Pulumi is a Modern Infrastructure as Code (IaC) to create, deploy, and manage infrastructure on any cloud using familiar programming languages and tools.
Pulumi can generate Kubernetes manifests that easily integrate into existing CI/CD workflows with your familiar programming languages.
This article is about how to use Pulumi and Go SDK to manager Namespace and Deployment within Kubernetes (K8S).
Aside from easily templating configuration across resources, using a familiar programming language allows you to write and consume libraries, and easily mix in infrastructure configuration (e.g., managed database endpoints, object storage, etc.), all in the same program.
Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.
By default, Pulumi will look for a kubeconfig file in the following locations, just like kubectl:
The environment variable: $KUBECONFIG,
Or in current user’s default kubeconfig directory: ~/.kube/config
If the kubeconfig file is not in either of these locations, Pulumi will not find it, and it will fail to authenticate against the cluster. Set one of these locations to a valid kubeconfig file, if you have not done so already.
Create the workspace directory.
1 2 3
$ mkdir -p col-k8s-yaml-gen-example $ cd col-k8s-yaml-gen-example
Pulumi login into local file system.
1 2 3
$ pulumi login file://. Logged in to cloudolife as cloudolife (file://.) or visit https://pulumi.com/docs/reference/install/ for manual instructions and release notes.
Note that CustomResourceDefinition resources need to be applied first, so they are rendered in a separate subdirectory. (This example doesn’t include any CRDs, so the directory is empty). You could deploy the rendered manifests with kubectl like this:
There are two important caveats to note about YAML rendering support:
The YAML-rendered resources are not created on a Kubernetes cluster, so information that is computed server-side will not be available in your program. For example, a Service will not have IP assignments, so attempting to export these values will not work as usual (i.e., the value will be undefined).
Any Secret values will appear in plaintext in the rendered manifests. This includes any values marked as secret in Pulumi. A warning will be printed for any secret values being rendered to YAML, but it is your responsibility to protect the rendered files.