def program():
config = Config()
config.get("plainstr1")
config.require("plainstr2")
config.get_secret("plainstr3")
config.require_secret("plainstr4")
config.get_bool("plainbool1")
config.require_bool("plainbool2")
config.get_secret_bool("plainbool3")
config.require_secret_bool("plainbool4")
config.get_int("plainint1")
config.require_int("plainint2")
config.get_secret_int("plainint3")
config.require_secret_int("plainint4")
config.get_float("plainfloat1")
config.require_float("plainfloat2")
config.get_secret_float("plainfloat3")
config.require_secret_float("plainfloat4")
config.get_object("plainobj1")
config.require_object("plainobj2")
config.get_secret_object("plainobj3")
config.require_secret_object("plainobj4")
config.get("str1")
config.require("str2")
config.get_secret("str3")
config.require_secret("str4")
config.get_bool("bool1")
config.require_bool("bool2")
config.get_secret_bool("bool3")
config.require_secret_bool("bool4")
config.get_int("int1")
config.require_int("int2")
config.get_secret_int("int3")
config.require_secret_int("int4")
config.get_float("float1")
config.require_float("float2")
config.get_secret_float("float3")
config.require_secret_float("float4")
config.get_object("obj1")
config.require_object("obj2")
config.get_secret_object("obj3")
config.require_secret_object("obj4")
def read_pulumi_config() -> EnvironmentDescriptor:
moduleCfg = Config()
awsCfg = Config("aws")
return EnvironmentDescriptor(
provider=moduleCfg.require('provider'),
stage=moduleCfg.require('stage'),
region=awsCfg.require('region'),
name=moduleCfg.require('name'),
access_key=awsCfg.get_secret('access_key'),
secret_key=awsCfg.get_secret('secret_key'),
)
def pulumi_program():
config = Config()
export("exp_static", "foo")
export("exp_cfg", config.get("bar"))
export("exp_secret", config.get_secret("buzz"))
import pulumi
from pulumi import Config, ResourceOptions
from pulumi_tls import PrivateKey
from pulumi_azure_native import resources, containerservice
import pulumi_azuread as azuread
import pulumi_kubernetes as k8s
from pulumi_kubernetes.helm.v3 import Chart, ChartOpts
import pulumi_random as random
# Config values or defaults
config = Config()
k8s_version = config.get('k8sVersion') or '1.18.14'
admin_username = config.get('adminUserName') or 'testuser'
node_count = config.get_int('nodeCount') or 2
node_size = config.get('nodeSize') or 'Standard_D2_v2'
password = config.get_secret("password")
if not password:
rando_password = random.RandomPassword(
'password',
length=16,
special=True,
override_special='@_#',
)
password = rando_password.result
# Resource Group
resource_group = resources.ResourceGroup('rg')
### AKS Cluster Related Resources
generated_key_pair = PrivateKey('ssh-key', algorithm='RSA', rsa_bits=4096)
ssh_public_key = generated_key_pair.public_key_openssh
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
from pulumi_random import RandomString
# Read in some configurable settings for our cluster:
config = Config(None)
# nodeCount is the number of cluster nodes to provision. Defaults to 3 if unspecified.
NODE_COUNT = config.get('node_count') or 3
# nodeMachineType is the machine type to use for cluster nodes. Defaults to n1-standard-1 if unspecified.
# See https://cloud.google.com/compute/docs/machine-types for more details on available machine types.
NODE_MACHINE_TYPE = config.get('node_machine_type') or 'n1-standard-1'
# username is the admin username for the cluster.
USERNAME = config.get('username') or 'admin'
# password is the password for the admin user in the cluster.
PASSWORD = config.get_secret('password') or RandomString(
"password", length=20, special=True).result
engine_version = Output.from_input(get_engine_versions()).latest_master_version
# Now, actually create the GKE cluster.
k8s_cluster = Cluster(
'gke-cluster',
initial_node_count=NODE_COUNT,
node_version=engine_version,
min_master_version=engine_version,
master_auth={
'username': USERNAME,
'password': PASSWORD
},
node_config={
from pulumi import Config, get_stack, export, Output
import pulumi_azuread as ad
import pulumi_random as random
from pulumi_azure import core, containerservice
config = Config()
password = config.get_secret("password") or random.RandomPassword(
"pwd", length=20, special=True).result
ssh_public_key = config.require("sshPublicKey")
resource_group = core.ResourceGroup("aksresourcegroup")
ad_app = ad.Application("aks")
ad_sp = ad.ServicePrincipal("aksSp", application_id=ad_app.application_id)
ad_sp_password = ad.ServicePrincipalPassword("aksSpPassword",
service_principal_id=ad_sp.id,
value=password,
end_date="2099-01-01T00:00:00Z")
aks_cluster_config = [
{
"name": "east",
"location": "eastus",
"node_count": 2,
"node_size": "Standard_D2_v2"
},
{
"name": "west",
"location": "westus",
public_key = config.get('publicKey')
admin_username = config.get('admin_username')
admin_password = config.get('admin_password')
location = config.get('location')
# The privateKey associated with the selected key must be provided (either directly or base64 encoded),
# along with an optional passphrase if needed.
def decode_key(key):
if key.startswith('-----BEGIN RSA PRIVATE KEY-----'):
return key
return key.encode('ascii')
private_key = config.require_secret('privateKey').apply(decode_key)
private_key_passphrase = config.get_secret('privateKeyPassphrase')
# Create a resource group to hold project resources.
resource_group = resources.ResourceGroup("server-rg",
resource_group_name="minecraft",
location=location)
# Create a virtual network resource.
net = network.VirtualNetwork("server-network",
resource_group_name=resource_group.name,
location=location,
virtual_network_name="server-network",
address_space=network.AddressSpaceArgs(
address_prefixes=["10.0.0.0/16"], ),
subnets=[
network.SubnetArgs(
from pulumi import Config, export, ResourceOptions
from pulumi_azure import core, network, lb, compute
import pulumi_random as random
config = Config()
admin_user = config.get("adminUser") or "azureuser"
admin_password = config.get_secret("adminPassword") or random.RandomPassword(
"pwd", length=20, special="true").result
domain = config.get("domain") or random.RandomString(
"domain", length=10, number="false", special="false", upper="false").result
application_port = config.get_float("applicationPort") or 80
resource_group = core.ResourceGroup("vmss-rg")
public_ip = network.PublicIp("public-ip",
resource_group_name=resource_group.name,
allocation_method="Static",
domain_name_label=domain)
load_balancer = lb.LoadBalancer("lb",
resource_group_name=resource_group.name,
frontend_ip_configurations=[{
"name":
"PublicIPAddress",
"publicIpAddressId":
public_ip.id,
}])
bpepool = lb.BackendAddressPool("bpepool",
resource_group_name=resource_group.name,
loadbalancer_id=load_balancer.id)
from pulumi_kubernetes.core.v1 import ContainerArgs, PodSpecArgs, PodTemplateSpecArgs, Service, ServicePortArgs, ServiceSpecArgs
from pulumi_kubernetes.meta.v1 import LabelSelectorArgs, ObjectMetaArgs
from pulumi_random import RandomPassword
# Read in some configurable settings for our cluster:
config = Config(None)
# nodeCount is the number of cluster nodes to provision. Defaults to 3 if unspecified.
NODE_COUNT = config.get_int('node_count') or 3
# nodeMachineType is the machine type to use for cluster nodes. Defaults to n1-standard-1 if unspecified.
# See https://cloud.google.com/compute/docs/machine-types for more details on available machine types.
NODE_MACHINE_TYPE = config.get('node_machine_type') or 'n1-standard-1'
# username is the admin username for the cluster.
USERNAME = config.get('username') or 'admin'
# password is the password for the admin user in the cluster.
PASSWORD = config.get_secret('password') or RandomPassword("password", length=20, special=True).result
# master version of GKE engine
MASTER_VERSION = config.get('master_version')
# Now, actually create the GKE cluster.
k8s_cluster = Cluster('template-gke-cluster',
name="template-gke-cluster",
initial_node_count=NODE_COUNT,
node_version=MASTER_VERSION,
min_master_version=MASTER_VERSION,
master_auth=ClusterMasterAuthArgs(username=USERNAME, password=PASSWORD),
node_config=ClusterNodeConfigArgs(
machine_type=NODE_MACHINE_TYPE,
oauth_scopes=[
'https://www.googleapis.com/auth/compute',
'https://www.googleapis.com/auth/devstorage.read_only',
