Crossplane is an open source project that lets you turn a Kubernetes cluster into a universal control plane. Crossplane allows you to create digital infrastructure resources from inside a Kubernetes cluster, allows you to setup multi-cloud infrastructure in one place and gives platform engineers a way to let application developers spin up and down cloud resources without requiring extensive knowledge of the cloud.
With Crossplane, all cloud resources are stored in the Kubernetes API as a Custom Resource Definitions (CRDs), meaning that the resource can be defined through a yaml spec and stored in a code repository, unlocking the power of Infrastructure as Code and a GitOps workflow.
In this chapter we will install Crossplane in our cluster and create a DigitalOcean Droplet. Then, you will install another Crossplane provider that you chose and spin up a cloud resource from that provider.
- n/a
Create a namespace called crossplane-system
kubectl create namespace crossplane-systemAdd the crossplane-stable Helm repo and update it
helm repo add crossplane-stable https://charts.crossplane.io/stable
helm repo update crossplane-stableCreate a Helm release called crossplane in the crossplane-system namespace
helm install crossplane --namespace crossplane-system crossplane-stable/crossplaneInspect the install.yaml file and then run the command
kubectl apply -f crossplane/install.yamlMake sure that the provider was installed correctly. Run the command
kubectl get providerYou should see output similar to this:
NAME INSTALLED HEALTHY PACKAGE AGE
provider-do True True crossplane/provider-digitalocean:v0.1.0 3m
Reveal the value of your DO_TOKEN and copy it to your clipboard.
echo $DO_TOKENBase64 encode the token
MacOS and Linux
echo '<YOUR_DO_TOKEN>' | base64Windows
Use a tool you have used in the past, or go to DuckDuckGo and enter base64 <YOUR_DO_TOKEN>. The encoded string will appear at the top of the page.
Copy the encoded token to your clipboard, and then replace the place holder (BASE64ENCODED_PROVIDER_CREDS) in line 9 of the config.yaml with your encoded token.
Note: It is easy to decode Base64-encoded data, so it is not safe to commit your token to a public git repo. This is a great opportunity to use sealed-secrets.
Create the Secret and ProviderConfig
kubectl apply -f crossplane/config.yaml
Check that the ProviderConfig was properly setup with the command
kubectl get providerconfigYou should see output like this:
NAME AGE
do-example 2mInspect the droplet.yaml file and then create the droplet
k apply -f crossplane/droplet.yamlCheck that a droplet was created by looking at the DigitalOcean Cloud Console or run the command
doctl compute droplet list --format NameYou should see your Kubernetes cluster nodes and a VM named crossplane-droplet
Name
kubecon-node-cgyld
kubecon-node-cgyl0
kubecon-node-cgyl1
crossplane-dropletTake a look at Crossplane's official list of providers. Choose one that you'd like to explore. We recommend that choose a provider that you are already familiar with and you've got an account with so it's easy to generate credentials.
Following the instructions from the provider's documentation, install the provider.
Following the instructions from the provider's documentation, configure the Secret and create the provider config.
Choose a new resource to create. Once you are done, celebrate because you have setup multi-cloud infrastruction with Crossplane! 🎉