Add a site
In this tutorial, you will follow step-by-step instructions to bring an existing site to Cloudflare using Pulumi infrastructure as code (IaC) to familiarize yourself with the resource management lifecycle. In particular, you will create a Zone and a DNS record to resolve your newly added site. This tutorial adopts the IaC principle to complete the steps listed in the Add site tutorial.
Ensure you have:
- A Cloudflare account and API Token with permission to edit the resources in this tutorial. If you need to, sign up for a Cloudflare account ↗ before continuing. Your token must have:
Zone-Zone-EditpermissionZone-DNS-Editpermissioninclude-All zones from an account-<your account>zone resource
- A Pulumi Cloud account. You can sign up for an always-free individual tier ↗.
- The Pulumi CLI is installed on your machine.
- A Pulumi-supported programming language ↗ is configured. (TypeScript, JavaScript, Python, Go, .NET, Java, or use YAML)
- A domain name. You may use
example.comto complete the tutorial.
A Pulumi project is a collection of files in a dedicated folder that describes the infrastructure you want to create. The Pulumi project folder is identified by the required Pulumi.yaml file. You will use the Pulumi CLI to create and configure a new project.
Use a new and empty directory for this tutorial.
mkdir addsite-cloudflarecd addsite-cloudflarePulumi Cloud ↗ is a hosted service that provides a secure and scalable platform for managing your infrastructure as code. You will use it to store your Pulumi backend configurations.
At the prompt, press Enter to log into your Pulumi Cloud account via the browser. Alternatively, you may provide a Pulumi Cloud access token ↗.
pulumi loginA Pulumi program is code written in a supported programming language ↗ that defines infrastructure resources.
To create a program, select your language of choice and run the pulumi command:
pulumi new javascript --name addsite-cloudflare --yes# wait a few seconds while the project is initializedpulumi new typescript --name addsite-cloudflare --yes# wait a few seconds while the project is initializedpulumi new python --name addsite-cloudflare --yes# wait a few seconds while the project is initializedpulumi new go --name addsite-cloudflare --yes# wait a few seconds while the project is initializedpulumi new java --name addsite-cloudflare --yes# wait a few seconds while the project is initializedpulumi new csharp --name addsite-cloudflare --yes# wait a few seconds while the project is initializedpulumi new yaml --name addsite-cloudflare --yesA Pulumi stack ↗ is an instance of a Pulumi program. Stacks are independently configurable and may represent different environments (development, staging, production) or feature branches. For this tutorial, you'll use the dev stack.
To instantiate your dev stack, run:
pulumi up --yes# wait a few seconds for the stack to be instantiated.You have not defined any resources at this point, so you'll have an empty stack.
In this step, you will store your settings in a Pulumi ESC Environment ↗, a YAML file containing configurations and secrets. These can be accessed in several ways, including a Pulumi program. All ESC Environments securely reside in your Pulumi Cloud account and can be fully managed via the Pulumi CLI. For this tutorial, you will store the following values:
- Your Cloudflare account ID.
- A valid Cloudflare API token.
- A domain. For instance,
example.com.
# Define an ESC Environment nameE=clouflare/my-dev-env
# Create a new Pulumi ESC Environmentpulumi config env init --env $E --yesCreating environment clouflare/my-dev-env for stack dev...# Replace abc123 with your Cloudflare Account IDpulumi env set $E --plaintext pulumiConfig.accountId abc123
# Replace API_TOKEN with your Cloudflare API Tokenpulumi env set $E --secret pulumiConfig.cloudflare:apiToken API_TOKEN
# Replace example.com with your registered domain, or leave as ispulumi env set $E --plaintext pulumiConfig.domain example.comYou need to install the Cloudflare package for your language of choice in order to define Cloudflare resources in your Pulumi program.
Install the Cloudflare package by running the following command:
npm install @pulumi/cloudflareadded 1 package ...npm install @pulumi/cloudflareadded 1 package ...echo "pulumi_cloudflare>=5.38,<6.0.0" >> requirements.txtsource venv/bin/activatepip install -r requirements.txt...Collecting pulumi-cloudflare...go get github.com/pulumi/pulumi-cloudflare/sdk/v3/go/cloudflarego: downloading github.com/pulumi/pulumi-cloudflare ...Below are Apache Maven instructions. For other Java project managers such as Gradle, see the official Maven repository ↗
- Open your
pom.xmlfile. - Add the Pulumi Cloudflare dependency inside the
<dependencies>section.
<dependency> <groupId>com.pulumi</groupId> <artifactId>cloudflare</artifactId> <version>5.38.0</version></dependency>- Run:
mvn clean install...[INFO] BUILD SUCCESS...dotnet add package Pulumi.Cloudflare...info : Adding PackageReference for package 'Pulumi.Cloudflare' into project...There are no dependencies to download for YAML. Skip ahead.
With the Cloudflare package installed, you can now define any supported Cloudflare resource ↗ in your Pulumi program. You'll define a Zone, and a DNS Record next.
A domain, or site, is known as a Zone in Cloudflare. In Pulumi, the Zone resource ↗ represents a Cloudflare Zone.
Replace the contents of your entrypoint file with the following:
Filename: index.js
"use strict";const pulumi = require("@pulumi/pulumi");const cloudflare = require("@pulumi/cloudflare");
const config = new pulumi.Config();const accountId = config.require("accountId");const domain = config.require("domain");
// Create a Cloudflare resource (Zone)const zone = new cloudflare.Zone("my-zone", { zone: domain, accountId: accountId, plan: "free", jumpStart: true,});
exports.zoneId = zone.id;exports.nameservers = zone.nameServers;exports.status = zone.status;Filename: index.ts
import * as pulumi from "@pulumi/pulumi";import * as cloudflare from "@pulumi/cloudflare";
const config = new pulumi.Config();const accountId = config.require("accountId");const domain = config.require("domain");
// Create a Cloudflare resource (Zone)const zone = new cloudflare.Zone("my-zone", { zone: domain, accountId: accountId, plan: "free", jumpStart: true,});
export const zoneId = zone.id;export const nameservers = zone.nameServers;export const status = zone.status;Filename: __main__.py
import pulumiimport pulumi_cloudflare as cloudflare
account_id = pulumi.Config().require("accountId")domain = pulumi.Config().require("domain")
# Create a Cloudflare resource (Zone)zone = cloudflare.Zone("my-zone", zone=domain, account_id=account_id, plan="free", jump_start=True)
pulumi.export("zoneId", zone.id)pulumi.export('nameservers', zone.name_servers)pulumi.export('status', zone.status)Filename: main.go
package main
import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" cloudflare "github.com/pulumi/pulumi-cloudflare/sdk/v3/go/cloudflare")
func main() { pulumi.Run(func(ctx *pulumi.Context) error { domain, _ := ctx.GetConfig("domain")
// Create a Cloudflare resource (Zone) zone, err := cloudflare.NewZone(ctx, "my-zone", &cloudflare.ZoneArgs{ Zone: pulumi.String(domain), Plan: pulumi.String("free"), JumpStart: pulumi.Bool(true), }) if err != nil { return err }
ctx.Export("zoneId", zone.ID()) ctx.Export("nameservers", zone.NameServers) ctx.Export("status", zone.Status) return nil })}Filename: src/main/java/myproject/App.java
package myproject;
import com.pulumi.Pulumi;import com.pulumi.Context;import com.pulumi.cloudflare.ZoneArgs;import com.pulumi.cloudflare.Zone;
public class App { public static void main(String[] args) { Pulumi.run(ctx -> { var config = ctx.config();
String accountId = config.require("accountId"); String domain = config.require("domain");
var zone = new Zone("my-zone", ZoneArgs.builder() .zone(domain) .accountId(accountId) .plan("free") .jumpStart(true) .build());
ctx.export("zoneId", zone.id()); ctx.export("nameservers", zone.nameServers()); ctx.export("status", zone.status()); }); }}Filename: Program.cs
using System.Threading.Tasks;using System.Collections.Immutable;using Pulumi;using Pulumi.Cloudflare;
class Program{ static Task<int> Main() => Deployment.RunAsync<MyStack>();
class MyStack : Stack { public MyStack() { var config = new Pulumi.Config(); var accountId = config.Require("accountId"); var domain = config.Require("domain");
var zone = new Zone("my-zone", new ZoneArgs { ZoneName = domain, AccountId = accountId, Plan = "free", JumpStart = true });
this.ZoneId = zone.Id; this.Nameservers = zone.NameServers; this.Status = zone.Status; }
[Output] public Output<string> ZoneId { get; set; } public Output<ImmutableArray<string>> Nameservers { get; set; } public Output<string> Status { get; set; } }}Filename: Pulumi.yaml
name: addsite-cloudflareruntime: yamlresources: myZone: type: cloudflare:Zone properties: zone: ${domain} accountId: ${accountId} plan: "free" jumpStart: true
outputs: zoneId: ${myZone.id} nameservers: ${exampleZone.nameServers} status: ${exampleZone.status}Notice that the code also outputs several properties from the Zone resource, such as the zoneId, nameservers, and status, so that they can easily be accessed in subsequent steps.
You will now add a DNS Record resource ↗ to test previously configured Zone.
Add the following code snippet to your entrypoint file after the Zone resource definition:
Filename: index.js
const record = new cloudflare.Record("my-record", { zoneId: zone.id, name: domain, content: "192.0.2.1", type: "A", proxied: true,});Filename: index.ts
const record = new cloudflare.Record("my-record", { zoneId: zone.id, name: domain, content: "192.0.2.1", type: "A", proxied: true,});Filename: __main__.py
record = cloudflare.Record("my-record", zone_id=zone.id, name=domain, content="192.0.2.1", type="A", proxied=True)Filename: main.go
_, err = cloudflare.NewRecord(ctx, "my-record", &cloudflare.RecordArgs{ ZoneId: zone.ID(), Name: pulumi.String(domain), Content: pulumi.String("192.0.2.1"), Type: pulumi.String("A"), Proxied: pulumi.Bool(true), }) if err != nil { return err }Filename: src/main/java/myproject/App.java
// Add importsimport com.pulumi.cloudflare.Record;import com.pulumi.cloudflare.RecordArgs;
// Below the Zone resource, addnew Record("my-record", RecordArgs.builder().zoneId(zone.id()).name(domain).content("192.0.2.1").type("A").proxied(true).build());Filename: Program.cs
new Record("my-record", new RecordArgs{ ZoneId = zone.Id, Name = domain, Content = "192.0.2.1", Type = "A", Proxied = true});Filename: Pulumi.yaml
myRecord: type: cloudflare:Record properties: zoneId: ${myZone.id} name: ${domain} content: 192.0.2.1 type: A proxied: trueNow that you have defined your resources, you can deploy the changes using the Pulumi CLI so that they are reflected in your Cloudflare account.
To deploy the changes, run:
pulumi up --yeswait for the dev stack to become readyOnce you have added a domain to Cloudflare, that domain will receive two assigned authoritative nameservers.
To retrieve the assigned nameservers, run:
pulumi stack outputUpdate the nameservers at your registrar to activate Cloudflare services for your domain. The instructions are registrar-specific. You may be able to find guidance under this consolidated list of common registrars.
Once successfully registered, your domain status will change to active.
pulumi stack outputYou will run two nslookup commands against the Cloudflare-assigned nameservers.
To test your site, run:
DOMAIN=$(pulumi config get domain)NS1=$(pulumi stack output nameservers | jq '.[0]' -r)NS2=$(pulumi stack output nameservers | jq '.[1]' -r)nslookup $DOMAIN $NS1nslookup $DOMAIN $NS2For .NET, use Nameservers as the Output.
Confirm your response returns the IP address(es) for your site.
In this last step, you will remove the resources and stack used throughout the tutorial.
pulumi destroy --yespulumi stack rm devYou have incrementally defined Cloudflare resources needed to add a site to Cloudflare. You declare the resources in your programming language of choice and let Pulumi handle the rest.
To deploy a serverless app with Pulumi, follow the Deploy a Worker tutorial.