We value your privacy. We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Read our Privacy Policy for more information.
PreferencesAccept
back arrow icon
Back to Updates
Engineering
Methodology

Streamlining deployments with Pulumi

Wednesday, July 24, 2024
Sebastiaan Viaene
Engineering manager

For years now at Panenco we’ve been implementing Infrastructure as Code (IaC) workflows when building cloud applications. Starting with simple YAML configurations within our CI tools, we quickly matured to using Terraform and Pulumi with great success in terms of deployment speed and reliability.. This blog highlights the reasons why and how we approached it.

Why IaC?

The concept of Infrastructure as Code (IaC) involves defining your entire cloud infrastructure through code, minimising the need for manual interventions during application deployment. Here are some of the key advantages:

  • Facilitates application deployment to other environments or organisations without the need to manually repeat the same actions. 
  • It is code, and thus described as part of the code repository, making it easy to review and verify changes.
  • Increased deployment velocity, by leveraging infrastructure state to identify the least amount of resources needed to be deployed. 

If you want to know more we wrote a blog specifically about IaC and Terraform as well.

Why Pulumi?

Terraform is by far the most popular IaC tool on the market. We also used it for a great while and were happy with all the advantages it brought compared to our YAML workflows. We were able to work in a declarative way, keep track of state when deploying and reduce most of the manual actions from our deployment procedure.

However, a limitation that we kept stumbling upon when using Terraform was using HCL, its proprietary programming language which has quite a learning curve thus making it difficult for new developers to work with.

As such, we started looking for alternatives in which we were able to write our IaC code in the same language as the repository we were working in while maintaining the flexibility and vastness of the components available to Terraform.

We came across Pulumi, as it was gaining a lot of popularity, and immediately fell in love with it.

Pulumi allows us to write the code in a number of familiar languages that we regularly use, like Typescript, Python and .NET. It also includes support for all the resources that we need from known cloud providers, including GCP, AWS and Azure.

Furthermore, Pulumi also has  great documentation, including an AI assistant to help with specific tasks based on GPT technology. In terms of pricing, Pulumi is completely free in the way we are using it as we are storing our deployment state in the Cloud provider where the application is deployed. We were used to this way of working in Terraform so we were glad to apply it here as well.

Approach

This section highlights the key choices we made when implementing our infrastructure code using Pulumi and Typescript.

Code structure

A very simple application would just have a single index.ts file in which every part of the application is declared, but this quickly becomes very messy. Instead, we went for a component based approach. We still have some index files which import the components in the correct order but it doesn’t have any other logic defined. 

Then in every component file we can easily separate the code needed for that part of the application. We can also easily import components in others to create dependencies.

Secrets

Pulumi has a way to define secrets in configuration files and password encrypt them. However, we were already using our secret managers from our Cloud providers so we simply chose to keep them stored there. Below is an example for Google cloud (GCP).

Imperative actions

By default, Pulumi is a declarative programming language. A component is declared and  is taken into account when deploying the infrastructure. Sometimes, you need to perform actions such as executing a command or running a job to continue the deployment process.

For handling these imperative tasks, Pulumi created the Command component in which you can freely run custom scripts but still define dependencies and triggers to have full flexibility.

Closing statement

We really enjoyed using Pulumi for our deployments. It enables us to create structured and efficient deployment pipelines while leveraging the latest technologies and our preferred programming languages. Pulumi's flexibility and ease of integration make it an excellent choice for our ongoing and future projects, ensuring a streamlined and modern approach to managing our infrastructure.

Sebastiaan Viaene
Engineering manager
Sebastiaan is our go-to full-stack developer. He can smoothly harmonise frontend applications with the product APIs. He’s a fierce adept of React and Node using Typescript. Sebastiaan is also driving our data engineering activities, turning databases into well-organised data warehouses suited for data science activities. Talk to him about: Google Cloud Platform and BigQuery Data engineering: mapping data from DB to a warehouse Quality principles (automated testing, security and more)

See also

Leveraging genAI to reduce redundant data in relational databases

Leveraging genAI to reduce redundant data in relational databases

The widespread adoption of generative AI has led to an increase in generated text, posing challenges for database performance due to the accumulation of similar or near-duplicate strings. By using large language models to detect and merge these near-duplicates through embeddings, databases can be streamlined, reducing redundant data and enhancing overall application performance.
Connecting API's and front-end applications through OpenAPI auto generation

Connecting API's and front-end applications through OpenAPI auto generation

Using OpenAPI auto-generation to connect APIs and front-end applications addresses communication challenges and inconsistencies by generating client-side SDKs from API specifications, enhancing type safety, speeding up development, and reducing errors. This method not only provides thorough documentation but also simplifies the integration process and improves the development experience for both front-end and back-end teams.
Smart robotics: integrating computer vision and speech

Smart robotics: integrating computer vision and speech

Integrating AI services like computer vision and speech into robotics is transforming how robots perceive, interact with the world, and communicate with humans, as demonstrated by Budd-E, a remotely controlled AI-powered robot. Budd-E uses AI to visually describe its surroundings and convert text into spoken language, showcasing the potential for enhanced human-robot interaction through advanced AI and cloud technologies.

Let's build!

Are you looking for an entrepreneurial digital partner?
Reach out to hello@panenco.com or schedule a call

Egwin Avau
Founding CEO
Schedule a call
Koen Verschooten
Operations manager
Schedule a call

Subscribe to our newsletter

Quarterly hand-picked company updates
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.