Crossplane v0.9 - new package types for Providers, Stacks, and Applications

Crossplane v0.9.0 is our third release of 2020! Key features include an improved extensibility model, updating Kubernetes applications on remote clusters, installing packages from private repos, and a new security enhanced mode for Crossplane.

March was a busy month for Crossplane with lots of community engagement and new contributions! NoSQL database claims were added (thanks @artursouza!), so now providers can offer managed services that support NoSQL databases. Support for more AWS cloud services is also underway and we'd love your feedback on which AWS services you'd like to see next. Drop us a note on GitHub crossplane/provider-aws#149!

The Crossplane GitHub org was renamed from crossplaneio to crossplane and we streamlined the -- please open a GitHub issue if there are additional docs you'd like to see!

Package Types for Providers, Stacks, and Applications

v0.9 introduces distinct package types for Providers, Stacks, and Applications making it easier to understand the different ways of extending Crossplane with new functionality.

Providers extend the Crossplane API with API types for cloud services backed by resource controllers that use continous reconciliation to support the Kubernetes way of declarative management.

Providers for GCP, AWS and Azure support for provisioning cloud services (databases, caches, buckets, and more) plus cloud networking for secure connectivity between them:

The community is adding support for more cloud providers so watch this space!

Once a Provider has been installed into a Crossplane environment, you can provision infrastructure using kubectl or by installing a Stack that packages a curated environment configuration (networks, subnets, security) plus a self-service catalog (with default classes of service) that Applications can use to dynamically provision cloud infrastructure.

Sample Stacks for GCP, AWS, and Azure make it easy to get started:

Using the sample Stacks above as a reference, it's easy to create your own Stacks that declaratively capture your infrastructure best-practices and security policies, so they can be easily consumed by Applications to provision the managed cloud services they need.

Stacks support pluggable template rendering using kustomize and helm with the crossplane/templating-controller.

Once a Provider and Stack have been installed into a Crossplane environment, Applications can be installed that uses the self-service catalog provided by the Stack to provision the cloud services they need via the Kubernetes API.

Checkout the Wordpress Quick Start that walks through all the steps needed to use Providers, Stacks, and Applications in your Crossplane environments today.

Scheduling Kubernetes applications to remote targets

KubernetesApplication is used to define an application that can be scheduled to a remote KubernetesTarget including template resources for Namespace, Deployment, and Service resources that will be created on the remote KubernetesTarget cluster.

With Crossplane v0.9 you can now update a KubernetesApplication, like increasing the replicas count, and it will be propagated from the control plane to the KubernetesTarget cluster. KubernetesTarget supports both bringing your own cluster and Crossplane-provisioned clusters.

Crossplane v0.9 also supports using KubernetesTargets in the same namespace as a KubernetesApplication allowing finer-grained access control of which KubernetesTarget clusters are available in namespaces that teams use as isolated workspaces to deploy applications and collaborate.

AWS managed services with ArgoCD and Crossplane

Dan Mangum (@hasheddan) wrote a guest blog post on the AWS Open Source Blog with Adrian Cockcroft showing how to use Crossplane with Argo CD to deploy KubernetesApplications that use Amazon RDS.

It covers using Crossplane and Argo CD in a “control” Kubernetes cluster. A control cluster is similar to the concept of a “bootstrap” cluster, but differs in that it continues to manage the “bootstrapped” clusters after they are created.

From the control cluster, they provision more Kubernetes clusters, deploy applications into them, and deploy managed services that our applications will consume.

Checkout the blog post to learn more!

Linkerd service mesh deployed by Crossplane

The Binding Status (TBS) livestream for Crossplane showed how Crossplane can be used to configure the service mesh in remote clusters, and will also dive into some of the newest features of the project. Dan is joined by Thomas Rampelberg, who is an engineer at Buoyant, the creators of Linkerd.

Checkout crossplane/tbs (episode 12) to learn more!

Additional noteworthy items in v0.9

  • Security enhanced mode with stack manage --restrict-core-apigroups, which restricts packages from being installed with permissions on the core API group.
  • Stacks Manager support for private repos and robot account credentials
  • Release process and efficiency improvements
  • Checkout the v0.9 release notes for more info.

Beyond v0.9

  • Backup/restore support - e.g. with Velero
  • v1beta1 quality conformance doc and testing guidelines
  • Application and infrastructure composition
  • Versioning and upgrade support for all aspects of Crossplane
  • More v1beta1 APIs
  • Enable Workload Identity for stack-gcp when running on GKE
  • Enhanced automated integration tests for GCP, AWS, Azure
  • Additional real-world App Stacks
  • Expanded Rook support for additional in-cluster stateful storage types
  • Policy-based secure connectivity strategies
  • Enhanced application scheduling (cost, weight)

Get involved!

We are excited to see the continual growth of the Crossplane community and would love for you to get involved. Whether you are a developer, user, or just interested in what we are up to, feel free to join us via one of the following methods:

Join the open cloud movement to help level the playing field for everyone!

Keep up with Upbound

* indicates required