iSharkFly-Docs/pulumi-hugo-cn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
pulumi-hugo-cn/themes/default/content/blog/vscode-devcontainers/index.md

277 lines
11 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: "Build a Pulumi VS Code Devcontainer Environment"
date: 2020-07-14
meta_desc: "Build a VS Code devcontainer for Pulumi infrastructure as code projects."
meta_image: devcontainer.png
authors:
- sophia-parafina
tags:
- development-environment
- containers
- docker
---
One of the major advantages of using containers for development is reducing the need to install software and associated dependencies. Developers can start writing code without configuring a development environment that emulates production. The Visual Studio Code Remote - Containers extension lets you develop inside a container. If you want to use Pulumis infrastructure as code engine without installing the Pulumi CLI, this blog post is for you!
<!--more-->
## Pre-requisites
To set up your development environment, youll need Visual Studio Code, [Docker Desktop](https://www.docker.com/products/docker-desktop), and the [Remote - Containers extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers).
1. Check to see if Docker is running:
```bash
$ docker --version
Docker version 19.03.8, build afacb8b
```
1. Check to see if the **Remote - Containers** is installed:
![Remote status](remote-status-bar.png)
Click on the green icon in the Remote Status Bar to display the commands:
![Remote container commands](remote-containers-commands.png)
## Building the Pulumi container
Now we can start!
1. Create a directory for your project.
```bash
$ mkdir my_devcontainer
$ cd my_devcontainer
```
Open the directory in VS Code.
![Open directory](open_devcontainer_dir.png)
1. Next, well create the devcontainer configuration files. Click on the Remote Status button and select **Add Development Container Configuration Files ...**.
![A configuration files](add_devcontainer_config_files.png)
1. Select the latest version for **Alpine**. Well replace the Dockerfile with the Pulumi Dockerfile.
![Select config file](select_config_file.png)
VS Code will display a popup asking to build the container. Dismiss the popup, we will replace the Dockerfile with the Pulumi Dockerfile.
![Popup](build_container_popup.png)
In your project directory, youll see a *.devcontainer* directory with a Dockerfile that builds the container and a *devcontainer.json* for configuring the container environment.
## Dockerfile
For this example, well use the standard Pulumi Dockerfile, which includes the SDK for all the supported languages. Download the [Dockerfile](https://raw.githubusercontent.com/pulumi/pulumi/master/.devcontainer/Dockerfile) and save it to the .devcontainer directory.
```bash
$ cd .devcontainer
$ curl "https://raw.githubusercontent.com/pulumi/pulumi/master/.devcontainer/Dockerfile" -o Dockerfile
```
## Container configuration
Next, we'll clean up the `.devcontainer/devcontainer.json` file and set up the necessary credentials.
First edit `devcontainer.json` as follows:
- Replace the "name" field with `Pulumi`
- Remove the "args" line
- Replace the "remoteUser" value with `user`
Regardless of your cloud provider, you will have to provide your credentials to deploy resources. If you want to save your project to Github or another repository, you dont want your credentials stored in the repository. There are several ways to do this securely. Using AWS as an example, you can export them inside the container, e.g.,
Linux/macOS:
```bash
export AWS_ACCESS_KEY_ID=AKIAI44QH8DHBEXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
```
Windows:
```cmd
SET AWS_ACCESS_KEY_ID=AKIAI44QH8DHBEXAMPLE
SET AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
```
The disadvantage of this method is that you will have to set these environment variables every time you start the devcontainer.
### Use local environment variables
One alternative is to set the environment variables on your local machine and pass them to the container through the *devcontainer.json* file. This method requires that you have VS Code in your path and launch it from the shell.
1. Use CTRL+SHIFT+P or CMD+SHIFT+P to bring up the command palette and type *Shell Command: Install code command in PATH*. You can set your credentials as environmental variables and launch the VS Code from the shell
![Install code](install-code-in-path.png)
```bash
$ export AWS_ACCESS_KEY_ID=AKIAI44QH8DHBEXAMPLE
$ export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
$ code .
```
1. Next, set your provider credentials on your machine and add the following to *devcontainer.json*.
```json
"containerEnv": {
"AWS_ACCESS_KEY_ID": "${localEnv:AWS_ACCESS_KEY_ID}",
"AWS_SECRET_ACCESS_KEY": "${localEnv:AWS_SECRET_ACCESS_KEY}"
},
```
### Use an .env file
Another alternative is to use a devcontainer.env file, which contains your credentials.
1. Create a file with your crendentials.
```
AWS_ACCESS_KEY_ID=AKIAI44QH8DHBEXAMPLE
AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
```
1. Then add it to the *devcontainer.json* file.
```json
"runArgs": ["--env-file","devcontainer.env"],
```
1. To prevent it from exposing your credentials on a public repository, add the file to *.gitignore* or similar for you repository, e.g.,
```bash
echo devcontainer.json > .gitignore
```
There are many more [configuration options available](https://code.visualstudio.com/docs/remote/containers-advanced), including mounts and remote configurations.
## Try it out
Again, use the command palette to start the container. Use the **Open Folder in Container...** command, and select the project folder. If youve already got the folder open locally, you could also use the **Reopen in Container** command.
Check to see if your credentials are set. Open a terminal in VS Code if it isnt already open.
```bash
$ user@973a612c1555:/workspaces/my_devcontainer# env | grep AWS
AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
AWS_ACCESS_KEY_ID=AKIAI44QH8DHBEXAMPLE
```
Now we ready to use Pulumi in our VS Code development environment! Lets try it out by creating an S3 bucket. First, well make a directory for our project and use `pulumi new` to create a default project.
```bash
$ mkdir my_project
$ cd my_project
$ pulumi new aws-typescript
```
Follow the prompts, then run `pulumi up` to deploy.
```bash
$ pulumi up
Previewing update (dev):
Type Name Plan
+ pulumi:pulumi:Stack my_project-dev create
+ └─ aws:s3:Bucket my-bucket create
Resources:
+ 2 to create
Do you want to perform this update? yes
Updating (dev):
Type Name Status
+ pulumi:pulumi:Stack my_project-dev created
+ └─ aws:s3:Bucket my-bucket created
Outputs:
bucketName: "my-bucket-cbdec06"
Resources:
+ 2 created
Duration: 31s
Permalink: https://app.pulumi.com/spara/my_project/dev/updates/1
```
You can CMD + click on the link to open a browser and display the status of your project on the Pulumi Service.
![Pulumi Service](pulumi-console.png)
## Build a Pulumi examples devcontainer
Pulumi has a repository of examples, and we can create a devcontainer from the repository so you can try them out.
1. Clone the repository, then follow the steps above to create and configure the Pulumi container image.
```bash
$ git clone https://github.com/pulumi/examples.git
```
1. Create the configuration files, add the Pulumi Docker file, and add your credentials.
1. Lets deploy a Kubernetes cluster! With `pulumi stack init`, we can create a stack, but we will need to install the project dependencies and set configuration variables such as the region.
```bash
$ cd aws-ts-eks
$ pulumi stack init
$ npm install
$ pulumi config set aws:region us-west-2
$ pulumi up
```
Heres the kubeconfig file's output, which you can use with kubectl to manage the cluster.
```bash
Outputs:
kubeconfig: {
apiVersion : "v1"
clusters : [
[0]: {
cluster: {
certificate-authority-data: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01EY3hNVEl5TXpZMU9Wb1hEVE13TURjd09USXlNelkxT1Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTHFvCk9wTDBiQWo2TFFMNlh2anRsMFZ6TUN5WTJmYlo4cXEvNGd3bkJxcVI2RFV6Q1RwbkJmOHJVRjVrUXhBQXRUNysKTTFZblp5VEFBYndOZ3NIL3lObk5sMnFCQmRSQ0JZTVVlN1I2MVBxcGdabFZpN0JaNHRlek9DalRqeGV0SXlaMwoxRW9TdTNBYnhzTmh6dDVBTjVYZklnZlBuM3B2eEtwYTA1MEg3aWhFaUptSEl3M0Z5TVovUHpxY2JHczh3RHVCCk1jYjNzOHMwZDBIVExsb2dCL2svOVBLbGVpZDgyWFkxMEdBN0YxeFM2cFdZODkwQ1BwNXpWZ0pRWGhuRGR2S1gKVlFValdCTDZQYU14U0lBZEZQM1BZYk1FdXk5Vyt0c2lqc2VydThVNTVpUDlWSUdMdTZzdEdycTNuQUhtUk40UQpqeXRCRWd4RjN1R0dtZ0dMOStFQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFEcUtyVGVnZmhWbElNUklQNjFVZEtvaGtnS3MKblUyZjUvTHBzU3ozbmliUCt3Y2VpNktYL3RSNjAzTHhFMlVXUTlmR0ZycTBCMTlJR1JaK0VVQjl2Vy9JdWowTApVK2UwUUtWc01qd2dMWm4rS3IyN0VQNUNGay8vZEVCRUZqa01PMmNlTFFRaFcvUXFzSFhJb2ZjZ0UvZnJ3YzErCmQwdGROWmxJa3JRdzJwYnVhcVI0VmRlWlpVSitqbW8rdEo1SlZ5a2Rwa29JYml1ZEZ6Q0N5YVB1LzhJc09CTUsKcWtvTFpNazdBMzh5SWxDK2RCTnJwdkQvRTF5U1lhcXlDaE5CdVBkd1VqcWZaWmJmaWR5N050emd2VjMvUWFtWgpuZUJJcWs0c1AzSWU0TUN0QmV4bU9iSWowdVBLTnVCQ01UTStxSVI2UWdnYXdEbWxXcXE4V0ZiUlNJMD0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
server : "https://3FE47B904E57AF9E16E0B7F00C7EEABA.yl4.us-west-2.eks.amazonaws.com"
}
name : "kubernetes"
}
]
contexts : [
[0]: {
context: {
cluster: "kubernetes"
user : "aws"
}
name : "aws"
}
]
current-context: "aws"
kind : "Config"
users : [
[0]: {
name: "aws"
user: {
exec: {
apiVersion: "client.authentication.k8s.io/v1alpha1"
args : [
[0]: "eks"
[1]: "get-token"
[2]: "--cluster-name"
[3]: "cluster-eksCluster-367b66b"
]
command : "aws"
}
}
}
]
}
```
You can now try out any of our infrastructure as code examples with this devcontainer.
## Conclusion
As you can see, weve built our development with VS Code and Docker. Using a Pulumi devcontainer lets you build and deploy infrastructure without installing Pulumi or any associated dependencies on your computer. Moreover, you can share your development environment by creating a repository. Give it a try and let us know what youre building on [Slack](https://pulumi.slack.com) or [Twitter](https://twitter.com/pulumicorp).
Reference in New Issue View Git Blame Copy Permalink