×
Community Blog Deploying Alibaba Cloud Infrastructure from Kubernetes with Crossplane

Deploying Alibaba Cloud Infrastructure from Kubernetes with Crossplane

This article describes how to create cloud infrastructure services on Alibaba Cloud from Kubernetes with Crossplane.

By Eneko Perez

Introduction

Kubernetes has been a wonderful tool for orchestrating microservices. It provides multiple resources for managing applications, networking, security, storage, etc. However, these applications often need external resources, most likely available on the cloud. That integration between Kubernetes and the cloud infrastructure is something that different open-source projects and companies are trying to provide. This article focuses on Crossplane, one of the most popular open-source projects to achieve this feat.

What is Crossplane?

Crossplane is an open-source Kubernetes add-on designed to provision cloud infrastructure from the Kubernetes API. It is also an incubating Cloud Native Computing Foundation project. The most significant feature of Crossplane is the ability to expose a unique consistent interface to public cloud services.

Deploying Alibaba Cloud Infrastructure from Kubernetes with Crossplane

The following step-by-step guide explains the capabilities of Kubernetes and Crossplane to create infrastructure or cloud resources from Kubernetes into the cloud. We will explain an example use case of creating a bucket on Alibaba Cloud as we would create any other object in Kubernetes.

  • Step 1: Download and install Crossplane for the Alibaba Cloud provider.
  • Step 2: As the documentation for the Alibaba Cloud provider for Crossplane suggests, you have to spin up Kubernetes in the Docker cluster. Once the cluster is ready, you have to prepare the environment adding the helm repository, cloning the mentioned GitHub project and exporting the variables with the access key and secret from the Alibaba Cloud account:
helm repo add crossplane-master https://charts.crossplane.io/master/
git clone git@github.com:crossplane/addon-oam-kubernetes-local.git ../addon-oam-kubernetes-local
export ACCESS_KEY_ID=<your-access-key-id>
export ACCESS_KEY_SECRET=<your-access-key-secret>
  • Step 3: Build a docker image for the provider by running the following command: docker build . -t ${IMG} -f ./hack/demo/Dockerfile
  • Step 4: Upload the image created in Step 3 to the cluster: kind load docker-image $(IMG) || { echo >&2 "kind not installed or error loading image: $(IMG)"; exit 1; }
  • Step 5: Install the CRDs needed to create the different objects on Alibaba Cloud: kubectl apply -f ./package/crds
  • Step 6: At this stage, the Alibaba Cloud provider only supports certain resources to be created. In my case, I will create an OSS bucket. Now, you have to generate a secret with the credentials for Alibaba Cloud using the environment variables exported previously: ./hack/demo/prepare-alibaba-credentials.sh
  • Step 7: Once the secret with Alibaba Cloud’s credentials is created on Kubernetes, we will deploy the provider configuration: kubectl apply -f ./examples/provider.yaml
  • Step 8: Next, install the Crossplane components: ./hack/demo/helm_install_crossplane_master.sh

This is how the provider configuration looks like in the system:

apiVersion: alibaba.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
  creationTimestamp: "2021-10-17T18:57:35Z"
  finalizers:
  - in-use.crossplane.io
  generation: 2
  name: default
  resourceVersion: "18901"
  uid: f9be0e2a-3322-4ec9-a227-56b7d564347b
spec:
  credentials:
    secretRef:
      key: credentials
      name: alibaba-account-creds
      namespace: crossplane-system
    source: Secret
  region: cn-hongkong
status:
  users: 2
  • Step 9: With the credentials, CRDs, and Crossplane deployed and the provider configuration already present in the cluster, now, you have to create new resources on Alibaba Cloud through the cluster. The following definition will create an OSS bucket on Alibaba Cloud:
apiVersion: oss.alibaba.crossplane.io/v1alpha1
kind: Bucket
metadata:
  name: oss-crossplane-aliyun-test-ep
spec:
  acl: private
  storageClass: Standard
  dataRedundancyType: LRS
  writeConnectionSecretToRef:
    name: oss-crossplane-aliyun-test-ep
    namespace: default

This will create a secret with the credentials and connection information for this bucket as well.

  • Step 10: To create the OSS bucket, run the following command: kubectl apply -f bucket.yaml
  • Step 11: Log in to your Alibaba Cloud account, go to the OSS console, and you will find your recently created bucket:

1

0 1 1
Share on

Alibaba Cloud Community

1,057 posts | 259 followers

You may also like

Comments

Alibaba Cloud Community

1,057 posts | 259 followers

Related Products

  • Container Service for Kubernetes

    Alibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.

    Learn More
  • CloudBox

    Fully managed, locally deployed Alibaba Cloud infrastructure and services with consistent user experience and management APIs with Alibaba Cloud public cloud.

    Learn More
  • Function Compute

    Alibaba Cloud Function Compute is a fully-managed event-driven compute service. It allows you to focus on writing and uploading code without the need to manage infrastructure such as servers.

    Learn More
  • ACK One

    Provides a control plane to allow users to manage Kubernetes clusters that run based on different infrastructure resources

    Learn More