Pulumi has released several enhancements for its Infrastructure-as-Code (IaC) platform. The tools are aimed at better interaction with Kubernetes and are all open source projects as well as the core platform. According to the blog post about the new tools, many Pulumi installations rely on the Kubernetes containerization platform. The tools now presented take this into account.
Operator and OPA
The new Kubernetes operator offers a direct connection to Git repositories for administration. Administrators define a
Stack-Extension in shape a custom resource in the Kubernetes cluster. Of the
Stack can be any Pulumi program within a Git repository, and the operator constantly compares the status of the cloud resources with the definitions within the stack. Policies can also be defined using Policy as Code.
CrossGuard, the framework that is responsible for the implementation of guidelines via Policy as Code, can now work together with the Open Policy Agent (OPA). OPA is a project of the Cloud Native Computing Foundation that offers an engine and language for policies in the cloud-native environment. CrossGuard can use those used by OPA
.rego– Include policy files.
pulumi up roll out. Pulumi has one interactive demo page set up for developers to try translating code on.
The crd2pulumi tool for Custom Resources is used analogously to translating YAML. It translates the
CustomResourceDefinitions (CRDs) in Pulumi and thus enables strongly typed extensions via the
Further details on the new tools and the two tools that have been available for some time for integration into the continuous delivery platform Spinnaker and for interaction with the Kubernetes package manager Helm 3 can be found from the Pulumi blog.