"keyData": SSHKEY } }, service_principal={ "client_id": app.application_id, "client_secret": sppwd.value }, agent_pool_profiles=[{ "name": "type1", "count": 2, "vmSize": "Standard_B2ms", }], ) k8s_provider = Provider( "k8s", kubeconfig=aks.kube_config_raw, ) labels = {"app": "nginx"} nginx = Deployment( "k8s-nginx", spec={ "selector": { "matchLabels": labels }, "replicas": 1, "template": { "metadata": { "labels": labels }, "spec": {
user: auth-provider: config: cmd-args: config config-helper --format=json cmd-path: gcloud expiry-key: '{{.credential.token_expiry}}' token-key: '{{.credential.access_token}}' name: gcp """.format( info[2]["clusterCaCertificate"], info[1], "{0}_{1}_{2}".format(project, zone, info[0]), )) # Make a Kubernetes provider instance that uses our cluster from above. k8s_provider = Provider("gke_k8s", kubeconfig=k8s_config) # Create a canary deployment to test that this cluster works. labels = {"app": "canary-{0}-{1}".format(get_project(), get_stack())} canary = Deployment( "canary", spec={ "selector": { "matchLabels": labels }, "replicas": 1, "template": { "metadata": { "labels": labels }, "spec": {
import pulumi from pulumi import Config, ResourceOptions from pulumi_kubernetes import Provider from pulumi_kubernetes.apps.v1 import Deployment config = Config() namespace = config.get("namespace") or "default" provider = Provider("kubernetes", namespace=namespace) app_labels = {"app": "nginx"} deployment = Deployment( "nginx", spec={ "selector": {"match_labels": app_labels}, "replicas": 1, "template": { "metadata": {"labels": app_labels}, "spec": {"containers": [{"name": "nginx", "image": "nginx"}]}, }, }, opts=ResourceOptions(provider=provider), ) pulumi.export("name", deployment.metadata["name"])
config = Config() node_count = config.get_float("nodeCount") or 3 app_replica_count = config.get_float("appReplicaCount") or 5 domain_name = config.get("domainName") cluster = do.KubernetesCluster("do-cluster", region="sfo2", version="latest", node_pool={ "name": "default", "size": "s-2vcpu-2gb", "node_count": node_count }) k8s_provider = Provider("do-k8s", kubeconfig=cluster.kube_configs[0]["rawConfig"]) app_labels = {"app": "app-nginx"} app = Deployment("do-app-dep", spec={ 'selector': { 'matchLabels': app_labels }, 'replicas': 1, 'template': { 'metadata': { 'labels': app_labels }, 'spec': { 'containers': [{ 'name': 'nginx',
"args": [ "token", "-i", f"{cluster_name}", ], }, }, }], }) # Create the KubeConfig Structure as per https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html kubeconfig = Output.all(cluster.endpoint, cluster.certificate_authority["data"], cluster.name).apply(lambda args: generateKubeconfig(args[0], args[1], args[2])) # Declare a provider using the KubeConfig we created # This will be used to interact with the EKS cluster k8s_provider = Provider("k8s-provider", kubeconfig=kubeconfig) # Create a Namespace object https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ ns = Namespace("app-ns", metadata={ "name": "joe-duffy", }, opts=ResourceOptions(provider=k8s_provider) ) app_labels = { "app": "iac-workshop" } app_deployment = Deployment("app-dep", metadata={ "namespace": ns.metadata["name"]
"clientId": app.application_id, "clientSecret": sppwd.value }, role_based_access_control={"enabled": "true"}, network_profile={ "networkPlugin": "azure", "serviceCidr": "10.10.0.0/16", "dns_service_ip": "10.10.0.10", "dockerBridgeCidr": "172.17.0.1/16", }, __opts__=ResourceOptions(parent=resource_group, depends_on=[acr_assignment, subnet_assignment]), ) k8s_provider = Provider("k8s", kubeconfig=aks.kube_config_raw, __opts__=ResourceOptions(parent=aks)) labels = {"app": "nginx"} nginx = Deployment( "k8s-nginx", spec={ "selector": { "matchLabels": labels }, "replicas": 1, "template": { "metadata": { "labels": labels }, "spec": {
agent_pool_profile=({ "name": "type1", "count": 2, "vmSize": "Standard_B2ms", "osType": "Linux", "maxPods": 110, "vnet_subnet_id": subnet.id }), linux_profile=({ "adminUsername": "******", "ssh_key": { "keyData": SSHKEY } }), service_principal={ "clientId": app.application_id, "clientSecret": sppwd.value }, role_based_access_control={"enabled": "true"}, network_profile=({ "networkPlugin": "azure", "serviceCidr": "10.10.0.0/16", "dns_service_ip": "10.10.0.10", "dockerBridgeCidr": "172.17.0.1/16" }), __opts__=ResourceOptions(depends_on=[acr_assignment, subnet_assignment])) custom_provider = Provider("inflation_provider", kubeconfig=aks.kube_config_raw) pulumi.export('kubeconfig', aks.kube_config_raw)
preferences: {{}} users: - name: {2} user: auth-provider: config: cmd-args: config config-helper --format=json cmd-path: gcloud expiry-key: '{{.credential.token_expiry}}' token-key: '{{.credential.access_token}}' name: gcp """.format(info[2]['clusterCaCertificate'], info[1], '{0}_{1}_{2}'.format( project, zone, info[0]))) # Make a Kubernetes provider instance that uses our cluster from above. k8s_provider = Provider('gke_k8s', kubeconfig=k8s_config) # Create a canary deployment to test that this cluster works. labels = {'app': 'canary-{0}-{1}'.format(get_project(), get_stack())} canary = Deployment('canary', spec={ 'selector': { 'matchLabels': labels }, 'replicas': 1, 'template': { 'metadata': { 'labels': labels }, 'spec': { 'containers': [{
# Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. from os import path from pulumi import ResourceOptions from pulumi_kubernetes import Provider from pulumi_kubernetes.core.v1 import Pod, Namespace kubeconfig_file = path.join(path.expanduser("~"), ".kube", "config") with open(kubeconfig_file) as f: kubeconfig = f.read() my_k8s = Provider("myk8s", kubeconfig=kubeconfig) namespace = Namespace("test") nginx = Pod("nginx", metadata={ "namespace": namespace, }, spec={ "containers": [{ "image": "nginx:1.7.9", "name": "nginx", "ports": [{ "container_port": 80, }], }],
} }), service_principal={ "clientId": app.application_id, "clientSecret": sppwd.value }, role_based_access_control={"enabled": "true"}, network_profile=({ "networkPlugin": "azure", "serviceCidr": "10.10.0.0/16", "dns_service_ip": "10.10.0.10", "dockerBridgeCidr": "172.17.0.1/16" }), __opts__=ResourceOptions(depends_on=[acr_assignment, subnet_assignment])) custom_provider = Provider("k8s", kubeconfig=aks.kube_config_raw) sql = mssql.Server("kzhou-sql", resource_group_name=rg.name, location=rg.location, version="12.0", administrator_login="******", administrator_login_password=SA_PASSWORD, minimum_tls_version="1.2", public_network_access_enabled=True) name = 'kzhou' # Create a Kubernetes Namespace namespace = Namespace(name, metadata={},
"admin_username": "******", "ssh": { "public_keys": [{ "key_data": ssh_public_key }] } }, service_principal_profile={ "client_id": app.application_id, "secret": sppwd.value }, enable_rbac=True, network_profile={ "network_plugin": "azure", "service_cidr": "10.10.0.0/16", "dns_service_ip": "10.10.0.10", "docker_bridge_cidr": "172.17.0.1/16" }, opts=ResourceOptions(depends_on=[subnet_assignment])) kube_creds = pulumi.Output.all(rg.name, aks.name).apply( lambda args: containerservice.list_managed_cluster_user_credentials( resource_group_name=args[0], resource_name=args[1])) kube_config = kube_creds.kubeconfigs[0].value.apply( lambda enc: base64.b64decode(enc).decode()) custom_provider = Provider("inflation_provider", kubeconfig=kube_config) pulumi.export("kubeconfig", kube_config)
config = Config() node_count = config.get_float("nodeCount") or 3 app_replica_count = config.get_float("appReplicaCount") or 5 domain_name = config.get("domainName") cluster = do.KubernetesCluster( "do-cluster", region="nyc3", version="latest", node_pool=do.KubernetesClusterNodePoolArgs( name="default", size="s-2vcpu-2gb", node_count=node_count )) k8s_provider = Provider("do-k8s", kubeconfig=cluster.kube_configs.apply(lambda c: c[0].raw_config)) app_labels = { "app": "app-nginx" } app = Deployment( "do-app-dep", spec=DeploymentSpecArgs( selector=LabelSelectorArgs(match_labels=app_labels), replicas=1, template=PodTemplateSpecArgs( metadata=ObjectMetaArgs(labels=app_labels), spec=PodSpecArgs(containers=[ContainerArgs(name='nginx', image='nginx')]), ), ), opts=ResourceOptions(provider=k8s_provider)) ingress = Service( 'do-app-svc',
from pulumi import export, StackReference, Output, ResourceOptions from pulumi_kubernetes import Provider from pulumi_kubernetes.apps.v1 import Deployment from pulumi_kubernetes.core.v1 import Service, Namespace import pulumi # Create StackReference to the Kubernetes cluster stack config = pulumi.Config() stackRef = config.require("clusterStackRef") infra = StackReference(f"{stackRef}") # Declare a provider using the KubeConfig we created # This will be used to interact with the EKS cluster k8s_provider = Provider("k8s-provider", kubeconfig=infra.get_output("kubeconfig")) # Create a Namespace object https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ ns = Namespace("app-ns", metadata={ "name": "joe-duffy", }, opts=ResourceOptions(provider=k8s_provider)) app_labels = {"app": "iac-workshop"} app_deployment = Deployment( "app-dep", metadata={"namespace": ns.metadata["name"]}, spec={ "selector": { "match_labels": app_labels, },
preferences: {{}} users: - name: aws user: exec: apiVersion: client.authentication.k8s.io/v1alpha1 command: aws args: - "eks" - "get-token" - "--cluster-name" - {2} """.format(info[0]['data'], info[1], info[2], '{0}_{1}_{2}')) k8s_provider = Provider('pulumi-kubernetes', kubeconfig=k8s_config, cluster=kfp_cluster, __opts__=ResourceOptions(parent=kfp_cluster)) subnet_info = Output.all(vpc_0_subnet.id, vpc_1_subnet.id) subnet_list = subnet_info.apply( lambda subnets: """{0}, {1}""".format(subnets[0], subnets[1], '{0}_{1}')) # https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/cloudformation_stack.html.markdown kfp_worker_nodes = cfn.Stack( 'kfp-worker-nodes', template_url=TEMPLATE_URL, name='kfp-worker-nodes', capabilities=[['CAPABILITY_IAM'][0]], parameters={ 'VpcId': vpc.id,
from pulumi_azure.network import VirtualNetwork, Subnet from pulumi_kubernetes import Provider from pulumi_kubernetes.apps.v1 import Deployment from pulumi_kubernetes.core.v1 import Service, Namespace config = pulumi.Config() SA_PASSWORD = config.require('sa_password') infra = StackReference(f"kzhou57/pulumi-azure-quickstart/dev") # TODO read from output ACR_NAME = 'kzhouacr' rg = ResourceGroup.get('rg', id=infra.get_output('resource_group_id')) custom_provider = Provider("k8s", kubeconfig=infra.get_output('kubeconfig')) # K8s SQL server csharpexamplesql name = 'csharpexamplesql' sql_namespace = Namespace(name, metadata={}, __opts__=ResourceOptions(provider=custom_provider)) appLabels = {"appClass": name} sql_deployment = Deployment( name, metadata={"labels": appLabels}, spec={ "selector": { "match_labels": appLabels