Demo repository for my Crossplane conference talk.
You need to have the following tools installed locally to be able to complete all steps:
For local installation simply follow the instructions found on the official Crossplane documentation.
# install latest Crossplane release using Helm in a dedicated namespace
kubectl create namespace crossplane-system
helm repo add crossplane-stable https://charts.crossplane.io/stable
helm repo update
helm install crossplane --namespace crossplane-system crossplane-stable/crossplane --set provider.packages={crossplane/provider-aws:v0.24.1}
## check everything came up OK
helm list -n crossplane-system
kubectl get all -n crossplane-system# define required ENV variables for the next steps to work
$ export AWS_ACCOUNT_ID=`aws sts get-caller-identity --query Account --output text`
$ export GITHUB_USER=lreimer
$ export GITHUB_TOKEN=<your-token>
# setup an EKS cluster with Flux2
$ make create-eks-cluster
$ make bootstrap-eks-flux2
# setup a GKE cluster with Flux2
$ make create-gke-cluster
$ make bootstrap-gke-flux2
# modify Flux kustomization and add
# - cluster-sync.yaml
# - notification-receiver.yaml
# - receiver-service.yaml
# - webhook-token.yaml
# - image-update-automation.yaml
# you also need to create the webhook for the Git Repository
# Payload URL: http://<LoadBalancerAddress>/<ReceiverURL>
# Secret: the webhook-token value
$ kubectl -n flux-system get svc/receiver
$ kubectl -n flux-system get receiver/webapp
$ make destroy-clustersFor AWS the configuration needs to reference the required credentials in the form of a secret.
These are basically the aws_access_key_id and aws_secret_access_key from the default profile found in the ${HOME}/.aws/credentials file. With this information we can create a secret and reference it from a provider config resource.
kubectl create secret generic aws-credentials -n crossplane-system --from-file=credentials=${HOME}/.aws/credentials
# we could manually installe the AWS provider
# kubectl crossplane install provider crossplane/provider-aws:v0.24.1
cd crossplane/aws/
kubectl apply -n crossplane-system -f provider.yaml
kubectl apply -n crossplane-system -f providerconfig.yaml
kubectl get events
kubectl get crds
# create an S3 bucket in eu-central-1
kubectl apply -f s3/bucket.yaml
aws s3 ls
# create an ECR in eu-central-1
kubectl apply -f ecr/repository.yaml
aws ecr describe-repositories
# create SNS topic and subscription
kubectl apply -f sns/topic.yaml
aws sns list-topics
kubectl apply -f sns/subscription.yaml
aws sns list-subscriptions
aws sns publish --subject Test --message Crossplane --topic-arn arn:aws:sns:eu-central-1:<AWS_ACCOUNT_ID>:email-topic
# create a SQS queue
kubectl apply -f sqs/queue.yaml
aws sqs list-queues
# create Aurora Serverless
kubectl apply -f db/aurora-serverless.yaml
aws rds describe-db-clusters
kubectl apply -f db/aurora-client.yaml
# use XRD to create an ECR
kubectl apply -f xrd/repository/definition.yaml
kubectl apply -f xrd/repository/composition.yaml
kubectl apply -f xrd/repository/examples/example-repository.yaml
cd xrd/repository/
kubectl crossplane build configuration --ignore=examples/example-repository.yaml
# use XRD to create an S3 bucket
kubectl apply -f xrd/bucket/definition.yaml
kubectl apply -f xrd/bucket/composition.yaml
kubectl apply -f xrd/bucket/examples/example-bucket.yaml
cd xrd/bucket/
kubectl crossplane build configuration --ignore=examples/example-bucket.yaml
# use XRD to create PostgreSQL instance
kubectl apply -f xrd/postgresql/definition.yaml
kubectl apply -f xrd/postgresql/composition.yaml
kubectl apply -f xrd/postgresql/examples/example-db.yaml
kubectl get postgresqlinstances.db.aws.qaware.de example-db
kubectl get claim
kubectl get secrets
kubectl describe secret example-db-conn
kubectl apply -f xrd/postgresql/examples/example-db-client.yaml
kubectl get pods
kubectl logs example-db-client-sjdh7
cd xrd/postgresql/
kubectl crossplane build configuration --ignore=examples/example-db.yaml,examples/example-db-client.yamlFor examples of the GCP provider have a look the Github repository
# we need to create a GCP service account and secret
gcloud iam service-accounts create crossplane-system --display-name=Crossplane
gcloud projects add-iam-policy-binding cloud-native-experience-lab --role=roles/iam.serviceAccountUser --member serviceAccount:crossplane-system@cloud-native-experience-lab.iam.gserviceaccount.com
gcloud projects add-iam-policy-binding cloud-native-experience-lab --role=roles/storage.admin --member serviceAccount:crossplane-system@cloud-native-experience-lab.iam.gserviceaccount.com
gcloud iam service-accounts keys create gcp-credentials.json --iam-account crossplane-system@cloud-native-experience-lab.iam.gserviceaccount.com
kubectl create secret generic gcp-credentials -n crossplane-system --from-file=credentials=./gcp-credentials.json
# we could manually installe the AWS provider
# kubectl crossplane install provider crossplane/provider-gcp:v0.21.0
cd crossplane/gcp/
kubectl apply -n crossplane-system -f provider.yaml
kubectl apply -n crossplane-system -f providerconfig.yaml
# create an storage bucket in eu-central-1
kubectl apply -f storage/bucket.yaml
gsutil lsM.-Leander Reimer (@lreimer), [email protected]
This software is provided under the MIT open source license, read the LICENSE
file for details.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent