"keyData": SSHKEY
}
},
service_principal={
"client_id": app.application_id,
"client_secret": sppwd.value
},
agent_pool_profiles=[{
"name": "type1",
"count": 2,
"vmSize": "Standard_B2ms",
}],
)
k8s_provider = Provider(
"k8s",
kubeconfig=aks.kube_config_raw,
)
labels = {"app": "nginx"}
nginx = Deployment(
"k8s-nginx",
spec={
"selector": {
"matchLabels": labels
},
"replicas": 1,
"template": {
"metadata": {
"labels": labels
},
"spec": {
user:
auth-provider:
config:
cmd-args: config config-helper --format=json
cmd-path: gcloud
expiry-key: '{{.credential.token_expiry}}'
token-key: '{{.credential.access_token}}'
name: gcp
""".format(
info[2]["clusterCaCertificate"],
info[1],
"{0}_{1}_{2}".format(project, zone, info[0]),
))
# Make a Kubernetes provider instance that uses our cluster from above.
k8s_provider = Provider("gke_k8s", kubeconfig=k8s_config)
# Create a canary deployment to test that this cluster works.
labels = {"app": "canary-{0}-{1}".format(get_project(), get_stack())}
canary = Deployment(
"canary",
spec={
"selector": {
"matchLabels": labels
},
"replicas": 1,
"template": {
"metadata": {
"labels": labels
},
"spec": {
import pulumi
from pulumi import Config, ResourceOptions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
config = Config()
namespace = config.get("namespace") or "default"
provider = Provider("kubernetes", namespace=namespace)
app_labels = {"app": "nginx"}
deployment = Deployment(
"nginx",
spec={
"selector": {"match_labels": app_labels},
"replicas": 1,
"template": {
"metadata": {"labels": app_labels},
"spec": {"containers": [{"name": "nginx", "image": "nginx"}]},
},
},
opts=ResourceOptions(provider=provider),
)
pulumi.export("name", deployment.metadata["name"])
config = Config()
node_count = config.get_float("nodeCount") or 3
app_replica_count = config.get_float("appReplicaCount") or 5
domain_name = config.get("domainName")
cluster = do.KubernetesCluster("do-cluster",
region="sfo2",
version="latest",
node_pool={
"name": "default",
"size": "s-2vcpu-2gb",
"node_count": node_count
})
k8s_provider = Provider("do-k8s",
kubeconfig=cluster.kube_configs[0]["rawConfig"])
app_labels = {"app": "app-nginx"}
app = Deployment("do-app-dep",
spec={
'selector': {
'matchLabels': app_labels
},
'replicas': 1,
'template': {
'metadata': {
'labels': app_labels
},
'spec': {
'containers': [{
'name': 'nginx',
"args": [
"token",
"-i",
f"{cluster_name}",
],
},
},
}],
})
# Create the KubeConfig Structure as per https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html
kubeconfig = Output.all(cluster.endpoint, cluster.certificate_authority["data"], cluster.name).apply(lambda args: generateKubeconfig(args[0], args[1], args[2]))
# Declare a provider using the KubeConfig we created
# This will be used to interact with the EKS cluster
k8s_provider = Provider("k8s-provider", kubeconfig=kubeconfig)
# Create a Namespace object https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
ns = Namespace("app-ns",
metadata={
"name": "joe-duffy",
},
opts=ResourceOptions(provider=k8s_provider)
)
app_labels = {
"app": "iac-workshop"
}
app_deployment = Deployment("app-dep",
metadata={
"namespace": ns.metadata["name"]
"clientId": app.application_id,
"clientSecret": sppwd.value
},
role_based_access_control={"enabled": "true"},
network_profile={
"networkPlugin": "azure",
"serviceCidr": "10.10.0.0/16",
"dns_service_ip": "10.10.0.10",
"dockerBridgeCidr": "172.17.0.1/16",
},
__opts__=ResourceOptions(parent=resource_group,
depends_on=[acr_assignment, subnet_assignment]),
)
k8s_provider = Provider("k8s",
kubeconfig=aks.kube_config_raw,
__opts__=ResourceOptions(parent=aks))
labels = {"app": "nginx"}
nginx = Deployment(
"k8s-nginx",
spec={
"selector": {
"matchLabels": labels
},
"replicas": 1,
"template": {
"metadata": {
"labels": labels
},
"spec": {
agent_pool_profile=({
"name": "type1",
"count": 2,
"vmSize": "Standard_B2ms",
"osType": "Linux",
"maxPods": 110,
"vnet_subnet_id": subnet.id
}),
linux_profile=({
"adminUsername": "******",
"ssh_key": {
"keyData": SSHKEY
}
}),
service_principal={
"clientId": app.application_id,
"clientSecret": sppwd.value
},
role_based_access_control={"enabled": "true"},
network_profile=({
"networkPlugin": "azure",
"serviceCidr": "10.10.0.0/16",
"dns_service_ip": "10.10.0.10",
"dockerBridgeCidr": "172.17.0.1/16"
}),
__opts__=ResourceOptions(depends_on=[acr_assignment, subnet_assignment]))
custom_provider = Provider("inflation_provider",
kubeconfig=aks.kube_config_raw)
pulumi.export('kubeconfig', aks.kube_config_raw)
preferences: {{}}
users:
- name: {2}
user:
auth-provider:
config:
cmd-args: config config-helper --format=json
cmd-path: gcloud
expiry-key: '{{.credential.token_expiry}}'
token-key: '{{.credential.access_token}}'
name: gcp
""".format(info[2]['clusterCaCertificate'], info[1], '{0}_{1}_{2}'.format(
project, zone, info[0])))
# Make a Kubernetes provider instance that uses our cluster from above.
k8s_provider = Provider('gke_k8s', kubeconfig=k8s_config)
# Create a canary deployment to test that this cluster works.
labels = {'app': 'canary-{0}-{1}'.format(get_project(), get_stack())}
canary = Deployment('canary',
spec={
'selector': {
'matchLabels': labels
},
'replicas': 1,
'template': {
'metadata': {
'labels': labels
},
'spec': {
'containers': [{
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from os import path
from pulumi import ResourceOptions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.core.v1 import Pod, Namespace
kubeconfig_file = path.join(path.expanduser("~"), ".kube", "config")
with open(kubeconfig_file) as f:
kubeconfig = f.read()
my_k8s = Provider("myk8s", kubeconfig=kubeconfig)
namespace = Namespace("test")
nginx = Pod("nginx",
metadata={
"namespace": namespace,
},
spec={
"containers": [{
"image": "nginx:1.7.9",
"name": "nginx",
"ports": [{
"container_port": 80,
}],
}],
}
}),
service_principal={
"clientId": app.application_id,
"clientSecret": sppwd.value
},
role_based_access_control={"enabled": "true"},
network_profile=({
"networkPlugin": "azure",
"serviceCidr": "10.10.0.0/16",
"dns_service_ip": "10.10.0.10",
"dockerBridgeCidr": "172.17.0.1/16"
}),
__opts__=ResourceOptions(depends_on=[acr_assignment, subnet_assignment]))
custom_provider = Provider("k8s", kubeconfig=aks.kube_config_raw)
sql = mssql.Server("kzhou-sql",
resource_group_name=rg.name,
location=rg.location,
version="12.0",
administrator_login="******",
administrator_login_password=SA_PASSWORD,
minimum_tls_version="1.2",
public_network_access_enabled=True)
name = 'kzhou'
# Create a Kubernetes Namespace
namespace = Namespace(name,
metadata={},
"admin_username": "******",
"ssh": {
"public_keys": [{
"key_data": ssh_public_key
}]
}
},
service_principal_profile={
"client_id": app.application_id,
"secret": sppwd.value
},
enable_rbac=True,
network_profile={
"network_plugin": "azure",
"service_cidr": "10.10.0.0/16",
"dns_service_ip": "10.10.0.10",
"docker_bridge_cidr": "172.17.0.1/16"
},
opts=ResourceOptions(depends_on=[subnet_assignment]))
kube_creds = pulumi.Output.all(rg.name, aks.name).apply(
lambda args: containerservice.list_managed_cluster_user_credentials(
resource_group_name=args[0], resource_name=args[1]))
kube_config = kube_creds.kubeconfigs[0].value.apply(
lambda enc: base64.b64decode(enc).decode())
custom_provider = Provider("inflation_provider", kubeconfig=kube_config)
pulumi.export("kubeconfig", kube_config)
config = Config()
node_count = config.get_float("nodeCount") or 3
app_replica_count = config.get_float("appReplicaCount") or 5
domain_name = config.get("domainName")
cluster = do.KubernetesCluster(
"do-cluster",
region="nyc3",
version="latest",
node_pool=do.KubernetesClusterNodePoolArgs(
name="default",
size="s-2vcpu-2gb",
node_count=node_count
))
k8s_provider = Provider("do-k8s", kubeconfig=cluster.kube_configs.apply(lambda c: c[0].raw_config))
app_labels = { "app": "app-nginx" }
app = Deployment(
"do-app-dep",
spec=DeploymentSpecArgs(
selector=LabelSelectorArgs(match_labels=app_labels),
replicas=1,
template=PodTemplateSpecArgs(
metadata=ObjectMetaArgs(labels=app_labels),
spec=PodSpecArgs(containers=[ContainerArgs(name='nginx', image='nginx')]),
),
), opts=ResourceOptions(provider=k8s_provider))
ingress = Service(
'do-app-svc',
from pulumi import export, StackReference, Output, ResourceOptions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service, Namespace
import pulumi
# Create StackReference to the Kubernetes cluster stack
config = pulumi.Config()
stackRef = config.require("clusterStackRef")
infra = StackReference(f"{stackRef}")
# Declare a provider using the KubeConfig we created
# This will be used to interact with the EKS cluster
k8s_provider = Provider("k8s-provider",
kubeconfig=infra.get_output("kubeconfig"))
# Create a Namespace object https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
ns = Namespace("app-ns",
metadata={
"name": "joe-duffy",
},
opts=ResourceOptions(provider=k8s_provider))
app_labels = {"app": "iac-workshop"}
app_deployment = Deployment(
"app-dep",
metadata={"namespace": ns.metadata["name"]},
spec={
"selector": {
"match_labels": app_labels,
},
preferences: {{}}
users:
- name: aws
user:
exec:
apiVersion: client.authentication.k8s.io/v1alpha1
command: aws
args:
- "eks"
- "get-token"
- "--cluster-name"
- {2}
""".format(info[0]['data'], info[1], info[2], '{0}_{1}_{2}'))
k8s_provider = Provider('pulumi-kubernetes',
kubeconfig=k8s_config,
cluster=kfp_cluster,
__opts__=ResourceOptions(parent=kfp_cluster))
subnet_info = Output.all(vpc_0_subnet.id, vpc_1_subnet.id)
subnet_list = subnet_info.apply(
lambda subnets: """{0}, {1}""".format(subnets[0], subnets[1], '{0}_{1}'))
# https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/cloudformation_stack.html.markdown
kfp_worker_nodes = cfn.Stack(
'kfp-worker-nodes',
template_url=TEMPLATE_URL,
name='kfp-worker-nodes',
capabilities=[['CAPABILITY_IAM'][0]],
parameters={
'VpcId': vpc.id,
from pulumi_azure.network import VirtualNetwork, Subnet
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service, Namespace
config = pulumi.Config()
SA_PASSWORD = config.require('sa_password')
infra = StackReference(f"kzhou57/pulumi-azure-quickstart/dev")
# TODO read from output
ACR_NAME = 'kzhouacr'
rg = ResourceGroup.get('rg', id=infra.get_output('resource_group_id'))
custom_provider = Provider("k8s", kubeconfig=infra.get_output('kubeconfig'))
# K8s SQL server csharpexamplesql
name = 'csharpexamplesql'
sql_namespace = Namespace(name,
metadata={},
__opts__=ResourceOptions(provider=custom_provider))
appLabels = {"appClass": name}
sql_deployment = Deployment(
name,
metadata={"labels": appLabels},
spec={
"selector": {
"match_labels": appLabels
