Practice the vocabulary of Pulumi infrastructure-as-code and GitOps workflows: stacks, programs, resources, and Git-driven operations.
0 / 8 completed
1 / 8
How does Pulumi differ from Terraform in how infrastructure is defined?
Pulumi's key differentiator: you write real code (loops, conditionals, functions, classes) rather than a declarative DSL. This enables more powerful abstractions but also introduces the complexity of software engineering into infrastructure.
2 / 8
In Pulumi, what is a 'stack'?
Pulumi stacks correspond to deployment environments. The same Pulumi program deployed as 'dev' and 'prod' stacks creates isolated infrastructure sets. Stack configuration (stack.yaml) holds environment-specific values.
3 / 8
What is 'GitOps' as a deployment philosophy?
GitOps means: Git is the source of truth, PRs are the change mechanism, and automation (ArgoCD, Flux) continuously reconciles the cluster/infrastructure to match Git state. Humans never apply changes manually.
4 / 8
In a GitOps workflow, what does 'reconciliation' mean?
Reconciliation is what makes GitOps self-healing. ArgoCD/Flux continuously polls Git and the cluster — when they differ, it automatically applies changes to make the cluster match Git. This is the 'loop' in the GitOps control loop.
5 / 8
What is the 'app of apps' pattern in ArgoCD (GitOps)?
App of apps solves the bootstrapping problem: instead of manually creating ArgoCD Applications for every service, you create one root Application that manages all others via a Git repo. Adding a new app means adding it to Git, not clicking in UI.
6 / 8
What does 'progressive delivery' mean in a GitOps context?
Progressive delivery (Argo Rollouts, Flagger) automates canary deployments: 10% traffic → analyze metrics → 25% → analyze → 100% or rollback. This combines GitOps' declarative model with automated risk reduction.
7 / 8
What is a 'Pulumi ComponentResource'?
ComponentResources are Pulumi's reusability pattern. You can create a 'WebService' component that provisions an ECS task, load balancer, and Route53 record — then reuse it across projects. This is infrastructure as genuine software abstraction.
8 / 8
In GitOps, what does 'sealed secrets' or 'external secrets' pattern solve?
GitOps requires everything in Git, but you cannot commit plaintext secrets. Sealed Secrets encrypts them for safe Git storage; External Secrets Operator fetches them from Vault/AWS Secrets Manager at runtime. Both patterns are essential for secure GitOps.