Don’t Be a Cloud Cowboy: Tame Your Infrastructure with Crossplane

Crossplane — The cloud native control plane framework

What is Crossplane? and why is it part of Cloud Native Computing Foundation (CNCF)?

Photo by John McArthur on Unsplash

This specific blog post about Crossplane is like a “microservice :)” in the larger cloud native architecture of our main article about Cloud Native — https://medium.com/@raymondsquared/cloud-native-without-strings-2e7babf78c85

Infrastructure as Code (IaC)

Infrastructure as Code revolutionises IT operations by enabling the provisioning and management of infrastructure through human-readable definition files rather than manual processes. This approach offers several benefits, including enhanced consistency across environments, as infrastructure configurations are codified and version-controlled. IaC improves efficiency by automating the deployment and scaling of resources, reducing the likelihood of human error. It promotes collaboration among development, operations, and security teams, facilitating seamless integration of changes and ensuring alignment with organisational standards and compliance requirements. Ultimately, Infrastructure as Code empowers organisations to achieve greater agility, scalability, and reliability in their IT infrastructure management, supporting faster innovation and more resilient operations.

What are the characteristic of great IaC?

Great Infrastructure as Code tools like Terraform and Pulumi offer essential features that streamline and enhance cloud infrastructure management. They are cloud-agnostic, meaning they can provision and manage resources across multiple cloud providers, allowing organisations to avoid vendor lock-in and leverage the best features of each platform. Their emphasis on repeatability and re-usability ensures that infrastructure configurations are consistent and easily reproducible, promoting reliability and reducing deployment errors. Moreover, using a human-readable language like Yet Another Markup Language (YAML), these tools simplify the definition of infrastructure components, making it accessible to both developers and operations teams. This combination of features empowers organisations to deploy, scale, and manage cloud resources efficiently, promoting agility and innovation in their IT operations.

Why Crossplane?

From infrastructure and operations perspective:
- Kubernetes native
- extensible ecosystem — via composite functions: go & python

From software engineering perspective:
- all you need to know is YAML

Crossplane stands out with compelling unique selling propositions that cater to both platform engineering and software engineering perspectives. From a Platform Engineering standpoint, Crossplane offers Kubernetes native capabilities, seamlessly integrating with Kubernetes clusters to extend its control plane to manage cloud resources and infrastructure. Its extensible ecosystem allows for customisation and integration via composite functions using programming languages like Go and Python, enhancing flexibility. From a Software Engineering angle, Crossplane simplifies infrastructure management by using YAML as the primary configuration language, abstracting complex deployment and provisioning tasks into declarative definitions. This approach enables developers to focus on defining desired states without needing extensive knowledge of underlying infrastructure details, thereby streamlining the deployment and management of cloud-native applications effectively.

Modern Infrastructure as Code

1. Infrastructure configurations for our desired architecture are securely stored as code within a repository, typically formatted in YAML or JSON for easy readability and version control.
2. To effectively manage and deploy this infrastructure, organisations have the option to utilise native Infrastructure as Code solutions provided by leading cloud vendors like AWS CloudFormation and Azure ARM. These tools allow for the precise definition and maintenance of our infrastructure’s current state directly within their respective cloud environments.
3. Alternatively, teams can opt for third-party Infrastructure as Code platforms such as Pulumi or Terraform, which offer enhanced flexibility and cross-cloud compatibility. These tools empower developers and operations teams to orchestrate complex infrastructure deployments using a unified configuration language or general purposed programming language (TypeScript, Python, Java, C#, and Go), simplifying management across different cloud providers.
4. When utilising third-party Infrastructure as Code solutions (step #3), the state of our infrastructure configurations is typically stored in resilient blob storage systems such as AWS S3 or Azure Blob Storage. This ensures that the configuration data remains secure, accessible, and auditable throughout the deployment lifecycle.
5. Furthermore, leveraging these third-party IaC solution involves compiling the infrastructure configuration into executable plans that invoke cloud vendor SDKs. This process automates the provisioning of resources according to the specified configuration, streamlining deployment workflows and ensuring consistency across development, testing, and production environments.

A more modern style of IaC

Amazon Web Services CDK to generate AWS Cloud Formation
Azure Bicep to generate Azure ARM

When utilising AWS CDK, developers benefit from using familiar general-purpose programming languages like TypeScript, Python, Java, C#, and Go. These languages are used to define AWS infrastructure components, which AWS CDK then translates into AWS CloudFormation templates. These templates are instrumental in managing and maintaining the desired state of your AWS infrastructure efficiently.

It’s noteworthy that Amazon Web Services leverages JSII — https://github.com/aws/jsii to develop the core CDK framework using TypeScript, which facilitates the generation of CDK bindings for other programming languages such as Go, Java, and Python.

Similarly, Azure Bicep simplifies the process by generating Azure ARM templates from declarative Bicep files, enabling streamlined management of Azure infrastructure configurations.

Crossplane

Crossplane operates within a Kubernetes cluster by extending its capabilities to manage infrastructure through Kubernetes-native tools and processes. To get started with Crossplane, you must first install it into your Kubernetes cluster. This installation process involves adding a series of Kubernetes Custom Resource Definitions (CRDs) that enable Crossplane to manage various cloud resources as native Kubernetes objects. These CRDs act as the building blocks for defining and controlling infrastructure components, allowing you to leverage Kubernetes’ powerful declarative model to manage infrastructure in the same way you manage containerised applications.

Once Crossplane is installed, the state of the infrastructure is maintained within Kubernetes’ etcd key-value store. This ensures that the desired state of your infrastructure is stored reliably and can be easily queried and managed using Kubernetes-native tools. Typically, it is recommended to deploy your applications into a separate Kubernetes cluster from the one used to manage Crossplane. This separation, known as a deployment cluster, allows for clear distinction and isolation between the infrastructure management layer and the application runtime environments. By doing so, you enhance the security, stability, and scalability of your deployments, ensuring that the management operations do not interfere with the application workloads.

Crossplane for Multi Cloud — AWS and Azure

To manage multiple cloud vendors, you only need to install a single Crossplane control plane within a Kubernetes cluster of your choice, designated as your main deployment cluster. This streamlined setup allows you to deploy and manage infrastructure components across various cloud providers, including AWS, Azure, GCP, and Alibaba Cloud. With Crossplane, you can centralise your multi-cloud infrastructure management, leveraging Kubernetes’ powerful orchestration capabilities to maintain control and consistency across different cloud environments. This unified approach simplifies the complexities of multi-cloud deployments, providing a cohesive and efficient way to manage diverse cloud resources from a single Crossplane control plane.

Crossplane Extend-ability

As previously mentioned, Crossplane’s extensibility is one of its standout features, allowing users to write custom Go or Python functions to generate YAML composite resources, thereby tailoring infrastructure management to specific needs. By composing these functions, developers can create complex resource configurations that are both reusable and modular, enhancing the flexibility and scalability of their infrastructure as code practices. These custom compositions can encapsulate best practices, compliance requirements, and organisational standards, making it easier to manage and maintain infrastructure across diverse environments. The generated YAML composite resources can then be applied within the Kubernetes ecosystem, leveraging Kubernetes’ declarative nature to ensure consistent and reliable deployments. This capability not only simplifies the management of infrastructure but also empowers teams to innovate and optimise their cloud resources dynamically, using familiar programming languages and tools to extend Crossplane’s functionality in a powerful and cohesive manner.

Summary

As one wise man (Yin — https://www.linkedin.com/in/yin-zhang-37687814) once put it, “CrossPlane is basically just another Infrastructure as Code tool, similar to Terraform, but managed inside the Kubernetes ecosystem”

Got skills to spare? Join the Crossplane party on GitHub and let’s code up a storm together! — https://github.com/crossplane-contrib