Getting Started with Pulumi on Digital Ocean
Digital Ocean (DO) is an excellent alternative to many other cloud service providers. DO provides a simple and easy-to-understand user interface, making infrastructure management and scaling a breeze. Furthermore, DO has excellent documentation and an active community that offers assistance, making it an excellent choice for developers of all skill levels.
As part of the evaluation, I’m using DO to host a Kubernetes cluster, a database cluster, Spaces (an s3 compatible storage), and CDN for static asset hosting. I’ll walk you through the process of setting up the Pulumi backend as a DO Space. I’m using the Spaces backend because I want to investigate how Pulumi can be used in situations where it’s not possible to sign up for the service and store the state on their servers, such as in high-security environments or for business reasons.
Start the installation and configuration of a basic configuration by following the Pulumi Kuberentes starting guide. After instalation, you must first run the pulumi login --local command before running the pulumi new command. This allows you to avoid creating a Pulumi login and prevents you from using the Pulumi Service as a backend.
After you’ve completed the starter guide, use pulumi logout to sign out the local Pulumi session. This will log you out of the currently stored local login, allowing you to point to the Spaces bucket to keep the state in a single location. Next, you can install and configure the AWS CLI because you will be using it to authenticate DO Spaces. Once you’ve installed aws cli, you’ll need to use the standard aws configure --profile digitalocean command to save the credentials for your Spaces bucket. To obtain DO credentials, navigate to the cloud dashboard and your project, then API on the left toolbar, then the Spaces Keys tab, and then Generate New Key. The Key will correspond to the AWS Access Key ID, and the Secret will correspond to the AWS Secret Access Key; the region can be any valid region key such as us-east-1. I believe that aws cli is not required and that both the .aws/config and .aws/credentials files can be manually configured; however, I have not tested this theory.
You can now login with:
pulumi login s3://{{YOUR SPACES BUCKET NAME}}/{{SUBFOLDER}}?endpoint={{REGION}}.digitaloceanspaces.com&profile=digitalocean’The subfolder is useful for configuring multiple Pulumi backends with the same bucket. The endpoint parameter is the region in which the Space was created, and the profile instructs Pulumi to use the AWS profile settings for login.
To create a new stack, use pulumi stack init dev once logged in. After that, you can confirm the Kubernetes deployment by running pulumi up. You can now see that the state has been saved in the DO Space. This allows for easy management and updating of the entire infrastructure, as well as a reliable backup of the state in the event of any problems or required rollbacks.
In conclusion, it is possible and easy to use DO Spaces as a Pulumi backend to store and manage the state of your infrastructure, making sure it is available and consistent across different environments and team members. Using DO Spaces as a Pulumi backend also gives you a safe, scalable place to store the state of your infrastructure without the need for extra infrastructure or maintenance. This makes it an ideal solution for teams of any size looking to streamline their infrastructure management processes.
