Data Science and Data Engineering Blog

DATA SCIENCE WARRIOR

“It always seems impossible until it’s done.”

NELSON MANDELA

The Modern Infrastructure as Code Solution that Outshines Terraform

Today’s world of cloud computing and software engineering, managing and provisioning infrastructure has become a critical task. One popular approach to handling this is Infrastructure as Code (IaC). IaC is a technique that allows developers to write, test, and maintain infrastructure code in a similar way as they would with application code. Among the popular IaC tools available Terraform have emerged as the dominant solution for any IaC use cases. However, recently I came across a new player in the filed of IaC named Pulumi.

What is Pulumi?

Pulumi is an open-source Infrastructure as Code platform that allows developers and operations teams to create, deploy, and manage cloud infrastructure using familiar programming languages, such as Python, TypeScript, Go, and C#. It provides a unified approach to infrastructure provisioning, configuration management, and deployment automation.

So, Pulumi does not require YAML files to define infrastructure resources. Instead, Pulumi allows you to use general-purpose programming languages like Python, TypeScript, Go, and C# to define and manage your infrastructure as code.

This approach brings several benefits over using YAML files, such as: Familiarity: Developers can use their existing knowledge and experience with the programming languages they are comfortable with, which reduces the learning curve. You can use loops, conditionals, and error handling, which can be used to create more complex and dynamic infrastructure configurations. By using general purpose languages, developers can create custom, reusable components and leverage existing libraries and tools to manage their infrastructure. Pulumi allows for better error handling and real-time feedback during the development process, which can help developers identify and fix issues more efficiently.

Why Choose Pulumi Over Terraform?

While both Pulumi and Terraform offer IaC solutions, there are several key advantages to choosing Pulumi:

  1. Familiar Programming Languages: Unlike Terraform’s domain-specific language (DSL) called HashiCorp Configuration Language (HCL), Pulumi allows developers to use their preferred general-purpose programming languages. This reduces the learning curve and enables developers to leverage existing knowledge and libraries.
  2. Advanced Programming Constructs: Pulumi supports features like loops, conditionals, and error handling that are sometimes hard to implement with Terraform’s HCL. This enables developers to create more complex and dynamic infrastructure configurations.
  3. Better Collaboration: Pulumi’s built-in support for popular cloud providers, like AWS, Azure, and Google Cloud Platform, allows for seamless collaboration between team members across different cloud environments.
  4. Custom Resources: Pulumi enables users to create custom resources using familiar programming languages, which is not possible with Terraform’s HCL. This allows developers to create reusable, shareable components for their infrastructure.
  5. Real-time Feedback: Pulumi provides real-time feedback and error messages during the development process. This helps developers to identify and fix issues quickly, while Terraform often requires users to run “terraform plan” or “terraform apply” to identify issues.

Pulumi has a similar feature to terraform plan. When you run pulumi up in your Pulumi project, it automatically generates a preview of the changes that will be applied to your infrastructure before actually applying them. This preview allows you to review the changes and ensure they align with your expectations before proceeding.

If you want to generate a preview without being prompted to apply the changes, you can use the pulumi preview command. This command will display the proposed changes to your infrastructure without applying them, similar to terraform plan.

Here’s a quick summary of the equivalent commands in Terraform and Pulumi:

  • terraform init => pulumi stack init
  • terraform plan => pulumi preview
  • terraform apply => pulumi up
  • terraform destroy => pulumi destroy

Keep in mind that the pulumi preview and pulumi up commands both display a preview of the changes, but pulumi up will prompt you to confirm if you want to apply the changes, while pulumi preview only displays the preview without applying any changes.

How Pulumi Manages Resources

Pulumi handles updates to resources differently from Terraform. When you make changes to your infrastructure code and run pulumi up, Pulumi compares the desired state of your infrastructure, as defined in your code, with the current state of your infrastructure, which is stored in the Pulumi state file.

Pulumi then calculates the minimum set of actions needed to update your infrastructure to match the desired state. It tries to preserve existing resources and update them in place whenever possible. However, some changes may require replacing resources with new ones, depending on the specific cloud provider and resource types involved.

Pulumi provides a detailed preview of the changes that will be applied when you run pulumi up. This preview includes information about which resources will be updated, created, or deleted, allowing you to review and confirm the changes before they are applied.

You might ask, I am already using boto3 library to create required resources in AWS, why do I need Pulumi. It is true, you can create resources with boto3 , however there are some key differences.

  1. Abstraction Level: Boto3 is a Python library that provides a low-level interface to AWS services. It allows you to interact with AWS APIs directly and is typically used for scripting or building custom applications that interact with AWS resources. Pulumi, on the other hand, is an Infrastructure as Code (IaC) tool that provides a higher-level abstraction for managing cloud resources. It allows you to define, provision, and manage cloud infrastructure. Pulumi makes it easier to manage and automate infrastructure tasks, as it handles the underlying AWS API calls for you.
  2. Infrastructure Management: Pulumi enables you to manage the entire lifecycle of your cloud infrastructure, including provisioning, updating, and tearing down resources. It tracks the state of your infrastructure and provides tools for comparing and previewing changes. With Boto3, you would have to write custom scripts to handle the infrastructure lifecycle and manually track the state of your resources.
  3. Declarative vs. Imperative: Pulumi is a declarative tool, which means you define the desired state of your infrastructure, and Pulumi takes care of creating, updating, or deleting resources as needed. This approach simplifies infrastructure management and reduces the risk of human error. Boto3, on the other hand, is an imperative tool, which means you have to write scripts that explicitly state each step required to create, update, or delete resources. This approach can be more error-prone and harder to maintain, especially as your infrastructure grows in complexity.

How to Get Started with Pulumi

To start using Pulumi, follow these steps:

  1. Install Pulumi: Visit the Pulumi website and download the appropriate installer for your operating system. Follow the installation instructions provided here. https://www.pulumi.com/docs/get-started/install/
  2. Choose a Programming Language: Pulumi supports Python, TypeScript, Go, and C#. Choose the language you are most comfortable with or the one that best fits your project requirements.
  3. Set Up a Project: Create a new directory for your Pulumi project, then run pulumi new <language> in the terminal, replacing <language> with your chosen programming language. This will create a new Pulumi project with sample code and configuration files.
  4. Configure Your Cloud Provider: Pulumi supports multiple cloud providers, including AWS, Azure, and Google Cloud Platform. Follow the official Pulumi documentation to configure your preferred cloud provider. https://www.pulumi.com/docs/intro/concepts/resources/providers/
  5. Write Your Infrastructure Code: Using your preferred programming language, write code to define your infrastructure resources, such as virtual machines, databases, and networking components.
  6. Deploy Your Infrastructure: Run pulumi up in the terminal to deploy your infrastructure to the configured cloud provider. Pulumi will display a preview of the changes and prompt you to confirm the deployment.
  7. Manage Your Infrastructure: Pulumi tracks the state of your infrastructure and allows you to update, destroy, or preview changes as needed. Use pulumi up, pulumi destroy, and pulumi preview commands to manage

Some Examples

Example 1: Creating an AWS S3 bucket

import pulumi
from pulumi_aws import s3

# Create an AWS resource (S3 Bucket)
bucket = s3.Bucket('my-example-bucket', acl='private')

Example 2: Creating an EC2 instance

import pulumi
from pulumi_aws import ec2

# Create a VPC
vpc = ec2.Vpc("my-vpc",
    cidr_block="10.0.0.0/16",
    tags={"Name": "my-vpc"})

# Create a subnet within the VPC
subnet = ec2.Subnet("my-subnet",
    cidr_block="10.0.1.0/24",
    vpc_id=vpc.id,
    tags={"Name": "my-subnet"})

# Create a security group allowing SSH access
security_group = ec2.SecurityGroup("my-security-group",
    description="Enable SSH access",
    vpc_id=vpc.id,
    ingress=[
        ec2.SecurityGroupIngressArgs(
            protocol="tcp",
            from_port=22,
            to_port=22,
            cidr_blocks=["0.0.0.0/0"]
        )
    ])

# Create an EC2 instance
instance = ec2.Instance("my-instance",
    ami="ami-0c94855ba95b798c7",  # This is an Amazon Linux 2 AMI ID; replace with the appropriate ID for your region
    instance_type="t2.micro",
    subnet_id=subnet.id,
    vpc_security_group_ids=[security_group.id],
    tags={"Name": "my-instance"})

About The Author

Scroll to Top