crossplane resources and readme

add provider
2025-06-06 17:01:30 +00:00 · 2025-05-20 16:32:56 +10:00 · 2025-05-17 13:01:35 +10:00
9 changed files with 217 additions and 1 deletions
--- a/kubernetes/crossplane/README.md
+++ b/kubernetes/crossplane/README.md
@ -43,6 +43,125 @@ kubectl get pods -n crossplane-system
 kubectl get deployments -n crossplane-system
 ```
 Once the pods are all running, we can see the `api-versions` 
 ```
 kubectl api-versions  | grep crossplane
 ```
 We can also see the new k8s objects that are installed with 
 ```
 kubectl api-resources | grep crossplane
 ```
 ## Providers 
-[Providers](https://docs.crossplane.io/latest/concepts/providers/)
+[Providers](https://docs.crossplane.io/latest/concepts/providers/) allow us to setup external providers that helps provision infrastructure for external services. </br>
 For example, our crossplane cluster may have providers for deploying Azure, AWS, GCP or any other external infrastructure </br>
 Furthermore, there is marketplace that hosts many providers, configurations and extensions for Crossplane called [Upbound](https://marketplace.upbound.io/providers)
 Install a Provider for a cloud provider Azure:
 ```
 kubectl apply -f kubernetes/crossplane/provider-azure.yaml
 ```
 Check our provider:
 ```
 kubectl get provider
 kubectl describe provider provider-family-azure
 ```
 ## Provider Configuration
 Once we have a provider setup, we can configure it using a `ProviderConfig` in Kubernetes </br>
 An impotrant configuration is to tell the Crossplane Provider how to authenticate with its external service. </br>
 For example, when using an Azure Provider, you need an Azure Service Principal, and for AWS you may need a service account with AWS account id and key. </br>
 Each provider will have their own supported authentication methods. </br>
 ### Create Provider credentials 
 ```
 SUBSCRIPTION_ID=<subscription-id>
 RESOURCE_GROUP=marcel-test
 az account set -s $SUBSCRIPTION_ID
 az group create -n $RESOURCE_GROUP -l australiaeast
 az ad sp create-for-rbac --sdk-auth  \
 -n marcel-test \
 --role Contributor \
 --scopes "/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP" > azure-credentials.json
 ```
 ### Create Prpovider Kubernetes Secret 
 ```
 kubectl create secret \
 generic azure-secret \
 -n crossplane-system \
 --from-file=creds=./azure-credentials.json
 ```
 ### Deploy the Provider Configuration
 ```
 kubectl apply -f kubernetes/crossplane/providerconfig-azure.yaml
 ```
 ### Create Provider Resources 
 ```
 kubectl apply -f kubernetes/crossplane/resources/azure/resource-vnet.yaml
 error: resource mapping not found for name: "marcel-test-vnet" namespace: "" from "kubernetes/crossplane/resources/azure/resource-vnet.yaml": no matches for kind "VirtualNetwork" in version "network.azure.upbound.io/v1beta1"
 ensure CRDs are installed first
 ```
 We see there is no CRD for Azure VNETs, that is because every type of resource in Azure is modularized into a separate provider, so we will need the networking provider first </br>
 Install the Azure Network Provider:
 ```
 kubectl apply -f kubernetes/crossplane/provider-azure-network.yaml
 ```
 Retry the resource creation:
 ```
 kubectl apply -f kubernetes/crossplane/resources/azure/resource-vnet.yaml
 kubectl get virtualnetwork
 ```
 ### Deploy a Virtual Network Subnet 
 ```
 kubectl apply -f kubernetes/crossplane/resources/azure/resource-subnet.yaml
 kubectl get subnet
 ```
 ### Deploy a Virtual Network Card 
 ```
 kubectl apply -f kubernetes/crossplane/resources/azure/resource-networkcard.yaml
 kubectl get networkinterface
 ```
 ### Deploy a Virtual Machine 
 Firstly need to add the compoute provider for Azure
 ```
 kubectl apply -f kubernetes/crossplane/provider-azure-compute.yaml
 ```
 Deploy a Virtual Machine:
 ```
 kubectl apply -f kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml
 ```
--- a/kubernetes/crossplane/provider-azure-compute.yaml
+++ b/kubernetes/crossplane/provider-azure-compute.yaml
@ -0,0 +1,6 @@
 apiVersion: pkg.crossplane.io/v1
 kind: Provider
 metadata:
  name: provider-azure-compute
 spec:
  package: xpkg.upbound.io/upbound/provider-azure-compute:v1.12.0
--- a/kubernetes/crossplane/provider-azure-network.yaml
+++ b/kubernetes/crossplane/provider-azure-network.yaml
@ -0,0 +1,6 @@
 apiVersion: pkg.crossplane.io/v1
 kind: Provider
 metadata:
  name: provider-azure-network
 spec:
  package: xpkg.upbound.io/upbound/provider-azure-network:v1.12.0
--- a/kubernetes/crossplane/provider-azure.yaml
+++ b/kubernetes/crossplane/provider-azure.yaml
@ -0,0 +1,6 @@
 apiVersion: pkg.crossplane.io/v1
 kind: Provider
 metadata:
  name: provider-family-azure
 spec:
  package: xpkg.upbound.io/upbound/provider-family-azure:v1.12.0
--- a/kubernetes/crossplane/providerconfig-azure.yaml
+++ b/kubernetes/crossplane/providerconfig-azure.yaml
@ -0,0 +1,11 @@
 apiVersion: azure.upbound.io/v1beta1
 metadata:
  name: default
 kind: ProviderConfig
 spec:
  credentials:
    source: Secret
    secretRef:
      namespace: crossplane-system
      name: azure-secret
      key: creds
--- a/kubernetes/crossplane/resources/azure/resource-networkcard.yaml
+++ b/kubernetes/crossplane/resources/azure/resource-networkcard.yaml
@ -0,0 +1,16 @@
 apiVersion: network.azure.upbound.io/v1beta1
 kind: NetworkInterface
 metadata:
  labels:
    app: marcel-test
  name: marcel-test
 spec:
  forProvider:
    resourceGroupName: marcel-test
    ipConfiguration:
    - name: internal
      privateIpAddressAllocation: Dynamic
      subnetIdSelector:
        matchLabels:
          app: marcel-test
    location: "AustraliaEast"
--- a/kubernetes/crossplane/resources/azure/resource-subnet.yaml
+++ b/kubernetes/crossplane/resources/azure/resource-subnet.yaml
@ -0,0 +1,14 @@
 apiVersion: network.azure.upbound.io/v1beta2
 kind: Subnet
 metadata:
  labels:
    app: marcel-test
  name: marcel-test
 spec:
  forProvider:
    resourceGroupName: marcel-test
    addressPrefixes:
    - 10.0.2.0/24
    virtualNetworkNameSelector:
      matchLabels:
        app: marcel-test
--- a/kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml
+++ b/kubernetes/crossplane/resources/azure/resource-virtualmachine.yaml
@ -0,0 +1,26 @@
 apiVersion: compute.azure.upbound.io/v1beta2
 kind: LinuxVirtualMachine
 metadata:
  labels:
    app: marcel-test
  name: marcel-test
 spec:
  forProvider:
    resourceGroupName: marcel-test
    adminSshKey:
    - publicKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN
        you@me.com
      username: adminuser
    adminUsername: adminuser
    location: "AustraliaEast"
    networkInterfaceIdsRefs:
    - name: marcel-test
    osDisk:
      caching: ReadWrite
      storageAccountType: Standard_LRS
    size: Standard_F2
    sourceImageReference:
      offer: UbuntuServer
      publisher: Canonical
      sku: 16.04-LTS
      version: latest
--- a/kubernetes/crossplane/resources/azure/resource-vnet.yaml
+++ b/kubernetes/crossplane/resources/azure/resource-vnet.yaml
@ -0,0 +1,12 @@
 apiVersion: network.azure.upbound.io/v1beta1
 kind: VirtualNetwork
 metadata:
  name: marcel-test-vnet
  labels:
    app: marcel-test
 spec:
  forProvider:
    addressSpace:
      - 10.0.0.0/16
    location: "AustraliaEast"
    resourceGroupName: marcel-test
Author	SHA1	Message	Date
marcel-dempers	e89da26fa4	crossplane resources and readme	2025-05-20 16:32:56 +10:00
marcel-dempers	4135419bbd	add provider	2025-05-17 13:01:35 +10:00