Cloudhost Solutions

Place where DevOps and Cloud Hosting meetsCheckout my website.

Infrastructure as a code is one of the key factors for DevOps. There are tools and applications available to provision infrastructure. Some of the popular tools are Terraform, Ansible. This blog post covers another popular Infrastructure as a code provider named Pulumi.

Pulumi helps developers to get started with infrastructure as code with a friendly programming language. Unlike where other tools are using YAML, with pulumi developers can use javascript, typescript, C# and visual basic to write infrastructure code.

Pulumi supports almost all public cloud service providers. This blog post will help you build infrastructure on alibaba cloud with pulumi and javascript.

With Pulumi infrastructure as a code following simple site infrastructure will be implemented. Future blog post will include some complex functionality.

To implement the above infrastructure you will need,

An RAM programmatic access user with rights to create VPC and ECS. (To know more about RAM https://cloudhost.solutions/alibaba-cloud-resource-access-management/)
An account on pulumi (more on pulumi accounts, https://www.pulumi.com/docs/intro/console/accounts-and-organizations/accounts/ )

Once the prerequisites are fulfilled follow the following steps to get started.

Step 1: Configure And Install Pulumi

There are multiple ways to install pulumi. Download and installation steps are provided on https://www.pulumi.com/docs/get-started/install/ . For this blog post, we will use Home brew package manager.

Step 2: Generate Pulumi Access Token

Generate an access token from pulumi dashboard ( https://www.pulumi.com/docs/intro/console/accounts-and-organizations/accounts/#access-tokens )

Step 3: Configure Pulumi On Local System

Configure pulumi on the local system with pulumi login. Provide generated access token on step#2 to here.

Step 4: Create A New Project

Create a new project for Alibaba Cloud. To create a new project it is recommended to use an empty folder. For getting started enter pulumi new

Note: Before executing pulumi new , make sure that nodejs is installed.

On entering pulumi new, the system will prompt for the templates, select Show additional templates and once list is populated, enter (select) alicloud-javascript. 
Enter project name as per your choice
Enter project description 
Enter stack name
Enter region. As per the plan we are going to deploy infrastructure in the Singapore region. For alibaba cloud, the singapore region code is ap-southeast-1. (To deploy infrastructure in different regions, please refer to the regions guide on Alibaba cloud.)

Once the project is created, details of the stack can be accessed with pulumi stack. To list of stacks, use “pulumi stack ls”

The stack details can also be accessed from the pulumi dashboard.

pulumi new command creates following file/folder structure on the system

A closure look at the files and folders

node_modules : This directory contains libraries from npm 
.gitignore: list of files/directories  to be ignored during the git push 
index.js : A sample file to create OSS. All the infrastructure creation commands will be provided here. 
package-lock.json : An auto generated file on modification of npm 
<project-name>.yaml: Alibaba cloud related configurations and stack secrets are stored here
Pulumi.yaml: Project details

Step 5: Configure Alibaba Cloud Credentials

Alibaba cloud credentials can be configured two ways.

By setting environment variables:
    export ALICLOUD_ACCESS_KEY=YOURALIBABACLOUDACCESSKEY
    export ALICLOUD_SECRET_KEY=YOURALIBABACLOUDACCESSSECRET
By setting as pulumi configuration variables. This option is useful in a multiuser environment. All the parameters are encrypted before storing. 
    pulumi config set alicloud:accessKey YOURALIBABACLOUDACCESSKEY –secret 
    pulumi config set alicloud:secretKey YOURALIBABACLOUDACCESSSECRET –secret

Note: Make sure to use a secret flag while using the pulumi config. Without secret tag all the values will be stored in clear text.

Step 6: Create VPC

As all the basic configurations are completed, we can start with implementing infrastructure.

"use strict";
const pulumi = require("@pulumi/pulumi");
const alicloud = require("@pulumi/alicloud");

// Create an Alibaba Cloud VPC
const vpc = new alicloud.vpc.Network("alicloud-pulumi-vpc", {
    cidrBlock: "192.168.0.0/16",
    description: "Alibaba Cloud VPC for Hosting Web Application created with pulumi"
});

//Exports VPC ID
exports.vpc = vpc.id;

Note: Pulumi API reference guide can be accessed from https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/alicloud/index.html

pulumi preview: Previews all the changes that will be made when command executes 
pulumi update (pulumi up): Applies changes to the infrastructure 

Alibaba cloud vRouter is deployed automatically with the VPC creation, there is no other code needed to create vRouter.

As a best practice each component on infrastructure should be tagged. With pulumi you can apply changes to the infrastructure and validate changes before applying.

For our example, lets add two tags to the VPC. (Tags can be defined once and used for all the components, advanced pulumi code with javascript will be covered in subsequent posts)

"use strict";
const pulumi = require("@pulumi/pulumi");
const alicloud = require("@pulumi/alicloud");

// Create an Alibaba Cloud VPC
const vpc = new alicloud.vpc.Network("alicloud-pulumi-vpc", {
   cidrBlock: "192.168.0.0/16",
   description: "Alibaba Cloud VPC for Hosting Web Application created with pulumi",
   tags: {"create with": "pulumi", "created by": "Ankit"},
});

//Exports VPC ID
exports.vpc = vpc.id;

Note: As of writing this blog post there is no way to check VPC tags on the Alibaba cloud console directly. Current tags can be found on the pulumi.

Step 7: Create VSwitch

As the VPC and vRouters are created, now it is time to create two VSwitches. We will place vSwitches in two different availability zones. Zone A will be treated as a public zone and Zone B will be treated as a private zone.

"use strict";
const pulumi = require("@pulumi/pulumi");
const alicloud = require("@pulumi/alicloud");

// Create an Alibaba Cloud VPC
const vpc = new alicloud.vpc.Network("alicloud-pulumi-vpc", {
   cidrBlock: "192.168.0.0/16",
   description: "Alibaba Cloud VPC for Hosting Web Application created with pulumi",
   tags: {"create with": "pulumi", "created by": "Ankit"},
});

// Create VSwitches
const vswitchZ1 = new alicloud.vpc.Switch("alicloud-vswitch-zone-a", {
   vpcId: vpc.id,
   cidrBlock: "192.168.1.0/24",
   description: "Vswitch 1",
   availabilityZone: "ap-southeast-1a",
   tags: {"create with": "pulumi", "created by": "Ankit"},
});
const vswitchZ2 = new alicloud.vpc.Switch("alicloud-vswitch-zone-b", {
   vpcId: vpc.id,
   cidrBlock: "192.168.2.0/24",
   description: "Vswitch 2",
   availabilityZone: "ap-southeast-1b",
   tags: {"create with": "pulumi", "created by": "Ankit"},
});

//Exports Details
exports.vpc = vpc.id;
exports.vswitchZ1 = vswitchZ1.id;
exports.vswitchZ2 = vswitchZ2.id;

A closure look at the code

vpcid : VPC Identifier where the vSwitch will be created. If one wants to use an existing VPC then provide the exact id. 
cidrBlock: Provide a CIDR block that can be part of the VPC. Handy CIDR calculation tool https://www.ipaddressguide.com/cidr
description: Description of the vSwitch 
availabilityZone: Availability Zone where vSwitch will reside
tags: tags for the vswitch

Step 8: Create Security Group And Security Group Rules

This section will create VPC level firewall rules that can be attached to the Elastic Compute Service (ECS).

For our example, we want incoming traffic for port 80 (HTTP) and 443 (HTTPS) for web server, so ingress rule for these two ports will be created. The rule will be attached while ECS creation.

Another rule will be created to allow MySQL 3306 port access from the web sever zone to the db server zone.

"use strict";
const pulumi = require("@pulumi/pulumi");
const alicloud = require("@pulumi/alicloud");

// Create an Alibaba Cloud VPC
const vpc = new alicloud.vpc.Network("alicloud-pulumi-vpc", {
    cidrBlock: "192.168.0.0/16",
    description: "Alibaba Cloud VPC for Hosting Web Application created with pulumi",
    tags: {"create with": "pulumi", "created by": "Ankit"},
});

// Create VSwitches 
const vswitchZ1 = new alicloud.vpc.Switch("alicloud-vswitch-zone-a", {
    vpcId: vpc.id,
    cidrBlock: "192.168.1.0/24",
    description: "Vswitch 1",
    availabilityZone: "ap-southeast-1a",
    tags: {"create with": "pulumi", "created by": "Ankit"},
});
const vswitchZ2 = new alicloud.vpc.Switch("alicloud-vswitch-zone-b", {
    vpcId: vpc.id,
    cidrBlock: "192.168.2.0/24",
    description: "Vswitch 2",
    availabilityZone: "ap-southeast-1b",
    tags: {"create with": "pulumi", "created by": "Ankit"},
}); 

// Create Security Group Web
const securitygroup = new alicloud.ecs.SecurityGroup("alicloud-security-group", {
    name: "alicloud-security-group",
    description: "Alicloud Security Group",
    vpcId: vpc.id,
    innnerAccessPolicy: "Allow",
    securityGroupType: "normal",
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });
 
 // Create Security Group Rules HTTP
 const securitygroupruleexternalhttp = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-external-http", {
     name: "alicloud-security-grouprule-1-http",
     description: "Allow Web Access",
     securityGroupId: securitygroup.id,
     cidrIp: "0.0.0.0/0",
     ipProtocol: "tcp",
     policy: "accept",
     portRange: "80/80",
     priority: 1,
     type: "ingress",
     tags: {"create with": "pulumi", "created by": "Ankit"},
     });
     
 // Create Security Group Rules HTTPS
 const securitygroupruleexternalhttps = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-external-https", {
     name: "alicloud-security-grouprule-2-https",
     description: "Allow Secure Web Access",
     securityGroupId: securitygroup.id,
     cidrIp: "0.0.0.0/0",
     ipProtocol: "tcp",
     policy: "accept",
     portRange: "443/443",
     priority: 1,
     type: "ingress",
     tags: {"create with": "pulumi", "created by": "Ankit"},
     });
 
// Create security group DB
const securitygroupdb = new alicloud.ecs.SecurityGroup("alicloud-security-group-db", {
    name: "alicloud-security-group-db",
    description: "Alicloud DB Security Group",
    vpcId: vpc.id,
    innnerAccessPolicy: "Allow",
    securityGroupType: "normal",
    tags: {"create with": "pulumi", "created by": "Ankit"},
    });
    
// Create Security Group Rules DB
const securitygroupruleinternaldb = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-internal-db", {
    name: "alicloud-security-grouprule-db",
    description: "Allow DB Access",
    securityGroupId: securitygroupdb.id,
    cidrIp: "192.168.1.0/24",
    ipProtocol: "tcp",
    policy: "accept",
    portRange: "3306/3306",
    priority: 1,
    type: "ingress",
    tags: {"create with": "pulumi", "created by": "Ankit"},
    });

//Exports Data
exports.vpc = vpc.id;
exports.vswitchZ1 = vswitchZ1.id;
exports.vswitchZ2 = vswitchZ2.id;
exports.securitygroup = securitygroup.id;
exports.securitygroupruleexternalhttp = securitygroupruleexternalhttp.id;
exports.securitygroupruleexternalhttps = securitygroupruleexternalhttps.id;
exports.securitygroupdb = securitygroupdb.id;
exports.securitygroupruleinternaldb = securitygroupruleinternaldb.id;

A closure look at the code

Security Group:

vpcId: VPC ID where the security group will be created
innerAccessPolicy: Security group to Allow or Drop (deny) 
securityGroupType: normal or enterprise security 

Security Group Rules:

securityGroupId: Security group id where the security group will be tied to  
cidrIp: IP / IP Range for where the security group will be applicable 
ipProtocol: Protocol for which the security group will be applicable to 
policy: Accept or Deny traffic
portRange: Port range where the rule is applicable
priority: Rule execution priority
type: Rule type ingress or egress

Step 9: Create SSH Keys

In this step we will create two SSH keys which will be assigned to instances in the later stage. As a best practice we will create separate keys for the web and database server.

"use strict";
const pulumi = require("@pulumi/pulumi");
const alicloud = require("@pulumi/alicloud");

// Create an Alibaba Cloud VPC
const vpc = new alicloud.vpc.Network("alicloud-pulumi-vpc", {
    cidrBlock: "192.168.0.0/16",
    description: "Alibaba Cloud VPC for Hosting Web Application created with pulumi",
    tags: {"create with": "pulumi", "created by": "Ankit"},
});

// Create VSwitches 
const vswitchZ1 = new alicloud.vpc.Switch("alicloud-vswitch-zone-a", {
    vpcId: vpc.id,
    cidrBlock: "192.168.1.0/24",
    description: "Vswitch 1",
    availabilityZone: "ap-southeast-1a",
    tags: {"create with": "pulumi", "created by": "Ankit"},
});
const vswitchZ2 = new alicloud.vpc.Switch("alicloud-vswitch-zone-b", {
    vpcId: vpc.id,
    cidrBlock: "192.168.2.0/24",
    description: "Vswitch 2",
    availabilityZone: "ap-southeast-1b",
    tags: {"create with": "pulumi", "created by": "Ankit"},
}); 

// Create Security Group Web
const securitygroup = new alicloud.ecs.SecurityGroup("alicloud-security-group", {
    name: "alicloud-security-group",
    description: "Alicloud Security Group",
    vpcId: vpc.id,
    innnerAccessPolicy: "Allow",
    securityGroupType: "normal",
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });
 
 // Create Security Group Rules HTTP
 const securitygroupruleexternalhttp = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-external-http", {
     name: "alicloud-security-grouprule-1-http",
     description: "Allow Web Access",
     securityGroupId: securitygroup.id,
     cidrIp: "0.0.0.0/0",
     ipProtocol: "tcp",
     policy: "accept",
     portRange: "80/80",
     priority: 1,
     type: "ingress",
     tags: {"create with": "pulumi", "created by": "Ankit"},
     });
     
 // Create Security Group Rules HTTPS
 const securitygroupruleexternalhttps = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-external-https", {
     name: "alicloud-security-grouprule-2-https",
     description: "Allow Secure Web Access",
     securityGroupId: securitygroup.id,
     cidrIp: "0.0.0.0/0",
     ipProtocol: "tcp",
     policy: "accept",
     portRange: "443/443",
     priority: 1,
     type: "ingress",
     tags: {"create with": "pulumi", "created by": "Ankit"},
     });
 
// Create security group DB
const securitygroupdb = new alicloud.ecs.SecurityGroup("alicloud-security-group-db", {
    name: "alicloud-security-group-db",
    description: "Alicloud DB Security Group",
    vpcId: vpc.id,
    innnerAccessPolicy: "Allow",
    securityGroupType: "normal",
    tags: {"create with": "pulumi", "created by": "Ankit"},
    });
    
// Create Security Group Rules DB
const securitygroupruleinternaldb = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-internal-db", {
    name: "alicloud-security-grouprule-db",
    description: "Allow DB Access",
    securityGroupId: securitygroupdb.id,
    cidrIp: "192.168.1.0/24",
    ipProtocol: "tcp",
    policy: "accept",
    portRange: "3306/3306",
    priority: 1,
    type: "ingress",
    tags: {"create with": "pulumi", "created by": "Ankit"},
    });


// Create SSH Key-pair for web server
const keypairweb = new alicloud.ecs.KeyPair("alicloud-webserver-keypair", {
    name: "Alicloud Web Server Key",
    keyFile: "aliyun-werbserver-key",
    keyNamePrefix: "pulumi-",
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });
// Create SSH Key-pair for Database sevrer
const keypairdb = new alicloud.ecs.KeyPair("alicloud-dbserver-keypair", {
    name: "Alicloud DB server Key",
    keyFile: "aliyun-dbserver-key",
    keyNamePrefix: "pulumi-",
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });

//Exports Data
exports.vpc = vpc.id;
exports.vswitchZ1 = vswitchZ1.id;
exports.vswitchZ2 = vswitchZ2.id;
exports.securitygroup = securitygroup.id;
exports.securitygroupruleexternalhttp = securitygroupruleexternalhttp.id;
exports.securitygroupruleexternalhttps = securitygroupruleexternalhttps.id;
exports.securitygroupdb = securitygroupdb.id;
exports.securitygroupruleinternaldb = securitygroupruleinternaldb.id;

Once the keys are generated, they can be found on the root of the project.

A closure look at the code

keyFile: key file name to store file in the project 
keyNamePrefix: key file name prefix while storing on Alibaba Cloud

Step 10: Create Instances

As the components needed for an ECS are created, now it is time to bind them all together and create ECS servers. There will be two ECS servers, one for web-server and the other one for database server.

Both servers will be placed in separate vSwitch. Web-server will be created with a public IP address while a database server will be created without a public IP address.

"use strict";
const pulumi = require("@pulumi/pulumi");
const alicloud = require("@pulumi/alicloud");

// Create an Alibaba Cloud VPC
const vpc = new alicloud.vpc.Network("alicloud-pulumi-vpc", {
    cidrBlock: "192.168.0.0/16",
    description: "Alibaba Cloud VPC for Hosting Web Application created with pulumi",
    tags: {"create with": "pulumi", "created by": "Ankit"},
});

// Create VSwitches 
const vswitchZ1 = new alicloud.vpc.Switch("alicloud-vswitch-zone-a", {
    vpcId: vpc.id,
    cidrBlock: "192.168.1.0/24",
    description: "Vswitch 1",
    availabilityZone: "ap-southeast-1a",
    tags: {"create with": "pulumi", "created by": "Ankit"},
});
const vswitchZ2 = new alicloud.vpc.Switch("alicloud-vswitch-zone-b", {
    vpcId: vpc.id,
    cidrBlock: "192.168.2.0/24",
    description: "Vswitch 2",
    availabilityZone: "ap-southeast-1b",
    tags: {"create with": "pulumi", "created by": "Ankit"},
}); 

// Create Security Group Web
const securitygroup = new alicloud.ecs.SecurityGroup("alicloud-security-group", {
    name: "alicloud-security-group",
    description: "Alicloud Security Group",
    vpcId: vpc.id,
    innnerAccessPolicy: "Allow",
    securityGroupType: "normal",
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });
 
 // Create Security Group Rules HTTP
 const securitygroupruleexternalhttp = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-external-http", {
     name: "alicloud-security-grouprule-1-http",
     description: "Allow Web Access",
     securityGroupId: securitygroup.id,
     cidrIp: "0.0.0.0/0",
     ipProtocol: "tcp",
     policy: "accept",
     portRange: "80/80",
     priority: 1,
     type: "ingress",
     tags: {"create with": "pulumi", "created by": "Ankit"},
     });
     
 // Create Security Group Rules HTTPS
 const securitygroupruleexternalhttps = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-external-https", {
     name: "alicloud-security-grouprule-2-https",
     description: "Allow Secure Web Access",
     securityGroupId: securitygroup.id,
     cidrIp: "0.0.0.0/0",
     ipProtocol: "tcp",
     policy: "accept",
     portRange: "443/443",
     priority: 1,
     type: "ingress",
     tags: {"create with": "pulumi", "created by": "Ankit"},
     });
 
// Create security group DB
const securitygroupdb = new alicloud.ecs.SecurityGroup("alicloud-security-group-db", {
    name: "alicloud-security-group-db",
    description: "Alicloud DB Security Group",
    vpcId: vpc.id,
    innnerAccessPolicy: "Allow",
    securityGroupType: "normal",
    tags: {"create with": "pulumi", "created by": "Ankit"},
    });
    
// Create Security Group Rules DB
const securitygroupruleinternaldb = new alicloud.ecs.SecurityGroupRule("alicloud-securitygrouprule-internal-db", {
    name: "alicloud-security-grouprule-db",
    description: "Allow DB Access",
    securityGroupId: securitygroupdb.id,
    cidrIp: "192.168.1.0/24",
    ipProtocol: "tcp",
    policy: "accept",
    portRange: "3306/3306",
    priority: 1,
    type: "ingress",
    tags: {"create with": "pulumi", "created by": "Ankit"},
    });


// Create SSH Key-pair for web server
const keypairweb = new alicloud.ecs.KeyPair("alicloud-webserver-keypair", {
    name: "Alicloud Web Server Key",
    keyFile: "aliyun-werbserver-key",
    keyNamePrefix: "pulumi-",
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });
// Create SSH Key-pair for Database sevrer
const keypairdb = new alicloud.ecs.KeyPair("alicloud-dbserver-keypair", {
    name: "Alicloud DB server Key",
    keyFile: "aliyun-dbserver-key",
    keyNamePrefix: "pulumi-",
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });

 // Create Webserver ECS 
const webserver = new alicloud.ecs.Instance("alicloud-web", {
    name: "Web Server",
    availabilityZone: "ap-southeast-1a",
    creditSpecification: "Standard",
    description: "Web Server",
    dryRun: "false",
    forceDelete: "true",
    hostName: "webserver1.anky.it",
    imageId: "ubuntu_18_04_64_20G_alibase_20190624.vhd",
    instanceChargeType: "PostPaid",
    instanceName: "webserver1.anky.it",
    instanceType: "ecs.t5-lc1m1.small",
    systemDiskCategory: "cloud_ssd",
    internetChargeType: "PayByTraffic",
    internetMaxBandwidthIn: 1,
    internetMaxBandwidthOut: 1,
    isOutdated: "false",
    keyName: keypairweb.keyName,
    securityEnhancementStrategy: "Active",
    securityGroups: [securitygroup.id],
    vswitchId: vswitchZ1.id,
    systemDiskSize: 20,
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });

// Create Db server ECS 
const dbserver = new alicloud.ecs.Instance("alicloud-db", {
    name: "DB Server",
    availabilityZone: "ap-southeast-1b",
    creditSpecification: "Standard",
    description: "DB Server",
    dryRun: "false",
    forceDelete: "true",
    hostName: "dbserver1.anky.it",
    imageId: "ubuntu_18_04_64_20G_alibase_20190624.vhd",
    instanceChargeType: "PostPaid",
    instanceName: "dbserver1.anky.it",
    instanceType: "ecs.t5-lc1m1.small",
    systemDiskCategory: "cloud_ssd",
    internetChargeType: "PayByTraffic",
    internetMaxBandwidthIn: 1,
    internetMaxBandwidthOut: 0,
    isOutdated: "false",
    keyName: keypairdb.keyName,
    securityEnhancementStrategy: "Active",
    securityGroups: [securitygroupdb.id],
    vswitchId: vswitchZ2.id,
    systemDiskSize: 20,
    tags: {"create with": "pulumi", "created by": "Ankit"},
 });

//Exports Data
exports.vpc = vpc.id;
exports.vswitchZ1 = vswitchZ1.id;
exports.vswitchZ2 = vswitchZ2.id;
exports.securitygroup = securitygroup.id;
exports.securitygroupruleexternalhttp = securitygroupruleexternalhttp.id;
exports.securitygroupruleexternalhttps = securitygroupruleexternalhttps.id;
exports.securitygroupdb = securitygroupdb.id;
exports.securitygroupruleinternaldb = securitygroupruleinternaldb.id;
exports.webserver = webserver.id;
exports.webserverip = webserver.privateIp;
exports.webserverip = webserver.publicIp;
exports.dbserver = dbserver.id;
exports.dbserverip = dbserver.privateIp;
exports.dbserverip = dbserver.publicIp;

A closure look at the code

availabilityZone: Availability zone where the instance will be created
creditSpecification: Running performance of the burstable instance
Description: Server description
dryRun: A dry-run request is sent and no instance is created to validate the configuration
forceDelete: the “PrePaid” instance will be change to “PostPaid” and then deleted forcibly
hostName: server host name
imageId: OS/Image to deploy
instanceChargeType: Instance billing type
instanceName: Instance Name
instanceType: Instance Type
systemDiskCategory: System disk type
internetChargeType: Traffic charge type
internetMaxBandwidthIn: Max bandwidth for public Ingress
internetMaxBandwidthOut: Max bandwidth for public egress
isOutdated: Whether to use outdated instance type
keyName: key pair to map
securityEnhancementStrategy: enable security enhancement strategy, it only works on system images.
securityGroups: Security group ids to map
vswitchId: Virtual switch id to map
systemDiskSize: System disk size

Step 11: Destroy Infrastructure

To destroy the infrastructure provisioned by this script use “pulumi destroy”

Summary:

Pulumi is comparatively easy infrastructure as a code framework where developers can provision infrastructure without much effort, in the programming language they know.

Pulumi community edition is free forever for a single user. It supports all public cloud providers and with proper planning, one can create and deploy infrastructure quickly.

Thanks for reading!
If you found my work helpful, buy me a cup of coffee! I will appreciate it a lot.

Buy Me A Coffee