Make a table of which language and which cloud we're using for each example. Inspired by https://github.com/serverless/examples.

Per https://twitter.com/antirez/status/1039443441472688128, Redis is changing its terminology from master/slave to master/replica. Let's proactively go through our various examples that use Redis -- like the Kubernetes guestbook -- and make these same changes.

The sample https://github.com/pulumi/examples/tree/master/cloud-js-httpendpoint counts the current request when returning the count (so the lowest count is 1), whereas https://github.com/pulumi/examples/tree/master/aws-ts-serverless-raw starts with a count of 0.

I don't think we hav any examples showcasing the new serverless functionality from the AWS package. We have https://github.com/pulumi/pulumi-aws/blob/master/examples/stream/index.ts in the AWS repo, which would be a fine start, but something a little more complete would be nice.

Needs readmes:

• Alexa Skill

Complete:

• Webserver
• url shortener
• Voting app

The example declares a PV, nginxvolume, (see below) but:

1. it looks like the name we're passing to kubernetes.PersistentVolume is "redis", while the .metadata.name field looks to be "nginxvolume". To me, this makes the intended use not very clear.
2. I could be missing how Pulumi is juggling around the names, but to me nginxvolume doesn't look to be used, either in redis or nginx. redis seems to be using an emptyDir volume.

// Create an nginxvolume
let nginxvolume = new kubernetes.PersistentVolume("redis", {
    metadata: {
        name: "nginxvolume"
    },
    specs: [{
        capacity: {
            storage: "10Gi",
        },
        accessModes: ["ReadWriteMany"],
        persistentVolumeSource: {
            gcePersistentDisk: {
                pdName: "test-123",
            },
        },
    }],
});

Right now, our examples aren't necessarily self-describing in terms of how to get them to work. This would be really great to do, including what environments are supported -- at least one of our examples requires GCP, and I know most others require AWS -- and what configuration is needed. Basically, a step by step, starting from cloning, all the way to standing up a new instance, and then destroying.

Examples to fix (edited by Donna)

• aws-py-webserver
• kubernetes-ts-guestbook
• cloud-ts-url-shortener-cache

The pulumi new command now supports installing templates from arbitrary Git URLs, as long as they have template metadata. We should update all (or most) of the examples to support pulumi new.

We helped add a Datadog agent to a customer's cluster, and wading through the information available on the internet was not terribly straightforward. This might make a nice example, especially since it's standalone and can be used even if nothing else is on Pulumi. It is loosely based on https://docs.datadoghq.com/integrations/amazon_ecs/. Here's a quick snapshot of the idea:

// Configure Datadog for the cluster.

import * as config from "./config";
import { cluster } from "./foundation";
import * as pulumi from "pulumi";
import * as aws from "@pulumi/aws";

const prefix = pulumi.getStack();

// Allocate a Datadog agent that runs on every host node.  Adapted from:
//     https://docs.datadoghq.com/integrations/amazon_ecs/
const datadogAgentTask = new aws.ecs.TaskDefinition(`${prefix}-datadog-agent-task`, {
    family: "dd-agent-task",
    containerDefinitions: JSON.stringify([{
        name: "dd-agent",
        image: "datadog/docker-dd-agent:latest",
        cpu: 10,
        memory: 256,
        essential: true,
        mountPoints: [
            {
              containerPath: "/var/run/docker.sock",
              sourceVolume: "docker_sock"
            },
            {
              containerPath: "/host/sys/fs/cgroup",
              sourceVolume: "cgroup",
              readOnly: true,
            },
            {
              containerPath: "/host/proc",
              sourceVolume: "proc",
              readOnly: true,
            }
        ],
        environment: [
            {
                name: "API_KEY",
                value: config.datadogKey,
            },
            {
                name: "SD_BACKEND",
                value: "docker",
            },
        ],
    }]),
    volume: [
        {
            name: "docker_sock",
            hostPath: "/var/run/docker.sock",
        },
        {
            name: "proc",
            hostPath: "/proc/",
        },
        {
            name: "cgroup",
            hostPath: "/cgroup/",
        }
    ],
});
const datadogAgent = new aws.ecs.Service(`${prefix}-datadog-agent`, {
    cluster: cluster.ecsClusterARN,
    taskDefinition: datadogAgentTask.arn,
    desiredCount: config.getClusterSize(),
    placementStrategy: [{ type: "spread", field: "instanceId" }],
    placementConstraints: [{ type: "distinctInstance" }],
});

// And now authorize Datadog to read all of the things that it needs to.
let datadogIntegrationRole = new aws.iam.Role(`${prefix}-datadog-role`, {
    assumeRolePolicy: JSON.stringify({
        Version: "2012-10-17",
        Statement: [{
            Action: "sts:AssumeRole",
            Effect: "Allow",
            Condition: {
                StringEquals: {
                    "sts:ExternalId": config.datadogKey,
                },
            },
            Principal: {
                AWS: aws.getCallerIdentity().then(caller => `arn:aws:iam::${caller.accountId}:root`),
            },
        }],
    }),
});

let datadogIntegrationPolicy = new aws.iam.RolePolicy(`${prefix}-datadog-policy`, {
    role: datadogIntegrationRole.name,
    policy: JSON.stringify({
        Version: "2012-10-17",
        Statement: {
            Effect: "Allow",
            Resource: "*",
            Action: [
                "autoscaling:Describe*",
                "cloudtrail:DescribeTrails",
                "cloudtrail:GetTrailStatus",
                "cloudwatch:Describe*",
                "cloudwatch:Get*",
                "cloudwatch:List*",
                "ec2:Describe*",
                "ec2:Get*",
                "ecs:Describe*",
                "ecs:List*",
                "elasticache:Describe*",
                "elasticache:List*",
                "elasticloadbalancing:Describe*",
                "elasticmapreduce:List*",
                "iam:Get*",
                "iam:List*",
                "kinesis:Get*",
                "kinesis:List*",
                "kinesis:Describe*",
                "logs:Get*",
                "logs:Describe*",
                "logs:TestMetricFilter",
                "rds:Describe*",
                "rds:List*",
                "route53:List*",
                "ses:Get*",
                "ses:List*",
                "sns:List*",
                "sns:Publish",
                "sqs:GetQueueAttributes",
                "sqs:ListQueues",
                "sqs:ReceiveMessage",
            ],
        },
    }),
});

We could probably wrap this up in a single class and make it as easy as

new Datadog(ecsARN);

to configure.

Related to pulumi/docs#28

The LoadBalancer does not seems to work out as expected locally even with Kubernetes on Docker, it times out waiting for the front-end.
The documentation is misleading in that regard.
Also would be nice, if you know why/how to make it work locally, to explain how.

Using ClusterIP fixed it.

Also the comment in the code looks truncated.
https://github.com/pulumi/examples/blob/master/kubernetes-ts-guestbook/index.ts#L111

I've tested successfully the sock-shop.

See PR comment #21 (comment)

Show how this exact reference architecture maps to Pulumi: Set Up a Continuous Delivery Pipeline for Containers Using AWS CodePipeline and Amazon ECS

See also: https://github.com/awslabs/ecs-refarch-continuous-deployment

Add readme here: https://github.com/pulumi/examples/tree/master/aws-ts-airflow

Should include:

• Setup instructions
• How to deploy
• Clean up

Highlight standing up Azure Kubernetes Service + some Kubernetes resources in a single Pulumi program.

Highlight standing up a working EKS cluster in a single Pulumi program.

Customer contacted us on slack with questions about how to properly do secrets, and how they would like to use ParameterStore to acquire that stuff at runtime. It would likely be useful for many customers who use this system as per AWS's best practices recommendations.

Since the promises make the example inelegant, replace with a better one that shows loops. See #5 (comment).

Follow the readme steps for cloud-ts-url-shortener-cache-http. When curling the endpoint an unexpected payload is returned (expecting real web page).

$ curl $(pulumi stack output endpointUrl)
{"uncaught":{"url":"/index.html","baseUrl":"","originalUrl":"/index.html","version":"v8.10.0"}}

I am following steps in the gcp-ts-gke example to create a GKE cluster via pulumi.

At pulumi up, I got stuck with the following error, complaining missing "container.clusters.create" permission(s) to my project:

% pulumi up
Previewing update of stack 'gcp-ts-gke-dev'
Enter your passphrase to unlock config/secrets
    (set PULUMI_CONFIG_PASSPHRASE to remember):
Previewing changes:

     Type                            Name                       Plan          Info
 *   pulumi:pulumi:Stack             gcp-ts-gke-gcp-ts-gke-dev  no change
 +   ├─ gcp:container:Cluster        gke-cluster                create
 +   ├─ pulumi:providers:kubernetes  gkeK8s                     create
 +   └─ kubernetes:apps:Deployment   canary                     create

info: 3 changes previewed:
    + 3 resources to create
      1 resource unchanged

Do you want to perform this update? yes
Updating stack 'gcp-ts-gke-dev'
Enter your passphrase to unlock config/secrets
    (set PULUMI_CONFIG_PASSPHRASE to remember):
Performing changes:

     Type                      Name                       Status                  Info
 *   pulumi:pulumi:Stack       gcp-ts-gke-gcp-ts-gke-dev  done
 +   └─ gcp:container:Cluster  gke-cluster                **creating failed**     1 error

Diagnostics:
  gcp:container:Cluster: gke-cluster
    error: Plan apply failed: googleapi: Error 403: Required "container.clusters.create" permission(s) for "projects/XXX"., forbidden

info: no changes required:
      1 resource unchanged

What did I miss? However, I can successfully create a cluster directly via gcloud CLI:

%  gcloud container clusters create my_cluster --zone us-west1-c --scopes storage-rw --machine-type n1-standard-2

WIP in #54

Deploying kubernetes-ts-guestbook fails with:

 error: Unable to fetch schema: ValidationError(Service.spec.selector): invalid type for io.k8s.api.core.v1.ServiceSpec.selector: got "array", expected "map"

This was not triggering a TypeScript error due to pulumi/pulumi-kubernetes#98.

@ellismg commented on Tue Jan 16 2018

From a private email thread with Joe, he thought it might be interesting to take some existing web applications and show how they’d be done idiomatically with Pulumi.

@joeduffy commented on Tue Jan 16 2018

Specific examples were WordPress and Hubot. I'm sure there are many others.

This is for launch.

Since private beta customers have access to this repo, remove the generation of the zipfile.

Make the following changes for each example:

• In readme, remove pulumi init
• In readme, remove pulumi preview
• Update to 0.12.0 packages and test

@justinvp commented on Fri Jan 19 2018

(Edited by @lindydonna)

• Ensure the versions specified in package.json for examples repo work with npm build.

@lindydonna commented on Fri Feb 09 2018

For the examples repo I can take this. Is that what the issue is referring to?

When running pulumi up the stack outputs are not shown:

$ pulumi up
Previewing update of stack 'website-dev'
Previewing changes:

     Type                     Name                 Plan       Info
 +   pulumi:pulumi:Stack      website-website-dev  create     
 +   ├─ pulumi:providers:aws  default              create     
 +   ├─ aws:s3:Bucket         s3-website-bucket    create     
 +   ├─ aws:s3:BucketPolicy   bucketPolicy         create     
 +   ├─ aws:s3:BucketObject   www/index.html       create     
 +   └─ aws:s3:BucketObject   www/favicon.png      create     
 
info: 5 changes previewed:
    + 5 resources to create

Do you want to perform this update? yes
Updating stack 'website-dev'
Performing changes:

     Type                    Name                 Status      Info
 +   pulumi:pulumi:Stack     website-website-dev  created     
 +   ├─ aws:s3:Bucket        s3-website-bucket    created     
 +   ├─ aws:s3:BucketPolicy  bucketPolicy         created     
 +   ├─ aws:s3:BucketObject  www/index.html       created     
 +   └─ aws:s3:BucketObject  www/favicon.png      created     
 
info: 5 changes performed:
    + 5 resources created
Update duration: 7.633434765s

Permalink: https://app.pulumi.com/***

Also, when running pulumi stack it says "No output values currently in this stack":

$ pulumi stack

[...]

Current stack resources (6):
    TYPE                                             NAME
    pulumi:pulumi:Stack                              website-website-dev
    pulumi:providers:aws                             default
    aws:s3/bucket:Bucket                             s3-website-bucket
    aws:s3/bucketPolicy:BucketPolicy                 bucketPolicy
    aws:s3/bucketObject:BucketObject                 www/index.html
    aws:s3/bucketObject:BucketObject                 www/favicon.png

Current stack outputs (0):
    No output values currently in this stack

I'm not sure if it's a bug in our go support or bug in the example.

Partially complete in the url-shortener-simple branch.

Fix use of a hardcoded password in index.ts.

The AKS helm example tries to export the service IP using the following code:

export let serviceIP =
    (apache.resources["v1/Service::default/apache-apache"] as k8s.core.v1.Service).
        spec.apply(s => s.clusterIP);

This threw an error during preview as apache.resources["v1/Service::default/apache-apache"] was returning undefined. Once I removed the namespace 'default' from the key it worked ok and I got the correct output. Before I submit a PR to remove it, I wanted to check this issue repro'd with others.

Add a readme for kubernetes-ts-jenkins

We should add one of fhs GCP examples to this repo, along with a README with instructions.

Since the UI allows a POST with a duplicate key which results in the Table being updated, the redis cache key also needs to be deleted.

For instance, in aws-js-webserver:

{
    "name": "webserver",
    "version": "0.1.0",
    "main": "index.js",
    "dependencies": {
        "@pulumi/pulumi": "^0.12.0",
        "@pulumi/aws": "^0.12.0"
    }
}

We should bump everything so folks are on the latest providers.

I noticed this because misconfigured AWS creds gave me the old, terrible error message.

In the README file, under Cloud Applications, the Serverless REST API link is broken.

The versions are different from one example to the next; make them match the version in pulumi new typescript.

Add at least one Azure example - probably a variant of webserver targeting Azure.

We know there are some opportunities for making the Kubernetes guestbook even more beautiful than it is, thanks to using real languages. We have deployContainer but there are more "KubeJS Lite" opportunities. Let's make sure to land those before our upcoming launches.

Assigning to you, @lukehoban, feel free to reassign as appropriate.

Provide example for deploying a distributed application like zookeeper on aws.

We would like to have some automated testing in place to ensure that all examples can successfully build and deploy as we update examples and make updates to the Pulumi packages and CLI that examples depend on.

Incorporate the review feedback in the PR here: #5

• Use devDependencies for Node types
• Add webserver.ts to tsconfig
• Get rid of console.log and use export let
• Get rid of comments in VS Code json
• Use a secret for the redis password. Related to pulumi/docs#51
• Use a smaller instance for frontend vs app

When we wrote this, I did not realize the former was possible, and it's worth going back and cleaning it up.

Highlight realworld usage of some of the new capabilities:

1. Helm and/or Kubernetes YAML deployments
2. Deployment orchestration (rolling update of configmap+deployment, canary+monitoring staged deployment)

To reduce the concept count, use the Dynamo DB SDK directly in https://github.com/pulumi/examples/tree/master/cloud-js-httpendpoint, rather than using cloud.Table APIs.

It currently uses code copied from an MIT-licensed Azure Sample. See https://softwareengineering.stackexchange.com/questions/277688/if-i-fork-a-project-on-github-that-is-licensed-under-mit-how-to-i-handle-the-at for details on how to attribute.