marko/docker-development-youtube-series
1
0
Fork 0
mirror of https://github.com/marcel-dempers/docker-development-youtube-series.git synced 2025-06-02 16:53:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

crossplane resources and readme

Browse Source
This commit is contained in:
marcel-dempers 2025-05-20 16:32:56 +10:00
parent 4135419bbd
commit e89da26fa4
9 changed files with 213 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

121
kubernetes/crossplane/README.md
View File

@ -43,6 +43,125 @@ kubectl get pods -n crossplane-system
kubectl get deployments -n crossplane-system
```
Once the pods are all running, we can see the `api-versions`
```
kubectl api-versions | grep crossplane
```
We can also see the new k8s objects that are installed with
```
kubectl api-resources | grep crossplane
```
## Providers
[Providers](https://docs.crossplane.io/latest/concepts/providers/)
[Providers](https://docs.crossplane.io/latest/concepts/providers/) allow us to setup external providers that helps provision infrastructure for external services. </br>
For example, our crossplane cluster may have providers for deploying Azure, AWS, GCP or any other external infrastructure </br>
Furthermore, there is marketplace that hosts many providers, configurations and extensions for Crossplane called [Upbound](https://marketplace.upbound.io/providers)
Install a Provider for a cloud provider Azure:
```
kubectl apply -f kubernetes/crossplane/provider-azure.yaml
```
Check our provider:
```
kubectl get provider
kubectl describe provider provider-family-azure
```
## Provider Configuration
Once we have a provider setup, we can configure it using a `ProviderConfig` in Kubernetes </br>
An impotrant configuration is to tell the Crossplane Provider how to authenticate with its external service. </br>
For example, when using an Azure Provider, you need an Azure Service Principal, and for AWS you may need a service account with AWS account id and key. </br>
Each provider will have their own supported authentication methods. </br>
### Create Provider credentials
```
SUBSCRIPTION_ID=<subscription-id>
RESOURCE_GROUP=marcel-test
az account set -s $SUBSCRIPTION_ID
az group create -n $RESOURCE_GROUP -l australiaeast
az ad sp create-for-rbac --sdk-auth \
-n marcel-test \
--role Contributor \
--scopes "/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP" > azure-credentials.json
```
### Create Prpovider Kubernetes Secret
```
kubectl create secret \
generic azure-secret \
-n crossplane-system \
--from-file=creds=./azure-credentials.json
```
### Deploy the Provider Configuration
```
kubectl apply -f kubernetes/crossplane/providerconfig-azure.yaml
```
### Create Provider Resources
```
kubectl apply -f kubernetes/crossplane/resources/azure/resource-vnet.yaml
error: resource mapping not found for name: "marcel-test-vnet" namespace: "" from "kubernetes/crossplane/resources/azure/resource-vnet.yaml": no matches for kind "VirtualNetwork" in version "network.azure.upbound.io/v1beta1"
ensure CRDs are installed first
```
We see there is no CRD for Azure VNETs, that is because every type of resource in Azure is modularized into a separate provider, so we will need the networking provider first </br>
Install the Azure Network Provider:
```
kubectl apply -f kubernetes/crossplane/provider-azure-network.yaml
```
Retry the resource creation:
```
kubectl apply -f kubernetes/crossplane/resources/azure/resource-vnet.yaml
kubectl get virtualnetwork
```
### Deploy a Virtual Network Subnet
```
kubectl apply -f kubernetes/crossplane/resources/azure/resource-subnet.yaml
kubectl get subnet
```
### Deploy a Virtual Network Card
```
kubectl apply -f kubernetes/crossplane/resources/azure/resource-networkcard.yaml
kubectl get networkinterface
```
### Deploy a Virtual Machine
Firstly need to add the compoute provider for Azure
```
kubectl apply -f kubernetes/crossplane/provider-azure-compute.yaml
```
Deploy a Virtual Machine:
```
kubectl apply -f kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml
```

6
kubernetes/crossplane/provider-azure-compute.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: provider-azure-compute
spec:
package: xpkg.upbound.io/upbound/provider-azure-compute:v1.12.0

6
kubernetes/crossplane/provider-azure-network.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: provider-azure-network
spec:
package: xpkg.upbound.io/upbound/provider-azure-network:v1.12.0

4
kubernetes/crossplane/provider-azure.yaml
View File

@ -1,6 +1,6 @@
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: provider-azure-network
name: provider-family-azure
spec:
package: xpkg.crossplane.io/crossplane-contrib/provider-azure-network:v1.11.2
package: xpkg.upbound.io/upbound/provider-family-azure:v1.12.0

11
kubernetes/crossplane/providerconfig-azure.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: azure.upbound.io/v1beta1
metadata:
name: default
kind: ProviderConfig
spec:
credentials:
source: Secret
secretRef:
namespace: crossplane-system
name: azure-secret
key: creds

16
kubernetes/crossplane/resources/azure/resource-networkcard.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: network.azure.upbound.io/v1beta1
kind: NetworkInterface
metadata:
labels:
app: marcel-test
name: marcel-test
spec:
forProvider:
resourceGroupName: marcel-test
ipConfiguration:
- name: internal
privateIpAddressAllocation: Dynamic
subnetIdSelector:
matchLabels:
app: marcel-test
location: "AustraliaEast"

14
kubernetes/crossplane/resources/azure/resource-subnet.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: network.azure.upbound.io/v1beta2
kind: Subnet
metadata:
labels:
app: marcel-test
name: marcel-test
spec:
forProvider:
resourceGroupName: marcel-test
addressPrefixes:
- 10.0.2.0/24
virtualNetworkNameSelector:
matchLabels:
app: marcel-test

26
kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml Normal file
View File

@ -0,0 +1,26 @@
apiVersion: compute.azure.upbound.io/v1beta2
kind: LinuxVirtualMachine
metadata:
labels:
app: marcel-test
name: marcel-test
spec:
forProvider:
resourceGroupName: marcel-test
adminSshKey:
- publicKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN
you@me.com
username: adminuser
adminUsername: adminuser
location: "AustraliaEast"
networkInterfaceIdsRefs:
- name: marcel-test
osDisk:
caching: ReadWrite
storageAccountType: Standard_LRS
size: Standard_F2
sourceImageReference:
offer: UbuntuServer
publisher: Canonical
sku: 16.04-LTS
version: latest

12
kubernetes/crossplane/resources/azure/resource-vnet.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: network.azure.upbound.io/v1beta1
kind: VirtualNetwork
metadata:
name: marcel-test-vnet
labels:
app: marcel-test
spec:
forProvider:
addressSpace:
- 10.0.0.0/16
location: "AustraliaEast"
resourceGroupName: marcel-test