Crossplane v0.10 is our fourth release of 2020! Experimental support for resource composition unlocks the ability for everyone to compose and publish their own infrastructure resources in a low/no-code way, so they can be provisioned from
kubectl for apps to use. More cloud services including Azure CosmosDB, GCP Service Accounts and AWS DynamoDB, IAM Users, IAM Roles, and Cache Subnet Groups are now supported. Velero backup and restore compatibility plus importing existing infrastructure resources round out this release!
April was a busy month for Crossplane with lots of community engagement and new contributions! Azure CosmosDB support was added for use with NoSQL database claims (thanks @artursouza!) plus contributions for several new AWS services (thanks @lakhwani_sahil!) including DynamoDB, IAM Users, IAM Roles, and more. Checkout the contributing section of the crossplane.io/docs to learn how to add support for more clouds and cloud services.
We've moved our API documentation to doc.crds.dev, a service run by our own @hasheddan that automatically generates API documentation for Kubernetes Custom Resource Definitions (CRDs)!
More AWS cloud services are on the way and we'd love your feedback on which AWS services you'd like to see next. Drop us a note on GitHub crossplane/provider-aws#149!
Publishing infrastructure resources for apps to use
Crossplane uses a class and claim model to publish and provision infrastructure resources using
kubectl. Crossplane previously supported a fixed number of claim kinds and provisioning a single managed resource per claim. Adding more managed resources required authoring Golang controllers using the Crossplane Services Developer Guide and
Managed Reconciler from the crossplane-runtime.
While this significantly reduced the work to author robust controllers that reconciled external cloud services, it did not support:
- Defining and publishing your own claim kinds.
- Composing multiple resources for provisioning with a single claim.
- Authoring your own infrastructure resources in a low/no-code way.
In the v0.10 release, experimental support for composite resources removes all of these limitations while retaining the general usage model of classes and claims, which we'll continue to support during the transition to this new model.
To compose and publish infrastructure resources that package infrastructure primitives from the Crossplane Providers (GCP, AWS, Azure), the following resources are needed:
InfrastructureDefinitionallows an infrastructure operator to define a new kind of infrastructure resource that represents one or more underlying resources. This gives them fine grained control over how infrastructure may be configured - for example by deciding whether to support a configurable
engineVersionwhen defining a
Compositionallows an infrastructure operator to specify how a defined infrastructure resource may be composed of one or more underlying resources in a low/no-code way. The operator may author multiple compositions for a defined infrastructure resource to offer different classes-of-service, similar to today’s resource classes.
InfrastructurePublicationallows an infrastructure operator to publish a defined infrastructure resource for application operators to use. Application operators may author a requirement for any published kind of infrastructure - for example they could author a
MySQLInstanceRequirementto be allocated a
MySQLInstance. The requirement acts as a proxy for the allocated infrastructure, and supports an identical configuration schema.
This unlocks full control and expressiveness to compose and publish your infrastructure resources to the Kubernetes API, on top of the infrastructure primitives included with the Crossplane Providers for GCP, AWS, Azure, and more.
Velero backup/restore compatability
All Crossplane custom resources now correctly tolerate the complete loss of their status and controller references. This means they can be backed up and restored using a tool like https://velero.io/. Resource claims and managed resources will pick up where they left off after a restore, managing their external resources as if nothing happened.
This was accomplished using the
crossplane.io/external-name annotation across all API types, which can also be used to import existing infrastructure resources into Crossplane.
Checkout the backup/restore docs for details!
Open Policy Agent + Crossplane
OPA allows you to write declarative, context-aware policy for your cloud-native environments. Because OPA integrates with Kubernetes, it can be used with Crossplane to set global policy on provisioning cloud resources.
Checkout The Binding Status (TBS) episode 14 to see @hasheddan joined by Torin Sandall, the co-creator and maintainer of Open Policy Agent. They take a look at how to write these policies, as well as how to put them into action using both plain OPA and Gatekeeper, OPA's native Kubernetes integration!
Additional noteworthy items in v0.10
- Added categories to all Crossplane CRDs, so you can run for example
kubectl get claimor
kubectl get crossplane.
- Managed infrastructure resources that depend on other infrastructure resources can now select the resource they depend on using labels rather than explicitly specifying its name.
- Crossplane can be used alongside OpenFaaS to deploy and consume managed services alongside your serverless functions. Checkout TBS episode 13 to learn more!
- Checkout the v0.10 release notes for more info.
- More v1beta1 API types for AWS, GCP, Azure, Alibaba, and more
- v1beta1 quality conformance doc and testing guidelines
- Enhanced resource composition
- Versioning and upgrade support for all aspects of Crossplane
- Enhanced automated integration tests for GCP, AWS, Azure
- Expanded Rook support for additional in-cluster stateful storage types
- Standalone mode allowing Crossplane to run in a single container or process
- Continued focus on reliability and production quality on the road to v1.0
We're excited to see the continual growth of the Crossplane community and would love for you to get involved. Whether you are a developer, user, or just interested in what we're up to, feel free to join us via one of the following methods: