From d103676b6ec05b67c02a8ec264dc0ddffa3eda5b Mon Sep 17 00:00:00 2001 From: marcel-dempers Date: Sat, 17 May 2025 12:33:35 +1000 Subject: [PATCH 1/4] crossplane --- kubernetes/crossplane/README.md | 48 +++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 kubernetes/crossplane/README.md diff --git a/kubernetes/crossplane/README.md b/kubernetes/crossplane/README.md new file mode 100644 index 0000000..3154474 --- /dev/null +++ b/kubernetes/crossplane/README.md @@ -0,0 +1,48 @@ +# Introduction to Crossplane + +[Crossplane](https://www.crossplane.io/)
+[Crossplane Documentation](https://docs.crossplane.io/v1.19/)
+ +## We need a Kubernetes cluster + +Lets create a Kubernetes cluster to play with using [kind](https://kind.sigs.k8s.io/docs/user/quick-start/) + +``` +kind create cluster --name crossplane --image kindest/node:v1.33.0 +``` + +## Installing Crossplane + +In this guide we will reference the official document steps in the links above.
+I've recorded the commands we follow in the video too + + +``` +helm repo add crossplane-stable https://charts.crossplane.io/stable +helm repo update + +helm search repo crossplane-stable --versions +``` + +We'll install version `1.19.1` at the time of this guide + +``` +VERSION=1.19.1 + +helm install crossplane \ +crossplane-stable/crossplane \ +--namespace crossplane-system \ +--version $VERSION \ +--create-namespace +``` + +View our install: + +``` +kubectl get pods -n crossplane-system +kubectl get deployments -n crossplane-system +``` + +## Providers + +[Providers](https://docs.crossplane.io/latest/concepts/providers/) \ No newline at end of file From 4135419bbd377454f6b7ab10879cb4d0e6cfb68d Mon Sep 17 00:00:00 2001 From: marcel-dempers Date: Sat, 17 May 2025 13:01:35 +1000 Subject: [PATCH 2/4] add provider --- kubernetes/crossplane/provider-azure.yaml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 kubernetes/crossplane/provider-azure.yaml diff --git a/kubernetes/crossplane/provider-azure.yaml b/kubernetes/crossplane/provider-azure.yaml new file mode 100644 index 0000000..1016bc2 --- /dev/null +++ b/kubernetes/crossplane/provider-azure.yaml @@ -0,0 +1,6 @@ +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-azure-network +spec: + package: xpkg.crossplane.io/crossplane-contrib/provider-azure-network:v1.11.2 \ No newline at end of file From e89da26fa4beea07dcbf3589d0aa06f5a87df7f6 Mon Sep 17 00:00:00 2001 From: marcel-dempers Date: Tue, 20 May 2025 16:32:56 +1000 Subject: [PATCH 3/4] crossplane resources and readme --- kubernetes/crossplane/README.md | 121 +++++++++++++++++- .../crossplane/provider-azure-compute.yaml | 6 + .../crossplane/provider-azure-network.yaml | 6 + kubernetes/crossplane/provider-azure.yaml | 4 +- .../crossplane/providerconfig-azure.yaml | 11 ++ .../resources/azure/resource-networkcard.yaml | 16 +++ .../resources/azure/resource-subnet.yaml | 14 ++ .../azure/resource-virtualmachine.yaml | 26 ++++ .../resources/azure/resource-vnet.yaml | 12 ++ 9 files changed, 213 insertions(+), 3 deletions(-) create mode 100644 kubernetes/crossplane/provider-azure-compute.yaml create mode 100644 kubernetes/crossplane/provider-azure-network.yaml create mode 100644 kubernetes/crossplane/providerconfig-azure.yaml create mode 100644 kubernetes/crossplane/resources/azure/resource-networkcard.yaml create mode 100644 kubernetes/crossplane/resources/azure/resource-subnet.yaml create mode 100644 kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml create mode 100644 kubernetes/crossplane/resources/azure/resource-vnet.yaml diff --git a/kubernetes/crossplane/README.md b/kubernetes/crossplane/README.md index 3154474..2e8670e 100644 --- a/kubernetes/crossplane/README.md +++ b/kubernetes/crossplane/README.md @@ -43,6 +43,125 @@ kubectl get pods -n crossplane-system kubectl get deployments -n crossplane-system ``` +Once the pods are all running, we can see the `api-versions` + +``` +kubectl api-versions | grep crossplane +``` + +We can also see the new k8s objects that are installed with + +``` +kubectl api-resources | grep crossplane +``` + ## Providers -[Providers](https://docs.crossplane.io/latest/concepts/providers/) \ No newline at end of file +[Providers](https://docs.crossplane.io/latest/concepts/providers/) allow us to setup external providers that helps provision infrastructure for external services.
+ +For example, our crossplane cluster may have providers for deploying Azure, AWS, GCP or any other external infrastructure
+ +Furthermore, there is marketplace that hosts many providers, configurations and extensions for Crossplane called [Upbound](https://marketplace.upbound.io/providers) + + +Install a Provider for a cloud provider Azure: + +``` +kubectl apply -f kubernetes/crossplane/provider-azure.yaml +``` + +Check our provider: + +``` +kubectl get provider +kubectl describe provider provider-family-azure +``` + +## Provider Configuration + +Once we have a provider setup, we can configure it using a `ProviderConfig` in Kubernetes
+An impotrant configuration is to tell the Crossplane Provider how to authenticate with its external service.
+ +For example, when using an Azure Provider, you need an Azure Service Principal, and for AWS you may need a service account with AWS account id and key.
+Each provider will have their own supported authentication methods.
+ +### Create Provider credentials + +``` +SUBSCRIPTION_ID= +RESOURCE_GROUP=marcel-test + +az account set -s $SUBSCRIPTION_ID +az group create -n $RESOURCE_GROUP -l australiaeast +az ad sp create-for-rbac --sdk-auth \ +-n marcel-test \ +--role Contributor \ +--scopes "/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP" > azure-credentials.json +``` + +### Create Prpovider Kubernetes Secret + +``` +kubectl create secret \ +generic azure-secret \ +-n crossplane-system \ +--from-file=creds=./azure-credentials.json +``` + +### Deploy the Provider Configuration + +``` +kubectl apply -f kubernetes/crossplane/providerconfig-azure.yaml +``` + +### Create Provider Resources + +``` +kubectl apply -f kubernetes/crossplane/resources/azure/resource-vnet.yaml + +error: resource mapping not found for name: "marcel-test-vnet" namespace: "" from "kubernetes/crossplane/resources/azure/resource-vnet.yaml": no matches for kind "VirtualNetwork" in version "network.azure.upbound.io/v1beta1" +ensure CRDs are installed first + +``` +We see there is no CRD for Azure VNETs, that is because every type of resource in Azure is modularized into a separate provider, so we will need the networking provider first
+ +Install the Azure Network Provider: + +``` +kubectl apply -f kubernetes/crossplane/provider-azure-network.yaml +``` + +Retry the resource creation: + +``` +kubectl apply -f kubernetes/crossplane/resources/azure/resource-vnet.yaml +kubectl get virtualnetwork +``` + +### Deploy a Virtual Network Subnet + +``` +kubectl apply -f kubernetes/crossplane/resources/azure/resource-subnet.yaml +kubectl get subnet +``` + +### Deploy a Virtual Network Card + +``` +kubectl apply -f kubernetes/crossplane/resources/azure/resource-networkcard.yaml +kubectl get networkinterface +``` + +### Deploy a Virtual Machine + +Firstly need to add the compoute provider for Azure + +``` +kubectl apply -f kubernetes/crossplane/provider-azure-compute.yaml +``` + +Deploy a Virtual Machine: + +``` +kubectl apply -f kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml +``` \ No newline at end of file diff --git a/kubernetes/crossplane/provider-azure-compute.yaml b/kubernetes/crossplane/provider-azure-compute.yaml new file mode 100644 index 0000000..f939234 --- /dev/null +++ b/kubernetes/crossplane/provider-azure-compute.yaml @@ -0,0 +1,6 @@ +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-azure-compute +spec: + package: xpkg.upbound.io/upbound/provider-azure-compute:v1.12.0 \ No newline at end of file diff --git a/kubernetes/crossplane/provider-azure-network.yaml b/kubernetes/crossplane/provider-azure-network.yaml new file mode 100644 index 0000000..e6115c4 --- /dev/null +++ b/kubernetes/crossplane/provider-azure-network.yaml @@ -0,0 +1,6 @@ +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-azure-network +spec: + package: xpkg.upbound.io/upbound/provider-azure-network:v1.12.0 \ No newline at end of file diff --git a/kubernetes/crossplane/provider-azure.yaml b/kubernetes/crossplane/provider-azure.yaml index 1016bc2..91acace 100644 --- a/kubernetes/crossplane/provider-azure.yaml +++ b/kubernetes/crossplane/provider-azure.yaml @@ -1,6 +1,6 @@ apiVersion: pkg.crossplane.io/v1 kind: Provider metadata: - name: provider-azure-network + name: provider-family-azure spec: - package: xpkg.crossplane.io/crossplane-contrib/provider-azure-network:v1.11.2 \ No newline at end of file + package: xpkg.upbound.io/upbound/provider-family-azure:v1.12.0 \ No newline at end of file diff --git a/kubernetes/crossplane/providerconfig-azure.yaml b/kubernetes/crossplane/providerconfig-azure.yaml new file mode 100644 index 0000000..598e402 --- /dev/null +++ b/kubernetes/crossplane/providerconfig-azure.yaml @@ -0,0 +1,11 @@ +apiVersion: azure.upbound.io/v1beta1 +metadata: + name: default +kind: ProviderConfig +spec: + credentials: + source: Secret + secretRef: + namespace: crossplane-system + name: azure-secret + key: creds \ No newline at end of file diff --git a/kubernetes/crossplane/resources/azure/resource-networkcard.yaml b/kubernetes/crossplane/resources/azure/resource-networkcard.yaml new file mode 100644 index 0000000..bd63831 --- /dev/null +++ b/kubernetes/crossplane/resources/azure/resource-networkcard.yaml @@ -0,0 +1,16 @@ +apiVersion: network.azure.upbound.io/v1beta1 +kind: NetworkInterface +metadata: + labels: + app: marcel-test + name: marcel-test +spec: + forProvider: + resourceGroupName: marcel-test + ipConfiguration: + - name: internal + privateIpAddressAllocation: Dynamic + subnetIdSelector: + matchLabels: + app: marcel-test + location: "AustraliaEast" \ No newline at end of file diff --git a/kubernetes/crossplane/resources/azure/resource-subnet.yaml b/kubernetes/crossplane/resources/azure/resource-subnet.yaml new file mode 100644 index 0000000..b8ef91b --- /dev/null +++ b/kubernetes/crossplane/resources/azure/resource-subnet.yaml @@ -0,0 +1,14 @@ +apiVersion: network.azure.upbound.io/v1beta2 +kind: Subnet +metadata: + labels: + app: marcel-test + name: marcel-test +spec: + forProvider: + resourceGroupName: marcel-test + addressPrefixes: + - 10.0.2.0/24 + virtualNetworkNameSelector: + matchLabels: + app: marcel-test \ No newline at end of file diff --git a/kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml b/kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml new file mode 100644 index 0000000..1af29dc --- /dev/null +++ b/kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml @@ -0,0 +1,26 @@ +apiVersion: compute.azure.upbound.io/v1beta2 +kind: LinuxVirtualMachine +metadata: + labels: + app: marcel-test + name: marcel-test +spec: + forProvider: + resourceGroupName: marcel-test + adminSshKey: + - publicKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN + you@me.com + username: adminuser + adminUsername: adminuser + location: "AustraliaEast" + networkInterfaceIdsRefs: + - name: marcel-test + osDisk: + caching: ReadWrite + storageAccountType: Standard_LRS + size: Standard_F2 + sourceImageReference: + offer: UbuntuServer + publisher: Canonical + sku: 16.04-LTS + version: latest \ No newline at end of file diff --git a/kubernetes/crossplane/resources/azure/resource-vnet.yaml b/kubernetes/crossplane/resources/azure/resource-vnet.yaml new file mode 100644 index 0000000..2f549ae --- /dev/null +++ b/kubernetes/crossplane/resources/azure/resource-vnet.yaml @@ -0,0 +1,12 @@ +apiVersion: network.azure.upbound.io/v1beta1 +kind: VirtualNetwork +metadata: + name: marcel-test-vnet + labels: + app: marcel-test +spec: + forProvider: + addressSpace: + - 10.0.0.0/16 + location: "AustraliaEast" + resourceGroupName: marcel-test \ No newline at end of file From ed10aa296f50f0df3eb901e63f6f72fa0b8053fd Mon Sep 17 00:00:00 2001 From: marcel-dempers Date: Thu, 22 May 2025 10:32:06 +1000 Subject: [PATCH 4/4] crossplane tweaks --- kubernetes/crossplane/README.md | 11 ++++++++++- .../crossplane/resources/azure/resource-vnet.yaml | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/kubernetes/crossplane/README.md b/kubernetes/crossplane/README.md index 2e8670e..31a969f 100644 --- a/kubernetes/crossplane/README.md +++ b/kubernetes/crossplane/README.md @@ -99,7 +99,7 @@ az ad sp create-for-rbac --sdk-auth \ --scopes "/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP" > azure-credentials.json ``` -### Create Prpovider Kubernetes Secret +### Create Provider Kubernetes Secret ``` kubectl create secret \ @@ -164,4 +164,13 @@ Deploy a Virtual Machine: ``` kubectl apply -f kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml +``` + +## Cleanup Resources + +``` +kubectl delete linuxvirtualmachine marcel-test +kubectl delete networkinterface marcel-test +kubectl delete subnet marcel-test +kubectl delete virtualnetwork marcel-test ``` \ No newline at end of file diff --git a/kubernetes/crossplane/resources/azure/resource-vnet.yaml b/kubernetes/crossplane/resources/azure/resource-vnet.yaml index 2f549ae..3eec79d 100644 --- a/kubernetes/crossplane/resources/azure/resource-vnet.yaml +++ b/kubernetes/crossplane/resources/azure/resource-vnet.yaml @@ -1,7 +1,7 @@ apiVersion: network.azure.upbound.io/v1beta1 kind: VirtualNetwork metadata: - name: marcel-test-vnet + name: marcel-test labels: app: marcel-test spec: