Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/j-maxi/pulumi-cloud-app

Sample multi cloud application
https://github.com/j-maxi/pulumi-cloud-app

cloudflare gcp infrastructure-as-code kubernetes pulumi

Last synced: about 1 month ago
JSON representation

Sample multi cloud application

Host: GitHub
URL: https://github.com/j-maxi/pulumi-cloud-app
Owner: j-maxi
License: mit
Created: 2019-03-30T08:01:47.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2022-06-23T03:17:24.000Z (over 2 years ago)
Last Synced: 2024-11-14T05:33:57.922Z (3 months ago)
Topics: cloudflare, gcp, infrastructure-as-code, kubernetes, pulumi
Language: TypeScript
Size: 293 KB
Stars: 1
Watchers: 2
Forks: 1
Open Issues: 9
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Pulumi Multi Cloud Sample Application

A sample application to program multi cloud infrastructure using Pulumi Cloud.

## Tested Component Version

* Pulumi CLI: v2.1.0

## Scope

This application configures the following components:

* Cloudflare DNS
* Google Cloud DNS (subdomain)
* Google Kubernetes Engine
* Nginx as a sample application
* Accessible via Cloudflare CDN

## Setup procedure

Install Pulumi CLI and gcloud command and run the following commands, where PROJECT\_ID is your GCP project ID.

```
$ npm install
$ pulumi plugins install

$ pulumi init ${your stack name}

# GCP
$ gcloud --project=${PROJECT_ID} iam service-accounts create pulumi-deploy --display-name="Pulumi Deployment"
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/resourcemanager.projectIamAdmin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/iam.serviceAccountAdmin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/iam.serviceAccountKeyAdmin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/iam.serviceAccountUser
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/container.admin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/compute.admin
$ gcloud projects add-iam-policy-binding ${PROJECT_ID} --member=serviceAccount:pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com --role=roles/dns.admin
$ gcloud --project=${PROJECT_ID} iam service-accounts keys create key.json --iam-account=pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com
$
$ pulumi config set gcp:project $PROJECT_ID
$ cat key.json | pulumi config set --secret gcp:credentials
$ gcloud auth activate-service-account --key-file=key.json
$ gcloud config set account pulumi-deploy@${PROJECT_ID}.iam.gserviceaccount.com
$ rm key.json

# Cloudflare
$ pulumi config set cloudflare:email ${cloudflare account email}
$ pulumi config set --secret cloudflare:api_key # specify Cloudflare API key

# Other params: domain name to serve the sample application, and an email address to use LetsEncrypt.
$ pulumi config set pulumi-cloud-app:domain example.com
$ pulumi config set pulumi-cloud-app:letsEncryptEmail [email protected]
```

## Run

```
$ pulumi up
```