We value your privacy. We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Read our Privacy Policy for more information.
back arrow icon
Engineering
Methodology

Streamlining deployments with Pulumi

Wednesday, July 24, 2024
Sebastiaan Viaene
Engineering manager

For years now at Panenco we’ve been implementing Infrastructure as Code (IaC) workflows when building cloud applications. Starting with simple YAML configurations within our CI tools, we quickly matured to using Terraform and Pulumi with great success in terms of deployment speed and reliability.. This blog highlights the reasons why and how we approached it.

Why IaC?

The concept of Infrastructure as Code (IaC) involves defining your entire cloud infrastructure through code, minimising the need for manual interventions during application deployment. Here are some of the key advantages:

  • Facilitates application deployment to other environments or organisations without the need to manually repeat the same actions. 
  • It is code, and thus described as part of the code repository, making it easy to review and verify changes.
  • Increased deployment velocity, by leveraging infrastructure state to identify the least amount of resources needed to be deployed. 

If you want to know more we wrote a blog specifically about IaC and Terraform as well.

Why Pulumi?

Terraform is by far the most popular IaC tool on the market. We also used it for a great while and were happy with all the advantages it brought compared to our YAML workflows. We were able to work in a declarative way, keep track of state when deploying and reduce most of the manual actions from our deployment procedure.

However, a limitation that we kept stumbling upon when using Terraform was using HCL, its proprietary programming language which has quite a learning curve thus making it difficult for new developers to work with.

As such, we started looking for alternatives in which we were able to write our IaC code in the same language as the repository we were working in while maintaining the flexibility and vastness of the components available to Terraform.

We came across Pulumi, as it was gaining a lot of popularity, and immediately fell in love with it.

Pulumi allows us to write the code in a number of familiar languages that we regularly use, like Typescript, Python and .NET. It also includes support for all the resources that we need from known cloud providers, including GCP, AWS and Azure.

Furthermore, Pulumi also has  great documentation, including an AI assistant to help with specific tasks based on GPT technology. In terms of pricing, Pulumi is completely free in the way we are using it as we are storing our deployment state in the Cloud provider where the application is deployed. We were used to this way of working in Terraform so we were glad to apply it here as well.

Approach

This section highlights the key choices we made when implementing our infrastructure code using Pulumi and Typescript.

Code structure

A very simple application would just have a single index.ts file in which every part of the application is declared, but this quickly becomes very messy. Instead, we went for a component based approach. We still have some index files which import the components in the correct order but it doesn’t have any other logic defined. 

Then in every component file we can easily separate the code needed for that part of the application. We can also easily import components in others to create dependencies.

Secrets

Pulumi has a way to define secrets in configuration files and password encrypt them. However, we were already using our secret managers from our Cloud providers so we simply chose to keep them stored there. Below is an example for Google cloud (GCP).

Imperative actions

By default, Pulumi is a declarative programming language. A component is declared and  is taken into account when deploying the infrastructure. Sometimes, you need to perform actions such as executing a command or running a job to continue the deployment process.

For handling these imperative tasks, Pulumi created the Command component in which you can freely run custom scripts but still define dependencies and triggers to have full flexibility.

Closing statement

We really enjoyed using Pulumi for our deployments. It enables us to create structured and efficient deployment pipelines while leveraging the latest technologies and our preferred programming languages. Pulumi's flexibility and ease of integration make it an excellent choice for our ongoing and future projects, ensuring a streamlined and modern approach to managing our infrastructure.

Are you looking for an entrepreneurial digital partner? Reach out to hello@panenco.com or schedule a call

Egwin Avau
Founding CEO
Koen Verschooten
Operations manager

Subscribe to our newsletter

Quarterly hand-picked company updates
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.