In the twelfth episode of the Ambassador Livin’ on the Edge podcast, Daniel Mangum, software engineers at Upbound, introduces the Crossplane cloud control plane project, and talks about how engineers can build an internal platform-as-a-service (PaaS). He also shares his insights into the future of multi-cluster Kubernetes.
Be sure to check out the additional episodes of the “Livin' on the Edge” podcast.
Key takeaways from the podcast included:
- Crossplane is an open source cloud control plane that enables engineers to provision infrastructure from the Kubernetes API. It can be used by organisations to build and operate an internal platform-as-a-service (PaaS) across a variety of infrastructures and cloud vendors. Crossplane has recently been accepted into the CNCF as a sandbox project.
- Infrastructure and applications can be packaged together in a bundle using Crossplane. Kubernetes Custom Resources can be used to declaratively specify this configuration, and a Crossplane uses the control loop model to continually reconcile the specified config with what is running in the target environment.
- Crossplane is the Kubernetes-specific implementation of the Open Application Model (OAM). OAM is a team-centric standard for building cloud native apps.
- OAM describes a model where developers are responsible for defining application components, while application operators are responsible for creating instances of those components and assigning them application configurations. Infrastructure operators are responsible for declaring, installing, and maintaining the underlying services that are available on the platform.
- The workflow of all of the personas is compatible with continuous delivery best practices such as GitOps.
- The recently released Upbound Registry will contain a collection of existing cloud providers (Alibaba, AWS, Azure, GCP, etc), stacks (curated environment configurations), and bundles of existing applications and infrastructure (such as Wordpress with a LAMP stack).
- As Crossplane provides a control plane for a platform that may span multiple underlying infrastructures, this is an ideal location to implement cross-cutting concerns, such as security via RBAC and Open Policy Agent (OPA), and auditing.
- Crossplane can be used to manage workloads spanning multiple Kubernetes clusters. Platform operators may use a Kubernetes cluster bootstrap tool like kind, or the Cluster API, to provision clusters, and then use Crossplane to initialise applications and infrastructure.
- Communication between these clusters is outside of Crossplane’s purvey, and instead API gateway technologies like the Edge Stack API Gateway, and service mesh technologies, such as Linkerd, will provide this functionality.
- The open source doc.crds.dev project provides automatic generation of documentation for Kubernetes CRDs in much the same way tools like Javadoc and Godoc function. Contributions to the project are most welcome!
Daniel Mangum is a software engineer at Upbound where he works on the open source Crossplane project. He also serves on the Kubernetes release team, and is an active contributor to the Kubernetes project and multiple other open source efforts. He hosts a biweekly live stream show, The Binding Status, focused on extending Kubernetes, building Crossplane, and enabling a multicloud future.
