So you are not a big fan of YAML? - Ketch So you are not a big fan of YAML? - Ketch

Not a big fan of YAML?

There is no doubt that YAML has developed a reputation for being a painful way to define and deploy applications on Kubernetes. The combination of semantics and empty spaces can drive some developers crazy. 

As Kubernetes advances, is it time for us to explore different options that can support both DevOps and Developers in deploying and managing applications on Kubernetes?

Using code to define ... code ...?

Pulumi: Modern infrastructure as code for developers, a.k.a the new kid on the block.

Pulumi targets the widespread infrastructure as code (IaC) space but using a different approach. It allows developers to define infrastructure using their language of choice, such as TypeScript, JavaScript, Python, and others, instead of a proprietary language, such as HCL, from our friends at HashiCorp.

It is an exciting approach that can benefit teams when scaling the management and evolution of infrastructure since it’s easier to find folks in your group who can help write, manage, and extend the infrastructure as code definitions using existing languages.

Extending Ketch

Although the approach taken by Pulumi is intriguing, the way it deploys applications on Kubernetes today is very “infrastructure-focused.”  What I mean by that is that Pulumi requires developers to define the entire Kubernetes manifest and object, as they would do with Helm, but using their preferred language.

While it may bring some initial benefits, it still requires developers to know how to define the objects in Kubernetes in detail.

The experience above is what drove us to extend Ketch and create a Ketch provider for Pulumi. By combining the application-focused approach from Ketch with the IaC model from Pulumi, developers can have an application-focused layer they can leverage to quickly deploy their applications without getting into the underlying infrastructure details exposed by Kubernetes.

We will go through the steps to deploy an application using Ketch and Pulumi but you can find additional details about the plugin here:

Installing Ketch

You can find detailed information on how to install Ketch here: Getting Started (

As a quick start, here are the steps:

Installing the Ketch CLI can be done using the command below:

Ketch for Kubernetes - Deploy Cloud Native Applications
curl -s | bash

With the CLI installed, we can then install the cert-manager. Ketch uses Cert-manager to generate certificates for our future applications automatically:

The next step is to install an ingress controller that Ketch can use. When deploying applications, Ketch will automatically create an endpoint for you to access your applications. For this example, we can use Istio as the ingress controller:

ISTIO_VERSION=1.9.0 && curl -L |ISTIO_VERSION=1.9.0 sh - && cd istio-$ISTIO_VERSION && export PATH=$PWD/bin:$PATH && cd ..

istioctl install --set profile=demo

With all components installed, we can then install Ketch’s controller

kubectl apply -f

Installing The Ketch Provider For Pulumi

Download Ketch’s resource plugin for Pulumi here

Once downloaded, move it to your local Pulumi path:

mv pulumi-resource-ketch $HOME/.pulumi/bin

Now, add Pulumi to your PATH by using the command below:

export PATH=$PATH:$HOME/.pulumi/bin

Deploying an Application

With Ketch and the provider for Pulumi installed, you can now deploy a sample application.

For Ketch to deploy applications, we first need to create a framework. Frameworks in Ketch translate to a namespace in your cluster, and when deploying applications targeting that framework, they will be deployed to the created namespace.

Let’s initialize Pulumi, so we can get started. You can do this by running:

pulumi new typescript

As a result, Pulumi will create the file structure required for you to run Ketch and Pulumi:

Now, let’s create the Ketch framework definition file. You can edit the index.ts file and add the following content:

import * as pulumi from "@pulumi/pulumi";
import * as ketch from "@shipa-corp/kpulumi";

const item = new ketch.Framework("dev-framework", {
framework: {
name: "dev",
ingressController: {
className: "istio",
serviceEndpoint: "",
type: "istio",

export const frameworkName =;

const app = new ketch.App("bulletin-app", {
app: {
name: "bulletin-app",
image: "",
framework: "dev",

export const appName =;

With the index.ts file updated, install the required npm package using the command below:

npm i @shipa-corp/kpulumi

Now, just run the command below to have both your framework and application deployed:

pulumi up

The output above shows that both the framework and the applications were deployed.

You can check the framework by using the command below:

ketch framework list

As mentioned above, when you create a framework, Ketch automatically creates a namespace for it in your cluster (you can also instruct Ketch to use an existing namespace instead):

You can also check the status of your application and the endpoint to access it by using the command below:

ketch app list

If we access the endpoint created above, we can see our application’s web interface:


By combining Ketch and Pulumi, you can improve the developer experience when deploying applications on Kubernetes.

We would love to hear your feedback and input to continue improving Ketch and build additional providers.