Skip to content

j-maxi/pulumi-cloud-app

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
app
app
 
 
cloudflare
cloudflare
 
 
common
common
 
 
gcp
gcp
 
 
.eslintrc
.eslintrc
 
 
.gitignore
.gitignore
 
 
.prettierrc
.prettierrc
 
 
LICENSE
LICENSE
 
 
Pulumi.yaml
Pulumi.yaml
 
 
README.md
README.md
 
 
index.ts
index.ts
 
 
interface.ts
interface.ts
 
 
origin-pull-ca.pem
origin-pull-ca.pem
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

Pulumi Multi Cloud Sample Application

A sample application to program multi cloud infrastructure using Pulumi Cloud.

Tested Component Version

  • Pulumi CLI: v2.1.0

Scope

This application configures the following components:

  • Cloudflare DNS
  • Google Cloud DNS (subdomain)
  • Google Kubernetes Engine
  • Nginx as a sample application
    • Accessible via Cloudflare CDN

Setup procedure

Install Pulumi CLI and gcloud command and run the following commands, where PROJECT_ID is your GCP project ID.

$ npm install
$ pulumi plugins install

$ pulumi init ${your stack name}

# GCP
$ gcloud --project=${PROJECT_ID} iam service-accounts create pulumi-deploy --display-name="Pulumi Deployment"
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/resourcemanager.projectIamAdmin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/iam.serviceAccountAdmin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/iam.serviceAccountKeyAdmin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/iam.serviceAccountUser
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/container.admin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/compute.admin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/dns.admin
$ gcloud --project=${PROJECT_ID} iam service-accounts keys create key.json --iam-account=pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com
$ 
$ pulumi config set gcp:project $PROJECT_ID
$ cat key.json | pulumi config set --secret gcp:credentials
$ gcloud auth activate-service-account --key-file=key.json
$ gcloud config set account pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com
$ rm key.json

# Cloudflare
$ pulumi config set cloudflare:email ${cloudflare account email}
$ pulumi config set --secret cloudflare:api_key # specify Cloudflare API key

# Other params: domain name to serve the sample application, and an email address to use LetsEncrypt.
$ pulumi config set pulumi-cloud-app:domain example.com
$ pulumi config set pulumi-cloud-app:letsEncryptEmail admin@example.com

Run

$ pulumi up

About

Sample multi cloud application

Topics

kubernetes gcp cloudflare infrastructure-as-code pulumi

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages