00:08:43] I'm doing this as a security precaution. So, what do we have? Well, we have a output of a link that says View Live, right? And you'll actually notice that it's a full on URL. And if we click on this link, it actually takes us to Pulumi Cloud. This is another thing that's really nice about Pulumi, its runs will synchronize with your account so that you always have a centralized place of accessing this information if you need to later.
[00:09:16] And again, it's very similar like Terraform Cloud in that regard, it is different in the sense that Pulumi does not provide you with runners. Terraform Cloud will actually let you run on their infrastructure with their own runners and stuff like that, Pulumi is essentially just all you, you run it yourself.
[00:09:35] So if we look here, we can see that in my output, I have changes. So you see I have changes proposed, the type of changes in this case, it's gonna be pulumi, Stack Pulumi, the name, service-directory-dev. This is actually my stack. Okay, so I'm creating a new stack, cool, and I'm creating the dev environment for that.
[00:09:58] And then in that environment, you'll notice that I'm creating an aws s3 bucket, my bucket, right? The TLDR on this is that stacks own everything, right, in a given environment. So the idea is that when we create a bucket for the DevStack, it's only going to create it in that environment.
[00:10:20] Until you go to prod and then run it again, it won't ever get created. So let's go back here, and we're gonna actually say no, that we don't wanna do this. Because we've already got a decent understanding of, we know that we can lean on Pulumi for automation.
[00:10:38] We know that we're gonna write it in the language that we want to, and we know that we get the expected result of, okay, cool, if we connect it to our AWS account, we should get some resources.