crossplane
/
docs
mirror of https://github.com/crossplane/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs snapshot for crossplane version `master`

This commit is contained in:
Crossplane 2019-09-17 22:50:23 +00:00
parent 321d52bd01
commit ce1b404cb3
16 changed files with 1063 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

172
docs/master/README.md
View File

@ -1,20 +1,140 @@
# Crossplane
# Welcome to Crossplane!
Crossplane is an open source multicloud control plane. It introduces workload and resource abstractions on-top of existing managed services that enables a high degree of workload portability across cloud providers. A single crossplane enables the provisioning and full-lifecycle management of services and infrastructure across a wide range of providers, offerings, vendors, regions, and clusters. Crossplane offers a universal API for cloud computing, a workload scheduler, and a set of smart controllers that can automate work across clouds.
Crossplane is an open source multicloud control plane to manage your
cloud-native applications and infrastructure across environments, clusters,
regions and clouds. It enables provisioning and full-lifecycle management
of applications and managed services from your choice of cloud using `kubectl`.
<h4 align="center"><img src="media/arch.png" alt="Crossplane" height="400"></h4>
Crossplane can be installed into an existing Kubernetes cluster to add managed
service provisioning or deployed as a dedicated control plane for multi-cluster
management and workload scheduling.
Crossplane presents a declarative management style API that covers a wide range of portable abstractions including databases, message queues, buckets, data pipelines, serverless, clusters, and many more coming. Its based on the declarative resource model of the popular [Kubernetes](https://github.com/kubernetes/kubernetes) project, and applies many of the lessons learned in container orchestration to multicloud workload and resource orchestration.
Crossplane enables the community to build and publish Stacks to add more clouds
and cloud services to Crossplane with support for out-of-tree extensibility and
independent release schedules. Crossplane includes Stacks for [GCP][stack-gcp],
[AWS][stack-aws], and [Azure][stack-azure] today.
Crossplane supports a clean separation of concerns between developers and administrators. Developers define workloads without having to worry about implementation details, environment constraints, and policies. Administrators can define environment specifics, and policies. The separation of concern leads to a higher degree of reusability and reduces complexity.
<h4 align="center"><img src="media/crossplane-overview.png" alt="Crossplane"
height="400"></h4>
Crossplane includes a workload scheduler that can factor a number of criteria including capabilities, availability, reliability, cost, regions, and performance while deploying workloads and their resources. The scheduler works alongside specialized resource controllers to ensure policies set by administrators are honored.
Crossplane has four main feature areas that can be used independently:
1. Crossplane Services - provision managed services from kubectl.
1. Crossplane Stacks - extend Crossplane with new functionality.
1. Crossplane Workloads - define complete applications and schedule across
clusters, regions, and clouds.
1. Crossplane Clusters - manage multiple Kubernetes clusters from a single
control plane.
## Crossplane Services
Crossplane Services supports managed service provisioning
using `kubectl`. It applies the Kubernetes pattern for Persistent Volume (PV)
claims and classes to managed service provisioning with support for a strong
separation of concern between app teams and cluster administrators.
App teams can choose between cloud-specific and portable services including
managed databases, message queues, buckets, data pipelines, and more to define
complete applications, build once, and deploy into multiple clouds using
continuous delivery pipelines or GitOps flows.
Cluster administrators can define self-service policies and best-practice
configurations to accelerate app delivery and improve security, so app teams can
focus on delivering their app instead of cloud-specific infrastructure details.
The [Crossplane Services Guide][services-user-guide] explores related concepts and
shows how to use Crossplane Services to deploy a Wordpress instance that
securely consumes a managed `MySQLInstance` from GCP, AWS, or Azure from
`kubectl`.
## Crossplane Stacks
Stacks extend Crossplane with new functionality and can be
installed using the [Stack
Manager][stacks-manager]
via the [Kubernetes
API][stack-install-docs]
or with the [crossplane kubectl
plugin][crossplane-cli] [`stack install`][crossplane-cli-usage] command.
Crossplane is built on the Kubernetes API machinery as a platform, and Stacks
simplify extending the Kubernetes API to provision and lifecycle manage apps and
the managed service infrastructure they depend on, including [Stack security and
isolation][stack-security-design].
The [Crossplane Stacks Guide][stack-user-guide] shows how to deploy a portable [Wordpress Stack][stack-wordpress-registry]
into multiple clouds using Infra Stacks including
[stack-gcp][stack-gcp], [stack-aws][stack-aws], and [stack-azure][stack-azure].
### Infrastructure Stacks
Infra Stacks like [stack-gcp][stack-gcp], [stack-aws][stack-aws], and [stack-azure][stack-azure]
extend the Kubernetes API to support managed service provisioning (DBaaS, cache, buckets), secure
connectivity (VPCs, subnets, peering, ACLs, secrets), and provisioning managed
Kubernetes clusters on demand to further isolate the blast radius of applications.
Infra Stacks are pre-built and published to the [Stacks
registry][stack-registry] where they can
be installed by a Cluster Admin using a
[`ClusterStackInstall`][stack-install-docs]
Kubernetes API kind or with the [`stack
install`][crossplane-cli-usage] command that
installs a Stacks with permissions to watch resources at a cluster level, across
all namespaces.
Infra Stacks are covered in both the [Crossplane Services
Guide][services-user-guide] and the
[Crossplane Stacks Guide][stack-user-guide].
### Application Stacks
App Stacks depend on Infra Stacks like
[stack-gcp][stack-gcp], [stack-aws][stack-aws], and [stack-azure][stack-azure]
to provide managed services via the Kubernetes API.
App Stacks are pre-built and published to the [Stacks
registry][stack-registry] where they can
be installed by an app team using a
[`StackInstall`][stack-install-docs]
Kubernetes API kind or with the [`stack
install`][crossplane-cli-usage] command that
installs Stacks with permissions only within a single namespace.
The [Crossplane Stacks Guide][stack-user-guide] covers how to deploy a portable
[Wordpress Stack][stack-wordpress] into multiple clouds using Infra Stacks such
as [stack-gcp][stack-gcp], [stack-aws][stack-aws], and [stack-azure][stack-azure].
### Build your own Stack
The [Crossplane Developer Guide][stack-developer-guide] shows how to
build and extend Infra Stacks and App Stacks.
## Crossplane Workloads
Crossplane includes an extensible workload scheduler that observes application
policies to select a suitable target cluster from a pool of available clusters.
The workload scheduler can be customized to consider a number of criteria including
capabilities, availability, reliability, cost, regions, and performance while
deploying workloads and their resources.
Complex workloads can be modeled as a
[`KubernetesApplication`][k8s-app-design]
resource as done by the portable [Wordpress Stack][stack-wordpress] which
automates the lifecycle of a
[`KubernetesApplication`][k8s-app-design]
including provisioning and secure connectivity to a managed `MySQLInstance`.
## Crossplane Clusters
Crossplane supports dynamic provisioning of managed
Kubernetes clusters from a single control plane with consistent multi-cluster
best-practice configuration and secure connectivity between target Kubernetes
clusters and the managed services provisioned for applications. Managed
Kubernetes clusters can be dynamically provisioned with a `KubernetesCluster`
resource as done by the portable [Wordpress Stack][stack-wordpress] which
automates the lifecycle of a `KubernetesCluster`.
## Architecture and Vision
The full architecture and vision of the Crossplane project is described in depth in the [architecture document](https://docs.google.com/document/d/1whncqdUeU2cATGEJhHvzXWC9xdK29Er45NJeoemxebo/edit?usp=sharing). It is the best place to learn more about how Crossplane fits into the Kubernetes ecosystem, the intended use cases, and comparisons to existing projects.
The full architecture and vision of the Crossplane project is described in depth
in the [architecture document][arch-doc].
It is the best place to learn more about how Crossplane fits into the Kubernetes
ecosystem, the intended use cases, and comparisons to existing projects.
## Table of Contents
## Learn More
If you have any questions, please drop us a note on [Crossplane Slack][join-crossplane-slack] or [contact us][contact-us]!
* [Quick Start Guide](quick-start.md)
* [Getting Started](getting-started.md)
@ -27,3 +147,39 @@ The full architecture and vision of the Crossplane project is described in depth
* [API Reference](api.md)
* [FAQs](faqs.md)
* [Contributing](contributing.md)
### Next Steps
Use [stack-gcp][stack-gcp], [stack-aws][stack-aws], and [stack-azure][stack-azure] in the the following guides:
* [Crossplane Service Guide][services-user-guide] - upgrade an existing Kubernetes cluster
to support managed service provisioning from kubectl.
* [Crossplane Stacks Guide][stack-user-guide] - deploy a portable Wordpress Stack into
multiple clouds.
[Learn more][learn-more] about Crossplane.
<!-- Named links -->
[services-user-guide]: services-guide.md
[stack-user-guide]: stacks-guide.md
[stack-developer-guide]: developer-guide.md
[stack-manager]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#terminology
[crossplane-cli]: https://github.com/crossplaneio/crossplane-cli
[crossplane-cli-usage]: https://github.com/crossplaneio/crossplane-cli#usage
[stack-sercurity-design]: https://github.com/crossplaneio/crossplane/blob/master/design/one-pager-stacks-security-isolation.md
[stack-wordpress-registry]: https://hub.docker.com/r/crossplane/sample-stack-wordpress
[stack-wordpress]: https://github.com/crossplaneio/sample-stack-wordpress
[stack-gcp]: https://github.com/crossplaneio/stack-gcp
[stack-aws]: https://github.com/crossplaneio/stack-aws
[stack-azure]: https://github.com/crossplaneio/stack-azure
[stack-registry]: https://hub.docker.com/search?q=crossplane&type=image
[stack-install-docs]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#installation-flow
[k8s-app-design]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-complex-workloads.md#design
[arch-doc]: https://docs.google.com/document/d/1whncqdUeU2cATGEJhHvzXWC9xdK29Er45NJeoemxebo/edit?usp=sharing
[contact-us]: https://github.com/crossplaneio/crossplane#contact
[join-crossplane-slack]: https://slack.crossplane.io
[learn-more]: learn-more.md

2
docs/master/cloud-providers.md
View File

@ -1,7 +1,7 @@
---
title: Adding Your Cloud Providers
toc: true
weight: 330
weight: 230
indent: true
---

2
docs/master/concepts.md
View File

@ -1,7 +1,7 @@
---
title: Concepts
toc: true
weight: 410
weight: 1510
---
# Concepts

4
docs/master/contributing.md
View File

@ -1,11 +1,11 @@
---
title: Contributing
toc: true
weight: 710
weight: 5110
---
# Contributing
Crossplane is a community driven project and we welcome contributions.
That includes [opening issues](https://github.com/crossplaneio/crossplane/issues) for improvements you'd like to see as well as submitting changes to the code base.
For more information about the contribution process, please see the [contribution guide](https://github.com/crossplaneio/crossplane/blob/master/CONTRIBUTING.md).
For more information about the contribution process, please see the [contribution guide](https://github.com/crossplaneio/crossplane/blob/master/CONTRIBUTING.md).

2
docs/master/deploy.md
View File

@ -1,7 +1,7 @@
---
title: Deploying Workloads
toc: true
weight: 340
weight: 240
indent: true
---
# Deploying Workloads

105
docs/master/developer-guide.md Normal file
View File

@ -0,0 +1,105 @@
---
title: Developer Guide
toc: true
weight: 5010
---
# Developer Guide
Welcome to the Crossplane Developer Guide!
## Overview
Infra Stacks like
[stack-gcp][stack-gcp], [stack-aws][stack-aws], and [stack-azure][stack-azure] extend Crossplane
to support managed service provisioning (databases, caches, buckets), secure
connectivity (VPCs, subnets, peering, ACLs, secrets), and provisioning managed
Kubernetes clusters on demand to further isolate the blast radius of
applications.
Infra Stacks are typically pre-built and published to the [Stacks
registry][stack-registry], where they can
be installed by a cluster administrator using a
[`ClusterStackInstall`][stack-install-docs]
kind via the Kubernetes API or with the [`stack
install`][crossplane-cli-usage] command.
App Stacks depend on Infra Stacks like
[stack-gcp][stack-gcp], [stack-aws][stack-aws], or [stack-azure][stack-azure]
to provide the managed services they depend on via the Kubernetes API.
App Stacks may also be pre-built and published to the [Stacks
registry][stack-registry] where they can
be deployed by application teams using a
[`StackInstall`][crossplane-cli-usage]]
kind via the Kubernetes API or with the [`stack
install`][crossplane-cli-usage]) command.
## Infra Stacks
### Using Infra Stacks
The [Crossplane Services Guide][services-user-guide]
shows how to use existing Infra Stacks to deploy a Wordpress `Deployment`
that securely consumes a MySQL instance from GCP, AWS, or Azure all from
`kubectl`.
### Building Infra Stacks
Infra Stacks are out-of-tree Crossplane extensions
that can be built and published on their own schedule separate from the core
Crossplane repos.
Crossplane enables the community to build a modular, open cloud control plane
where any cloud service or capability can be added using the [Stack
Manager][stack-manager],
an extension manager for the Kubernetes API. Crossplane Stacks simplify the work
required to build, publish, install and manage control plane extensions with a
powerful RBAC permission model, integrated dependency management, and more.
The [Infra Stack Developer Guide][infra-stack-developer-guide] shows how to:
* Extend existing Infra Stacks ([stack-gcp][stack-gcp], [stack-aws][stack-aws],
[stack-azure][stack-azure]) to add more cloud services.
* Build a new Infra Stack to add more cloud providers.
* Make independent cloud offerings available via the Kubernetes API, so
application teams can use them just like standard Kubernetes resources.
## App Stacks
### Using App Stacks
The [Crossplane Stacks Guide][stacks-user-guide] guide
shows how to use a [portable App
Stack][stack-wordpress-registry] that can
deploy with any Infra Stack including:
[stack-gcp][stack-gcp], [stack-aws][stack-aws], or [stack-azure][stack-azure].
### Building App Stacks
To learn how to build a "Hello World" Stack see the
[Stacks Quick Start][stacks-quick-start].
For a complete App Stack, see the [portable Wordpress App
Stack][stack-wordpress] with a
kubebuilder-based app
[`Controller`][kubernetes-controller]
that owns a `WordressInstance` CRD, builds a complete `KubernetesApplication`,
and automates much of what's covered in the [Crossplane Services
Guide][services-user-guide] plus dynamic cluster provisioning, so you can
provision a complete Wordpress app instance from `kubectl` using a single Kubernetes object.
## Learn More
If you have any questions, please drop us a note on [Crossplane Slack][join-crossplane-slack] or [contact us][contact-us]!
To [learn more][learn-more] checkout these [useful links][learn-more].
<!-- Named links -->
[services-user-guide]: services-guide.md
[stack-user-guide]: stacks-guide.md
[stack-registry]: https://hub.docker.com/search?q=crossplane&type=image
[crossplane-cli-usage]: https://github.com/crossplaneio/crossplane-cli#usage
[stack-install-docs]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#installation-flow
[stack-gcp]: https://github.com/crossplaneio/stack-gcp
[stack-aws]: https://github.com/crossplaneio/stack-aws
[stack-azure]: https://github.com/crossplaneio/stack-azure
[stack-wordpress]: https://github.com/crossplaneio/sample-stack-wordpress
[stack-wordpress-registry]: https://hub.docker.com/r/crossplane/sample-stack-wordpress
[stack-manager]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#terminology
[infra-stack-developer-guide]: developer-guide.md
[stack-quick-start]: https://github.com/crossplaneio/crossplane-cli#quick-start-stacks
[kubernetes-controller]: https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/#custom-controllers
[join-crossplane-slack]: https://slack.crossplane.io
[contact-us]: https://github.com/crossplaneio/crossplane#contact
[learn-more]: learn-more.md

2
docs/master/faqs.md
View File

@ -1,7 +1,7 @@
---
title: FAQs
toc: true
weight: 610
weight: 2110
---
# Frequently Asked Questions (FAQs)

12
docs/master/getting-started.md
View File

@ -1,12 +0,0 @@
---
title: Getting Started
toc: true
weight: 310
---
# Getting Started
* [Installing Crossplane](install-crossplane.md)
* [Adding Your Cloud Providers](cloud-providers.md)
* [Deploying Workloads](deploy.md)
* [Running Resources](running-resources.md)
* [Troubleshooting](troubleshoot.md)

2
docs/master/install-crossplane.md
View File

@ -1,7 +1,7 @@
---
title: Install
toc: true
weight: 320
weight: 220
indent: true
---
# Installing Crossplane

7
docs/master/learn-more.md
View File

@ -1,10 +1,12 @@
---
title: Learn More
toc: true
weight: 810
weight: 6010
---
# Learn More
If you have any questions, please drop us a note on [Crossplane Slack][join-crossplane-slack] or [contact us][contact-us]!
***Learn more about using Crossplane***
- [GitLab deploys into multiple clouds from kubectl using Crossplane](https://about.gitlab.com/2019/05/20/gitlab-first-deployed-kubernetes-api-to-multiple-clouds/)
- [CNCF Talks & Community Presentations](https://www.youtube.com/playlist?list=PL510POnNVaaZJj9OG6PbgsZvgYbhwJRyE)
@ -29,3 +31,6 @@ weight: 810
- Drop us a note on Twitter: [@crossplane_io](https://twitter.com/crossplane_io)
- Email us: [info@crossplane.io](mailto:info@crossplane.io)
<!-- Named links -->
[join-crossplane-slack]: https://slack.crossplane.io
[contact-us]: https://github.com/crossplaneio/crossplane#contact

BIN
docs/master/media/crossplane-overview.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 375 KiB

10
docs/master/quick-start.md
View File

@ -12,6 +12,10 @@ The Workload will be deployed into the target Kubernetes cluster, and be configu
The general steps for this example are as follows:
1. Install Crossplane so it is ready to manage resources on your behalf: [Install Crossplane](install-crossplane.md)
1. Set up a cloud provider and add it to Crossplane: [Adding a Cloud Provider](cloud-providers.md)
1. Deploy a portable workload to the cloud provider: [Deploying Workloads](deploy.md)
1. [Install Crossplane](install-crossplane.md) into your Kubernetes cluster.
1. [Add a cloud provider](cloud-providers.md) for managed service provisioning.
1. [Deploy a workload](deploy.md) (Wordpress) including the managed services it depends on (MySQL).
Additional info:
* [Running Resources](running-resources.md)
* [Troubleshooting](troubleshoot.md)

4
docs/master/related-projects.md
View File

@ -1,7 +1,7 @@
---
title: Related Projects
toc: true
weight: 510
weight: 2110
---
# Related Projects
@ -29,4 +29,4 @@ These products offer a declarative model for deploying and provisioning infrastr
## Pulumi
[Pulumi](https://www.pulumi.com/) is a product that is based on terraform and uses most of its providers. Instead of using a configuration language, Pulumi uses popular programming languages like Typescript to capture the configuration. At runtime, Pulumi generates a DAG of resources just like terraform and applies it to cloud providers. Pulumi has an early model for workload portability that is implemented using language abstractions. Unlike Crossplane, it does not have any active controllers that can react to failures, or make changes to running infrastructure without human intervention, nor does it support workload scheduling. Pulumi attempts to solve multicloud scenarios at the language level, while Crossplane is at the API and control plane level. Pulumi is open source under a APL2 license but a number of features require using their SaaS offering.
[Pulumi](https://www.pulumi.com/) is a product that is based on terraform and uses most of its providers. Instead of using a configuration language, Pulumi uses popular programming languages like Typescript to capture the configuration. At runtime, Pulumi generates a DAG of resources just like terraform and applies it to cloud providers. Pulumi has an early model for workload portability that is implemented using language abstractions. Unlike Crossplane, it does not have any active controllers that can react to failures, or make changes to running infrastructure without human intervention, nor does it support workload scheduling. Pulumi attempts to solve multicloud scenarios at the language level, while Crossplane is at the API and control plane level. Pulumi is open source under a APL2 license but a number of features require using their SaaS offering.

4
docs/master/running-resources.md
View File

@ -1,7 +1,7 @@
---
title: Running Resources
toc: true
weight: 350
weight: 250
indent: true
---
# Running Resources
@ -96,4 +96,4 @@ reclaimPolicy: Delete
As the project continues to grow with support from the community, support for more resources will be added.
This includes all of the essential managed services from cloud providers as well as local or in-cluster services that deploy using the operator pattern.
Crossplane will provide support for serverless, databases, object storage (buckets), analytics, big data, AI, ML, message queues, key-value stores, and more.
Crossplane will provide support for serverless, databases, object storage (buckets), analytics, big data, AI, ML, message queues, key-value stores, and more.

769
docs/master/services-guide.md Normal file
View File

@ -0,0 +1,769 @@
---
title: Services Guide
toc: true
weight: 310
---
# Services Guide
Welcome to the Crossplane Services Guide!
Crossplane Services enables managed service provisioning from `kubectl`
including for databases, caches, buckets and more, including secure usage with
Kubernetes `Secrets`.
Crossplane Service follows established Kubernetes patterns like Persistent
Volume Claims (PVC) to support dynamic provisioning of managed services and a
clean separation of concerns between app teams and cluster administrators.
In this document, we will:
* Manually provision a new managed Kubernetes cluster and install Crossplane.
* Learn how to provision managed services from `kubectl`.
* Introduce cloud-specific guides with step-by-step instructions:
* [GCP Services Guide][gcp-services-guide]
* [AWS Services Guide][aws-services-guide]
* [Azure Services Guide][azure-services-guide]
* Explore how workload portability is achieved and how to configure shared clusters for multiple teams using namespaces.
* Provide next steps for learning more about Crossplane!
We will **not**:
* Learn first principles (see the concepts document for that level of detail)
* Deploy Crossplane as a dedicated control plane, it will run embedded in a single Kuberetes cluster.
* Use advanced workload scheduling or multi-cluster management.
If you have any questions, please drop us a note on [Crossplane Slack][join-crossplane-slack] or [contact us][contact-us]!
Let's go!
# Concepts
There are a bunch of things you might want to know to fully understand what's
happening in this document. This guide won't cover them, but there are other
ones that do. Here are some links!
* [Crossplane concepts][crossplane-concepts]
* [Kubernetes concepts][kubernetes-concepts]
# Before you get started
This guide assumes you are using a *nix-like environment. It also assumes you have a basic working familiarity with the following:
* The terminal environment
* Setting up cloud provider accounts for the cloud provider you want to use
You will need:
* A *nix-like environment
* A cloud provider account, for the cloud provider of your choice (out of the supported providers)
# Provisioning managed services from kubectl
Crossplane can be added to existing Kubernetes clusters and cleanly layers on
top of clusters provisioned by GKE, EKS, AKS, and more. Cluster administrators
install Crossplane, set cloud credentials, and offer classes of service for
self-service provisioning using `kubectl`. Application teams can provision
managed services with `Resource Claims` without having to worry about
cloud-specific infrastructure details or manage credentials.
# Overview
This guide shows how to provision a managed `MySQLInstance` and securely consume it from a Wordpress `Deployment`.
To provision a portable `MySQLInstance` for the Wordpress app we'd like to enable app teams to:
```sh
kubectl create -f mysql-claim.yaml
```
with mysql-claim.yaml:
```yaml
apiVersion: database.crossplane.io/v1alpha2
kind: MySQLInstance
metadata:
name: mysql-claim
namespace: app-project1-dev
spec:
classRef:
name: mysql-standard
writeConnectionSecretToRef:
name: mysql-claim-secret
engineVersion: "5.6"
```
Note there are no references in this `Resource Claim` to anything
cloud-specific. As such any environment can be configured to satisfy this claim,
using different configurations for different environments (dev, staging, prod),
or different managed service providers such as CloudSQL, RDS, or Azure DB.
This portable experience is typically accomplished by:
1. Defining **cloud-specific** `Resource Classes` in an infrastructure namespace.
1. Offering **portable** `Resource Classes` in an app project namespace for provisioning with `kubectl`.
1. Creating **portable** `Resource Claims` using `kubectl` to provision a managed service.
This enables the following usage: app -> portable claim -> portable class -> cloud-specific class -> provider.
## Steps
### A) One-time cluster setup
1. Manually provision a managed Kubernetes target cluster: GKE, EKA, AKS.
1. Install Crossplane into the target cluster.
1. Install a cloud provider Stack: GCP, AWS, Azure.
1. Connect a cloud provider account to a shared infrastructure namespace.
1. Create cloud-specific classes of service with best-practice configurations.
### B) Onboard app projects in a shared cluster
1. Create an app project namespace `app-project1-dev`.
1. Add portable classes of service for managed service provisioning using `kubectl`.
1. Set default classes of service.
### C) Deploy Wordpress with a managed MySQLInstance
1. Provision a `MySQLInstance` using `kubectl`.
1. Securely connect to the database using a generated Kubernetes `Secret`.
1. Verify Wordpress is working correctly.
1. Delete all resources.
1. Verify everything was cleanly deleted.
## Resulting Kubernetes objects
In an AWS envionment offering multiple classes of service, the following Kubernetes objects would result:
```text
namespaces
└── aws-infra-dev
└── provider # AWS provider configuration
└── provider-creds # AWS provider account credentials
└── rds-mysql-standard # RDS-specific class, non-portable config
└── rds-mysql-replicated # RDS-specific class, non-portable config
└── rds-postgres-standard # RDS-specific class, non-portable config
└── rds-postgres-replicated # RDS-specific class, non-portable config
└── app-project1-dev
└── mysql-standard # portable MySQL class of service
└── mysql-replicated # portable MySQL class of service
└── postgres-standard # portable PostgreSQL class of service
└── postgres-ha # portable PostgreSQL class of service
└── mysql-claim # portable MySQL claim for mysql-standard class of service
└── mysql-claim-secret # generated secret to access database
└── wordpress-deployment # standard Kubernetes deployment
└── wordpress-service # standard Kubernetes service
```
# Cloud-specific Guides
Use these step-by-step guides to provision a managed `MySQLInstance` and
securely consume it from a Wordpress `Deployment`:
* [GCP Services Guide][gcp-services-guide]
* [AWS Services Guide][aws-services-guide]
* [Azure Services Guide][azure-services-guide]
# Reviewing what happened across providers
This section reviews the general flow of the cloud-specific guides, how workload
portability is achieved using resource claims and classes, and techniques to
organize a shared cluster using namespaces.
## A) One-time cluster setup
### Managed Kubernetes Cluster
Provision a new managed Kubernetes cluster, following the cloud-specific guides
for [GCP][gcp-services-guide], [AWS][aws-services-guide], or [Azure][azure-services-guide]
### Install Crossplane
1. [Install Crossplane from the alpha channel][install-crossplane-alpha].
1. [Install a cloud provider Stack][install-provider-stacks]
from the [Stacks registry][stack-registry] from one of:
[stack-gcp][stack-gcp], [stack-aws][stack-aws], or [stack-azure][stack-azure].
### Connect Crossplane to a Cloud Provider
Crossplane supports connecting multiple cloud provider accounts from a single
cluster, so different environments (dev, staging, prod) can use separate
accounts, projects, and/or credentials.
While the guides use a single infrastructure namespace (gcp-infra-dev,
aws-infra-dev, or azure-infra-dev), you can create as many as you like using
whatever naming works best for your organization.
To connect an infrastructure namespace to a cloud provider:
1. Create an infrastructure namespace in the Kubernetes cluster.
1. [Obtain Cloud Provider Credentials][cloud-provider-creds]
and export to `BASE64ENCODED_PROVIDER_CREDS`.
1. Add a Crossplane `Provider`.
For example, based on your cloud provider, add a `Provider` to your infrastructure namespace:
gcp-provider.yaml
```yaml
---
apiVersion: v1
data:
credentials.json: $BASE64ENCODED_PROVIDER_CREDS
kind: Secret
metadata:
name: provider-creds
namespace: gcp-infra-dev
type: Opaque
---
## Crossplane GCP Provider
apiVersion: gcp.crossplane.io/v1alpha2
kind: Provider
metadata:
name: provider
namespace: gcp-infra-dev
spec:
credentialsSecretRef:
name: provider-creds
key: credentials.json
projectID: $PROJECT_ID
```
aws-provider.yaml
```yaml
apiVersion: v1
kind: Secret
metadata:
name: provider-creds
namespace: aws-infra-dev
type: Opaque
data:
credentials: $BASE64ENCODED_PROVIDER_CREDS
---
## Crossplane AWS Provider
apiVersion: aws.crossplane.io/v1alpha2
kind: Provider
metadata:
name: provider
namespace: aws-infra-dev
spec:
credentialsSecretRef:
key: credentials
name: provider-creds
region: $REGION
```
azure-provider.yaml
```yaml
---
apiVersion: v1
kind: Secret
metadata:
name: provider-creds
namespace: azure-infra-dev
type: Opaque
data:
credentials: $BASE64ENCODED_PROVIDER_CREDS
---
## Crossplane Azure Provider
apiVersion: azure.crossplane.io/v1alpha2
kind: Provider
metadata:
name: provider
namespace: azure-infra-dev
spec:
credentialsSecretRef:
name: provider-creds
key: credentials
```
The `Provider` defined in the infrastructure namespace will be referenced by cloud-specific `Resource Classes` in the next step.
### Create classes of service with best-practice configurations
**Cloud-specific** `Resource Classes` capture reusable, best-practice configurations for a specific managed service.
For example, Wordpress requires a MySQL database which can be satisfied by CloudSQL, RDS, or Azure DB.
Based on your cloud provider, add a **cloud-specific** `Resource Class` to your infrastructure namespace:
rds-mysql-standard.yaml
```yaml
---
apiVersion: database.aws.crossplane.io/v1alpha2
kind: RDSInstanceClass
metadata:
name: rds-mysql-standard
namespace: aws-infra-dev
specTemplate:
class: db.t2.small
masterUsername: masteruser
securityGroups:
- # sg-ab1cdefg
- # sg-05adsfkaj1ksdjak
size: 20
engine: mysql
providerRef:
name: demo
namespace: aws-infra-dev
reclaimPolicy: Delete
```
cloudsql--mysql-standard.yaml
```yaml
---
apiVersion: database.gcp.crossplane.io/v1alpha2
kind: CloudsqlInstanceClass
metadata:
name: cloudsql-mysql-standard
namespace: gcp-infra-dev
specTemplate:
databaseVersion: MYSQL_5_6
tier: db-custom-1-3840
region: us-west2
storageType: PD_SSD
storageGB: 10
providerRef:
name: demo
namespace: gcp-infra-dev
reclaimPolicy: Delete
```
azuredb-mysql-standard.yaml
```yaml
---
apiVersion: database.azure.crossplane.io/v1alpha2
kind: SQLServerClass
metadata:
name: azuredb-mysql-standard
namespace: azure-infra-dev
specTemplate:
adminLoginName: myadmin
resourceGroupName: group-westus-1
location: West US
sslEnforced: false
version: "5.6"
pricingTier:
tier: Basic
vcores: 1
family: Gen5
storageProfile:
storageGB: 25
backupRetentionDays: 7
geoRedundantBackup: false
providerRef:
name: demo
namespace: azure-infra-dev
reclaimPolicy: Delete
```
Creating multiple classes of service in an AWS environment results in these Kubernetes objects:
```text
namespaces
└── aws-infra-dev
└── provider # AWS provider configuration
└── provider-creds # AWS provider account credentials
└── rds-mysql-standard # RDS-specific class, non-portable config
└── rds-mysql-replicated # RDS-specific class, non-portable config
└── rds-postgres-standard # RDS-specific class, non-portable config
└── rds-postgres-replicated # RDS-specific class, non-portable config
```
However, cloud-specific `Resource Classes` are not portable across providers so
we need something to represent a portable class of service for use in a portable
`Resource Claim`.
The next section covers how to offer a cloud-specific `Resource Class` as a
portable class of service, so an app team can provision managed services using
`kubectl` in a portable way.
## B) Onboard app projects in a shared cluster
### Offer Portable Classes of Service in App Project Namespaces
[Portable Resource Classes][concept-portable-stack]
define a named class of service that can be used by portable `Resource Claims`
in the same namespace. When used in a project namespace, this enables the
project to provision portable managed services using `kubectl`.
```sh
kubectl create -f mysql-claim.yaml
```
with mysql-claim.yaml:
```yaml
apiVersion: database.crossplane.io/v1alpha2
kind: MySQLInstance
metadata:
name: mysql-claim
namespace: app-project1-dev
spec:
classRef:
name: mysql-standard
writeConnectionSecretToRef:
name: mysql-claim-secret
engineVersion: "5.6"
```
Note the portable `Resource Claim` below uses a `spec.classRef.name` of
`mysql-standard` to reference a portable `Resource Class` in the same namespace.
It has no knowledge of which cloud provider will satisfy this claim or how a
suitable cloud-specific `Resource Class` will be selected.
Adding portable classes of service to the `app-project1-dev` namespace, results in these Kubernetes objects:
```text
└── app-project1-dev
└── mysql-standard # portable MySQL class of service
└── mysql-replicated # portable MySQL class of service
└── postgres-standard # portable PostgreSQL class of service
└── postgres-ha # portable PostgreSQL class of service
```
These portable `Resource Classes` could be defined as follows for an AWS dev
environment, but alternate configurations could be provided for different
environments (staging, prod) or different cloud provider like GCP or Azure, to
satisfy the named classes of service:
mysql-standard.yaml
```yaml
apiVersion: database.crossplane.io/v1alpha1
kind: MySQLInstanceClass
metadata:
name: mysql-standard
namespace: app-project1-dev
labels:
default: true
classRef:
kind: RDSInstanceClass
apiVersion: database.aws.crossplane.io/v1alpha1
name: rds-mysql-standard
namespace: aws-infra-dev
```
mysql-replicated.yaml
```yaml
apiVersion: database.crossplane.io/v1alpha1
kind: MySQLInstanceClass
metadata:
name: mysql-replicated
namespace: app-project1-dev
classRef:
kind: RDSInstanceClass
apiVersion: database.aws.crossplane.io/v1alpha1
name: rds-mysql-replicated
namespace: aws-infra-dev
```
postgres-standard.yaml
```yaml
apiVersion: database.crossplane.io/v1alpha1
kind: PostgreSQLInstanceClass
metadata:
name: postgres-standard
namespace: app-project1-dev
labels:
default: true
classRef:
kind: RDSInstanceClass
apiVersion: database.aws.crossplane.io/v1alpha1
name: rds-postgres-standard
namespace: aws-infra-prod
```
postgres-ha.yaml
```yaml
apiVersion: database.crossplane.io/v1alpha1
kind: PostgreSQLInstanceClass
metadata:
name: postgres-ha
namespace: app-project1-dev
classRef:
kind: RDSInstanceClass
apiVersion: database.aws.crossplane.io/v1alpha1
name: rds-postgres-ha
namespace: aws-infra-prod
```
Note that some portable `Resource Classes` are marked with
[`label.default: true`][concept-default-class]
to indicate it's the default class of service for a given claim kind in the
`app-project1-dev` namespace.
`Resource Claims` can rely on the default class of service in the same namespace for a given claim kind by omitting `spec.classRef`.
Claim-based provisioning and use of default `Resource Classes` will be covered in the next section.
With multiple classes of service available in the `app-project1-dev` namespace, these Kuberntes objects would be present:
```text
namespaces
└── aws-infra-dev
└── provider # AWS provider configuration
└── provider-creds # AWS provider account credentials
└── rds-mysql-standard # RDS-specific class, non-portable config
└── rds-mysql-replicated # RDS-specific class, non-portable config
└── rds-postgres-standard # RDS-specific class, non-portable config
└── rds-postgres-replicated # RDS-specific class, non-portable config
└── app-project1-dev
└── mysql-standard # portable MySQL class of service
└── mysql-replicated # portable MySQL class of service
└── postgres-standard # portable PostgreSQL class of service
└── postgres-ha # portable PostgreSQL class of service
```
## C) Deploy Wordpress with a managed MySQLInstance
### Provision a MySQLInstance from kubectl
Managed services can be provisioned in a portable way using `kubectl`, with the
`app-project1-dev` namespace populated with available classes of service.
```sh
kubectl create -f mysql-claim.yaml
```
with mysql-claim.yaml:
```yaml
apiVersion: database.crossplane.io/v1alpha2
kind: MySQLInstance
metadata:
name: mysql-claim
namespace: app-project1-dev
spec:
classRef:
name: mysql-standard
writeConnectionSecretToRef:
name: mysql-claim-secret
engineVersion: "5.6"
```
The `spec.classRef` can be omitted from a `Resource Claim` to rely on the
default class of service in the same namespace.
```yaml
apiVersion: database.crossplane.io/v1alpha2
kind: MySQLInstance
metadata:
name: mysql-claim
namespace: app-project1-dev
spec:
writeConnectionSecretToRef:
name: mysql-claim-secret
engineVersion: "5.6"
```
The `Binding Status` of a `Resource Claim` will indicate `Bound` when the
underlying managed service has been provisioned and the connection secret is
available for use.
```sh
kubectl get mysqlinstances -n app-project1-dev
```
Output:
```sh
NAME STATUS CLASS VERSION AGE
mysql-claim Bound mysql-standard 5.6 11
```
### Securely consume the MySQLInstance from a Wordpress Deployment
```sh
kubectl create -f wordpress-app.yaml
```
with wordpress-app.yaml:
```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress-deployment
namespace: app-project1-dev
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
template:
metadata:
labels:
app: wordpress
spec:
containers:
- name: wordpress
image: wordpress:4.6.1-apache
env:
- name: WORDPRESS_DB_HOST
valueFrom:
secretKeyRef:
name: mysql-claim-secret
key: endpoint
- name: WORDPRESS_DB_USER
valueFrom:
secretKeyRef:
name: mysql-claim-secret
key: username
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-claim-secret
key: password
ports:
- containerPort: 80
name: wordpress
---
apiVersion: v1
kind: Service
metadata:
name: wordpress-service
namespace: app-project1-dev
labels:
app: wordpress
spec:
ports:
- port: 80
selector:
app: wordpress
type: LoadBalancer
```
### Cleanly Delete Wordpress and the MySQLInstance
```sh
kubectl delete -f wordpress-app.yaml
kubectl delete -f mysql-claim.yaml
```
# Summary
In this example we saw how to:
* Add Crossplane to a managed Kubernetes cluster.
* Install a cloud provider Stack for GCP, AWS, or Azure to add managed service provisoining.
* Define cloud-specific classes of service in an infrastructure namespace.
* Offer portable classes of service in an app project namespace.
* Provision a managed MySQLInstance using kubectl.
* Securely connect to the MySQLInstance from a Wordpress Deployment.
* Cleanly delete all resources.
After one-time setup was done and app projects were onboarded into the shared
cluster, managed services could be provisioned using `kubectl` with portable
claims in a project namespace.
Resources were configured in infrastructure and app project namespaces:
```text
namespaces
└── aws-infra-dev
└── provider # AWS provider configuration
└── provider-creds # AWS provider account credentials
└── rds-mysql-standard # RDS-specific class, non-portable config
└── rds-mysql-replicated # RDS-specific class, non-portable config
└── rds-postgres-standard # RDS-specific class, non-portable config
└── rds-postgres-replicated # RDS-specific class, non-portable config
└── app-project1-dev
└── mysql-standard # portable MySQL class of service
└── mysql-replicated # portable MySQL class of service
└── postgres-standard # portable PostgreSQL class of service
└── postgres-ha # portable PostgreSQL class of service
└── mysql-claim # portable MySQL claim for mysql-standard class of service
└── mysql-claim-secret # generated secret to access database
└── wordpress-deployment # standard Kubernetes deployment
└── wordpress-service # standard Kubernetes service
```
Crossplane Services brings managed service provisioning to `kubectl` and enables
cluster admins to offer multiple classes of service to accelerate app delivery
while ensuring best-practices and security in your cloud of choice.
Claim-based provisioning supports portability into different cloud environments
since the app only depends on named or default classes of service that can
provide wire-compatible managed services (MySQL, PostgreSQL, Redis, and more)
independent of how a given cloud provider satisfies the claim. Claim-based
provisioning also supports differentiated cloud services, so all managed
services can work with Crossplane.
If you have any questions, please drop us a note on [Crossplane Slack][join-crossplane-slack] or [contact us][contact-us]!
# Learn More
This guide covered deploying Crossplane into a single managed Kubernetes
cluster, and using cloud provider Stacks to provision a managed MySQL instance for
use with a Wordpress Deployment. However, this involved configuring multiple
Kubernetes objects to get a fully functioning Wordpress instance securely
deployed.
Stacks can also be used to simplify app management and automate operations. Our
next guide shows how an App Stack can automate most of the steps covered in this
guide and be run from a dedicated control plane that: (a) dynamically provisions
the target cluster, (b) provisions the managed services, and (c) deploys the app
itself with secure connectivity.
App Stacks simplify operations for an app by moving the steps covered in this guide into a Kubernetes controller that owns an app CRD (custom resource definition) with a handful of settings required to deploy a new app instance, complete with the managed services it depends on.
## Next Steps
* [Crossplane Stacks Guide][stack-user-guide] to deploy the same Wordpress instance with a
single yaml file, using the [portable Wordpress App Stack][stack-wordpress].
* [Extend a Stack][stack-developer-guide] to add more cloud services to:
[stack-gcp][stack-gcp], [stack-aws][stack-aws], or [stack-azure][stack-azure].
* [Build a new Stack][stack-developer-guide] to add more cloud providers or
independent cloud services.
If you have any questions, please drop us a note on [Crossplane Slack][join-crossplane-slack] or [contact us][contact-us]!
## References
### Concepts
* [Crossplane Concepts][crossplane-concepts]
* [Claims][concept-claim]
* [Classes][concept-class]
* [Portable Classes][concept-portable-class]
* [Default Classes][concept-default-class]
* [Workloads][concept-workload]
* [Stacks][concept-stack]
* [Stacks Design][stack-design]
* [Stacks Manager][stack-manager]
* [Stacks Registry][stack-registry]
* [Stack Install Flow][stack-install-docs]
* [Stack Package Format][stack-format-docs]
### Getting Started
* [Install Crossplane][install-crossplane]
* [Install Provider Stacks][install-provider-stacks]
* [Cloud Provider Credentials][cloud-provider-creds]
* [Crossplane CLI][crossplane-cli]
* [Crossplane CLI Docs][crossplane-cli-docs]
**GCP**
* [GCP Services Guide][gcp-services-guide]
* [GCP Stack][stack-gcp]
* [GCP Docs][gcp-docs]
**AWS**
* [AWS Services Guide][aws-services-guide]
* [AWS Stack][stack-aws]
* [AWS Docs][aws-docs]
**AWS**
* [Azure Services Guide][azure-services-guide]
* [Azure Stack][stack-azure]
* [Azure Docs][azure-docs]
### Using and Building Stacks
* [Stacks Guide][stack-user-guide]
* [Stacks Developer Quick Start][stack-quick-start]
* [Stacks Developer Guide][stack-developer-guide]
### Kubernetes
* [Kubernetes Concepts][kubernetes-concepts]
* [Kubernetes Docs][kubernetes-docs]
* [kubectl docs][kubectl-docs]
### Learn More
* [Join Crossplane Slack][join-crossplane-slack]
* [Contact Us][contact-us]
* [Learn More][learn-more]
<!-- Named links -->
[crossplane-concepts]: concepts.md
[concept-claim]: concepts.md#resource-claims-and-resource-classes
[concept-class]: concepts.md#resource-claims-and-resource-classes
[concept-workload]: concepts.md#resources-and-workloads
[concept-stack]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#crossplane-stacks
[concept-portable-class]: https://github.com/crossplaneio/crossplane/blob/master/design/one-pager-default-resource-class.md#proposal-default-class-reference-v2--claim-portability
[concept-default-class]: https://github.com/crossplaneio/crossplane/blob/master/design/one-pager-default-resource-class.md#denote-default-via-label
[kubernetes-concepts]: https://kubernetes.io/docs/concepts/
[kubernetes-docs]: https://kubernetes.io/docs/home/
[kubectl-docs]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands
[install-crossplane]: install-crossplane.md
[install-crossplane-alpha]: install-crossplane.html#alpha
[install-provider-stacks]: install-crossplane.md#installing-cloud-provider-stacks
[cloud-provider-creds]: cloud-providers.md
[crossplane-cli]: https://github.com/crossplaneio/crossplane-cli
[crossplane-cli-docs]: https://github.com/crossplaneio/crossplane-cli/blob/master/README.md
[stack-quick-start]: https://github.com/crossplaneio/crossplane-cli#quick-start-stacks
[stack-registry]: https://hub.docker.com/search?q=crossplane&type=image
[stack-design]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#crossplane-stacks
[stack-manager]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#terminology
[stack-install-docs]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#installation-flow
[stack-format-docs]: https://github.com/crossplaneio/crossplane/blob/master/design/design-doc-stacks.md#stack-package-format
[stack-user-guide]: stacks-guide.md
[stack-developer-guide]: developer-guide.md
[contact-us]: https://github.com/crossplaneio/crossplane#contact
[join-crossplane-slack]: https://slack.crossplane.io
[stack-gcp]: https://github.com/crossplaneio/stack-gcp
[stack-aws]: https://github.com/crossplaneio/stack-aws
[stack-azure]: https://github.com/crossplaneio/stack-azure
[stack-wordpress]: https://github.com/crossplaneio/sample-stack-wordpress
[gcp-services-guide]: services/gcp-services-guide.md
[aws-services-guide]: services/aws-services-guide.md
[azure-services-guide]: services/azure-services-guide.md
[aws-docs]: https://docs.aws.amazon.com/
[gcp-docs]: https://cloud.google.com/docs/
[azure-docs]: https://docs.microsoft.com/azure/
[learn-more]: learn-more.md

2
docs/master/troubleshoot.md
View File

@ -1,7 +1,7 @@
---
title: Troubleshooting
toc: true
weight: 360
weight: 260
indent: true
---
# Troubleshooting