►
From YouTube: Provisioning Infrastructure with Crossplane
Description
Kubernetes Community Days Bengaluru'21
Crossplane is a Kubernetes add-on to represent infrastructure resources as Kubernetes custom resources. This talk shall show how Crossplane can be used to manage infrastructure and build your own control plane on top of that.
Slides: https://docs.google.com/presentation/d/1I63qMMYTXt6ragvo5QMFLeDpw4W3YnUMpj2En7H7jsk/edit?usp=sharing
A
A
So
today
we
will
first
go
through
the
fundamentals
of
crossfilm,
get
an
idea
of
what
it
is.
Then
we
will
try
to
provision
some
infrastructure
and
I'll
be
using
aws
for
that.
After
that,
we
will
see
how
some
features
in
crossfit
allow
you
to
make
abstractions
over
existing
infrastructure
resources
and
then
how
it
also
helps
you
to
build
kind
of
a
platform
or
control
plane
on
top
of
your
infrastructure.
A
So
crosspin
is
a
component
is
add-on
that
helps
you
manage
your
infrastructure.
It
helps
so
it
does
so
by
allowing
you
to
represent
your
infrastructure
resources
as
kubernetes
custom
resources
or
crs
a
quick
example
of
that
can
be
seen
here.
So
this
is
across
the
representation
of
rds
instance
in
aws.
A
A
A
Besides,
it
also
helps
you
build
some
abstractions
and
then
package
and
distribute
your
infrastructure
resources
in
form
of
oci
images
all
right
before
we
actually
provision
some
resources.
A
A
A
So
all
together,
it
may
look
something
like
this.
You
have
a
competency
cluster,
you
install
crosstalk
in
that
and
when
you
install
a
provider
like
provider
aws,
you
get
a
bunch
of
crds
and
the
provider
aws
is
responsible
for
actually
connecting
to
your
aws
account
and
then
managing
all
this
actual
infrastructure
resources
which
you
have
created
through
crds.
A
So,
let's
try
to
create
the
rdds
instance
that
we
saw
already
so
again
it's
a
typical
cr.
So
I
can
just
do
cube
kettle
apply
and
the
name
of
the
file.
A
Account
all
right
yeah,
so
we
have
output.
Let's
see
if
crosstown
tells
us
anything
about
the
state
of
this
rds
instance.
A
Okay,
so
here's
some
metadata
so,
for
example,
these
are
the
properties
that
we
have
provided.
Split
and
a
property
called
a
state
which
cross
bin
fest
for
us
from
aws.
A
So
it
says
the
rds
instance
is
being
created,
let's
go
to
the
aws
console
and
then
we
should
have
yeah.
We
have
a
rds
instance
that
is
being
created.
A
Let's
take
a
look
on
yet
another
example.
So
I
have
this
iem
user
and
again
I
can
just
do
cube.
Curl
apply
name
of
the
file.
A
Okay,
so
again
I
can
take
the
state
of
that
user.
I
can
do
cubical
hit.
I
am
user
again
prospect
has
fed
some
properties
after
the
user
was
created
in
aws.
A
So
after
this
is
created,
crossfin
periodically
is
watching
this
resources,
the
im
user
and
the
rds
instance
for
any
changes,
and
if,
if
it
does
detect
any
changes,
it's
job
of
crossplan
to
bring
it
back
to
the
desired
set
that
we
had
specified
in
our
demo
file.
A
So,
for
example,
if
I
delete
this
user
cross
plane
at
that
snake,
next,
reconciliation
will
detect
that
the
user
is
deleted,
but
the
user
does
exist
as
crd
introspect
right.
So
so
it
will
try
to
just
create
the
user
again,
as
we
should
see
yeah,
so
the
user
is
created
again
so,
like
any
other
kubernetes
resource,
crossplane
uses
the
strong
kubernetes
control
loop
to
watch
over
the
resources
in
any
infrastructure
and
then
manages
them
throughout
their
life
cycle
and
by
infrastructure.
A
I
I
actually
mean
anything
that
has
an
exposed
api.
You
can
just
create
a
provider
for
that
and
use
that
with.
A
Let's
go
back
to
the
audio
sensors
example
that
we
saw
earlier
so
this
was
the
yaman
specification
that
we
used
to
create
just
the
dp
instance,
while
actually
creating
db
instances.
You
might
want
to
create
some
other
resources,
like
a
subnet
group
or
a
security
group,
to
be
attached
with
your
rd
systems
to
do
that
in
crossfin.
You
would
typically
write
another
bunch
of
yama
specifications
and
then
install
them
to
your
cooperative
cluster.
A
Well,
that
works
perfectly.
You
can
get
a
quite
overwhelming
because
you
will
have
a
lot
of
resources
to
deal
with
and
a
lot
of
properties,
so
crossfind
allows
you
to
abstract
all
that
away
into
a
single
resource
of
type
called
composite
resource
definition
or
srd.
A
A
What
I
also
have
is
the
storage
gb
parameter,
which
is
mapped
to
a
field
called
allocated
storage,
which
is
a
field
that
is
actually
accepted
by
the
aws
apis,
and
I
can
label
that
with
a
label.
Something
like
this.
So
since
this
is
for
aws,
I
can
label
it
with
provide
a
rate
of
this.
A
So
what
this
means
is
for
the
single
xrd,
you
can
write
multiple
compositions,
let's
say,
for
example,
other
than
this
aws
composition.
I
can
write
another
composition
for
gcp
and
then
the
users,
when
creating
an
instance
of
this
xrd,
are
free
to
choose
where
they
want
to
create
the
db
instance
and
accordingly
choose
the
composition
that
they
want.
A
Another
type
that
we
can
see
here
is
a
composite
resource
claim
that
is
nothing
but
a
namespace
proxy
of
this
xrd,
which
is
automatically
created
by
crossfit.
A
So
in
the
end,
when
you
install
the
xrd
in
the
composition,
then
you
can
just
create
a
db
instance
using
any
composition
with
a
simple
yaml
specification
such
as
this.
So,
as
you
see,
I'm
just
providing
the
storage
db
parameter
and
I'm
choosing
my
composition
using
a
field
called
composition,
selector
and
providing
a
label.
A
And
if
I
want
to
create
a
rdb
instance
since
in
gcp
I
can
switch
to
gcp,
provided
that
I
have
a
composition
for
gcp
and
it
defines
the
respective
cloud
resources
that
are
associated
to
a
db
instance.
In.
A
Gcp,
so
once
you
do
that,
you
can
also
package
this
composition
and
composite
resource
definitions
into
oci
image
by
writing
a
configuration
file,
and
then
you
can
just
push
it
to
any
oci
compatible
registry
and
then
allow
others
to
use
that.
A
So
using
features
like
composition
and
composite
resource
definition,
you
can
build
a
sort
of
platform
which
is
between
your
infrastructure,
users
and
infrastructure
itself.
A
A
Since
all
of
this
runs
on
kubernetes,
you
can
use
some
sort
of
policy
manager
for
kubernetes
to
establish
an
outback
framework
over
all
these
resources.
A
So,
for
example,
here
using
the
same
database
example,
I
can
create
an
xrd
which
will
point
to
a
vpc
which
I
had
created
in
prior
and
then
I
can
allow
users
to
create
their
own
database
instances
which
will
be
scoped
to
their
own
namespaces
and
they
are
free
to
use
compositions
like
dev
or
fraud
based
on
the
requirements.
A
So
in
this
way,
a
platform
operator
can
just
impose
some
restrictions,
like
the
success
restrictions
on
the
field,
decide
the
level
of
flexibility
to
be
given
to
the
users
for
for
using
the
actual
infrastructure.
A
There
are
a
bunch
of
other
features
that
you
might
be
interested
once
you
start
working
with
crossfin.
I
suggest
you
visit
the
crossfit
docks
or
join
the
community
on
crossman
slack
removal.