Small knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”. This article also participated in the “Digitalstar Project” to win a creative gift package and creative incentive money.

One, foreword

Infrastructure-as-code tools for implementing cloud management include Terraform, Pulumi, etc. Terraform is more popular and more widely used. One of the biggest pain points when using Terraform to manage infrastructure is that “the configuration syntax is too simple, resulting in cumbersome configuration and additional learning of the expression language DSL-HCL created by HasiCorp.” As an up-and-comer, maybe using Pulumi can help us solve this problem.

B: What is Pulumi

Pulumi is a meet infrastructure as a code of automatic management platform, using the Python/TypeScript/Go/Dotnet many common development language written statement of allocation of resources, a key to achieve can create/modify/destroy all kinds of cloud resources. It works together with downloaded CLI, runtime, libraries, and managed services to provide a reliable way to supply, update, and manage cloud infrastructure. The following code demonstrates whether creating cloud resources programmatically in Python is developer friendly and readable.

import pulumi import pulumi_aws as aws size = 't2.micro' ami = aws.get_ami(most_recent="true", owners=["137112412989"], filters=[{"name":"name","values":["amzn-ami-hvm-*"]}]) group = aws.ec2.SecurityGroup('webserver-secgrp', description='Enable HTTP access', ingress=[ { 'protocol': 'tcp', 'from_port': 22, 'to_port': 22, 'cidr_blocks': ['0.0.0.0/0']}]) server = aws.ec2.Instance('webserver-www', instance_type=size, vpc_security_group_ids=[group.id], # reference security group from above ami=ami.id) pulumi.export('publicIp', server.public_ip) pulumi.export('publicHostName', server.public_dns)Copy the code

Pulumi Vs Terraform

3.1 Origin of the two

Pulumi and Terraform have a lot in common in that they both code to create, deploy, and manage infrastructure on any cloud. Any cloud includes foreign AWS, Azure, GCP, and of course domestic clouds including AliYun, TencentCloud, UCloud, etc.

Both are available on GitHub as open source community versions, and open source licenses are available for commercial use. Pulumi started out standing on the shoulders of the Terraform Provider, which did the smart thing of providing the Pulumi-TF-provider-Boilerplate tool for repackaging, which acts as a bridge.

3.2 Differences between the Two

According to the official introduction of Pulumi, There are major differences between Pulumi and Terraform in terms of language support, state management, Provider support and open source protocol.

Languages Supported by Pulumi include:

  • Python
  • TypeScript
  • JavaScript
  • Go
  • C#
  • F#
  • VB
  • .

The only languages officially supported by Terraform include HCL, Json declarative, and if you count the experimental Terraform-CDK product, it will also support in the future:

  • TypeScript
  • Python
  • Java
  • C#
  • Go

The chart below nicely illustrates the current language support differences between the two.

【 State, visual management 】

Ultimately, state management is a poor part of the Terraform user experience, as it does not provide functionality and customers are left to find solutions in the open source community. As for Pulumi, because of its use of various development languages, it is very convenient to use a variety of databases in the code for data manipulation. At the same time, Terraform provides little support for state presentation and visualization during deployment, resulting in a poor user experience. For Pulumi, the goal is to explicitly support state management and visual manipulation, effectively addressing user pain points.

In addition to the status management mentioned above, Pulumi also achieved true encryption of the private content in the status, which is key.

[Provider support]

As mentioned above, Pulumi supports all of Terraform’s providers through conversion tools. Pulumi also has deep support for cloud native technologies such as K8s, enabling advanced deployment scenarios that Terraform cannot express. These include Prometheus-based canaries, automatic Envoy Sidecar injection, etc. It is clear that cloud native is a trend following the cloud computing wave, and Pulumi is deeply invested in cloud native and aims to be the leader of the next generation of DevOps tools.

[Open Source Agreement]

Terraform uses a weak Copyleft Mozilla Public License 2.0. Instead, the Pulumi open source project uses the relaxed and business-friendly Apache License 2.0. Its open source content includes the core Pulumi repository, all open source Pulumi resource providers (such as Azure Native providers), conversion utilities (such as TF2Pulumi), and other useful projects.

[Reusable components]

With a real language, we can build higher levels of abstraction. Building abstractions and reusing modules in other languages like TypeScript is significantly less than using text in YAML.

Lambda has no service function.

You can write serverless functions using lambda expressions in a language you are familiar with, without a line of YAML or other declarative languages.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
​
const example = new aws.lambda.FunctionEventInvokeConfig("example", {
    functionName: aws_lambda_alias.example.function_name,
    destinationConfig: {
        onFailure: {
            destination: aws_sqs_queue.example.arn,
        },
        onSuccess: {
            destination: aws_sns_topic.example.arn,
        },
    },
});
Copy the code

In addition to the above, Pulumi also supports renaming and refactoring quite well, and also provides a Tranformation mechanism that allows us to define the logic of changing the resource definition in code.

Four,

According to the above analysis and comparison, Pulumi has so many outstanding advantages that it is inevitable for us to choose Pulumi as our Iac tool. Not necessarily! Firstly, we analyze and compare the Google Heat index (October 10, 2021) of the two keywords, with the blue curve representing Terraform and the red curve representing Pulumi.

As it turns out, Terraform is more popular as an eco-building product that started in 2014 than Pulumi, which debuted in 2017. Pulumi’s ecology is far worse than Terraform’s. And Terraform may soon go public, which would be a capital blow to Pulumi. So choose Pulumi carefully.

After analyzing Github’s popularity (October 10, 2021), Terraform’s popularity is much higher than Pulumi’s, which also confirms the Google Popularity index. However, this result should be viewed dialectically. After all, Pulumi, as a rising star, has achieved quite good community activity in terms of current attention.

On the other hand, Pulumi provides a source of code descriptions that developers are familiar with. Expressive enough, but is it difficult to read and debug? Dev + Ops would be really hard to separate. In this way, the organizational structure will also be adjusted, and r&d and operations will be integrated. Whether this change is good or bad depends on how the team looks at it dialectically.