Crossplane 101: A Terraform Enthusiast’s First Encounter

Are you tired of using Terraform to manage your cloud resources? If so, you need to check out Crossplane. Crossplane is a next-generation cloud resource management tool that is declarative, self-healing, and integrates seamlessly with the Kubernetes ecosystem.

An Introduction to Crossplane

During a casual chat with my team leader, I was introduced to Crossplane. My curiosity led me to explore it further, and I soon found myself using it for a variety of tasks such as setting up VPCs, EKS, ELB, certificates, and more. While I was impressed with its functionality, our team chose to gradually integrate Crossplane, beginning with the IRSA (IAM Role for Service Account) using the Upbound IAM family.

Deploying Application With IRSA in 2–3 minutes

Defining Crossplane

At its core, Crossplane allows users to harness the power of Kubernetes to manage and provision cloud resources. Imagine being able to utilize Kubernetes’ strengths for databases, storage, and cloud network management. When explaining it to my managers, I simplify it as:

“Crossplane helps us harness Kubernetes to manage cloud resources effectively.”

Fun Fact: Some of Crossplane’s providers even use Terraform behind the scenes to deploy cloud resources. Talk about a harmonious integration!

Understanding Crossplane’s Functionality

To grasp how Crossplane operates, consider this step-by-step breakdown:

1. YAML Files: Describe your desired cloud services (e.g., databases, storage) using YAML files, just as you would with Kubernetes.
2. Apply to Cluster: Submit your YAML configurations to the Kubernetes cluster.
3. Crossplane’s Role: Upon submission, Crossplane communicates with cloud providers like AWS, Google Cloud, or Azure to establish the requested resources.
4. Kubernetes Management: Monitor and manage your cloud resources directly within Kubernetes. For modifications, simply update and reapply the YAML files.
5. Reconciliation Loop: A standout feature, Crossplane, with Kubernetes’ reconciliation loop, ensures your resources align with their YAML definitions. Any unauthorized change is promptly detected and corrected by Crossplane.

In essence, Crossplane enables cloud resource management via Kubernetes. And with tools like argocd or flux (git ops), its potential is immense.

Crossplane, Gitlab, Argocd and AWS.

Crossplane vs. Terraform: A Mental Mapping

Transitioning tools often entails reshuffling our understanding. Having used Terraform, I found it helpful to draw parallels between it and Crossplane:

+----------------------------+-----------------------------------------+
| Terraform (TF)             | Crossplane                              |
+----------------------------+-----------------------------------------+
| Provider                   | Provider                                |
| Resource                   | Managed Resource                        |
| Variable File              | XRD (Composite Resource Definition)     |
| Module                     | Compositions                            |
+----------------------------+-----------------------------------------+

Furthermore, Crossplane introduced terms like ‘composite’ and ‘claim’:

• Composite resource: In Crossplane, ‘composite’ is akin to a Terraform ‘module’.
• Claim: A ‘claim’ is a namespaced version of a composite. While most Crossplane resources are cluster-wide, only claims are namespace-specific.

Understanding these analogies makes transitioning from Terraform to Crossplane more intuitive.

Why Crossplane Was Our Choice

Given our existing Terraform setup, why consider Crossplane? Our Terraform deployment pipeline, while reliable, can be slow. Moreover, ensuring our cloud resources mirror our Terraform definitions is often a guessing game. What if modifications are made directly in the cloud, bypassing Terraform?

We didn’t abandon Terraform entirely, but we found value in Crossplane for specific tasks, especially IRSA. Historically, our developers utilized Terraform for IRSA, a method I refer to as an ‘older way of deploying’ via pipelines. However, applications were deployed using ArgoCD or ‘GitOps’. Crossplane presented an opportunity to streamline this process, enabling developers to use Kubernetes manifests for both applications and infrastructure — embracing the GitOps approach.

Terraform VS Crossplane resource deployment

Conclusion

Exploring new cloud infrastructure tools is a journey of discovery and challenges. My foray into Crossplane, rooted in Terraform, proved insightful. By creating mental parallels and comprehending Crossplane’s distinct terminologies, the transition was eased.

Crossplane’s synergy with the Kubernetes ecosystem offers a novel approach to cloud resource management. For teams familiar with Kubernetes-native tools, such as ArgoCD for GitOps, Crossplane can bridge infrastructural gaps, leading to cohesive deployment methods.

Stay tuned for deeper dives into Crossplane compositions and hands-on guidance for deploying Crossplane resources with ArgoCD. Our Crossplane exploration has merely started, and there’s so much more to unravel and share!