2. Swaminathan Vetri
Architect @ Maersk Technology Center
Microsoft MVP – Developer Technologies
Organizer – BDotNet & Xhackers
svswaminathan
svswaminathan
swaminathanvetri.in
Swaminathanvetri
Photography, Blogging, Home automation
@svswaminathan | swaminathanvetri.in
3. Agenda
• What is Infrastructure as Code (IaC)
• What is Pulumi ?
• Why Pulumi ?
• Pulumi Core Concepts
• How Pulumi works ?
• Pulumi vs others
• Demo
@svswaminathan | swaminathanvetri.in
4. Infrastructure as Code (IaC)
• What ?
• Bring software best practices to
infrastructure management
• Provide collaboration to developers
on infrastructure changes
• Track changes from code commit to
deployment
• Why ?
• Replace manual error-prone
changes with automation
• Decrease time-to-market for new
applications and ongoing
maintenance
• Bring safety and predictability to
infrastructure
@svswaminathan | swaminathanvetri.in
5. Modern Infrastructure as Code
Create, Deploy, and Manage Infrastructure, on Any
Cloud, Using Any Language
6. The Pulumi Platform
DEFINE CLOUD INFRASTRUCTURE in your favorite general purpose language
REVIEW, TEST, AND VERSION cloud apps and infrastructure using familiar software engineering
techniques
ONE CONTINUOUS DELIVERY WORKFLOW on any cloud — public, private, or hybrid
ENFORCE POLICIES AND BEST PRACTICES with support for teams, policies, and controls
ELIMINATE SILOS BETWEEN DEV/SEC/OPS, using common languages, tools, and workflows
7. Pulumi: Use Cases
CONTAINERS
Deploy container-
based apps into any
cloud or cloud native
infrastructure, from
Kubernetes to ACI
KUBERNETES
Target on-premises or
cloud-based
Kubernetes services to
provision clusters, and
create, deploy, and
manage apps.
INFRASTRUCTURE
Managed cloud services
and infrastructure,
continuously deployed
and configured in a
robust and compliant
manner.
SERVERLESS
Easy and scalable
websites, event
streaming, and
processing with multi-
cloud microservices.
9. Programming
model
• Real programming languages
• Python, JS, TS, .NET (C#, F#, VB), Go
• Program Structure
• Program Project Stack
@svswaminathan | swaminathanvetri.in
10. Project
• Pulumi.yaml defines the
project.
• Name
• Runtime
• Description
• Config
• Backend
@svswaminathan | swaminathanvetri.in
11. Stack
• Every program is deployed to a Stack
• Isolated, Independently configurable instance
of a program
• Denotes different phase/environment like dev,
staging, prod etc.,
@svswaminathan | swaminathanvetri.in
12. Configuration & Secrets
• Configuration
• Configurations are stack
specific
• Key-Value pairs
• Managed via CLI &
Programming model
• Secrets
• Built-in secrets store for
storing sensitive config values
• Per Stack encryption
mechanism
• Supports Custom Encryption
Providers – AWS, Azure,
GCP, HashiCorp
@svswaminathan | swaminathanvetri.in
13. State & Backends
• State
• Current state of the infra
• Every infra update request
diffs against the current state
vs desired state
• Backends
• Backends maintains State
• Pulumi service backend
• Self managed backend
• Local
• Cloud Storage
@svswaminathan | swaminathanvetri.in
15. How Pulumi Works
?
• Courtesy :
https://www.pulumi.com/docs/intr
o/concepts/how-pulumi-works/
@svswaminathan | swaminathanvetri.in
16. Other
Features/Benefits
• Pulumi Console (app.pulumi.com)
• Unit Testing/Integration Testing
• Policy as Code
• Continuous Delivery Workflow
• Variety of Providers –
Cloud/Database/Monitoring/Infrastructure
• Flexible hosting options
@svswaminathan | swaminathanvetri.in
17. Pulumi Terraform ARM
Language
JavaScript, TypeScript,
Python, Go
Custom Language JSON
Clouds Public, Private, Hybrid Public, Private, Hybrid Azure only
Kubernetes Yes Limited No
Docker Workflows Yes Limited No
Easy Serverless Yes No No
Test Driven
Development
Yes No No
Policy as Code Yes / Open Source Proprietary No
Open Source Yes Yes No
Pulumi, ARM, Terraform Comparison
18. Deploy Code from/to Anywhere
SOURCE
CODE
LANGUAGES CI/CD ENVIRONMENT
S
Infrastructure as Code
Applications
Any Language