Crossplane is a cloud-native control plane framework that allows users to provision and manage cloud infrastructure without code, facilitating developer self-service. Since its launch in 2018, Crossplane has evolved significantly, reaching a v1.14 release and opening a graduation proposal, showcasing its ability to create higher-level abstractions from managed resources. The project promotes collaboration among vendors and individuals, boasting around 1,900 contributors and adoption by major organizations like NASA and VMware.

1. https://crossplane.io
Jared Watts, Upbound
Crossplane
Graduation Review

2. ● Framework to build your own cloud native control planes
○ No need to write any code (but you can)
● Cloud providers manage their own infrastructure with a
control plane
○ Crossplane helps you build your own - with your own opinions
● Provision and manage all of your cloud infrastructure and
resources from your control plane
● Compose resources into higher level abstractions that enable
developer self-service provisioning
What is Crossplane?

3. CNCF Project History
● Crossplane is a neutral place for vendors and individuals to come
together in enabling control planes
● Launched in Dec 2018 by creators of CNCF graduated Rook
project
○ Accepted into Sandbox in June 2020
○ First major “stable” milestone v1.0 released in Dec 2020
○ Moved to Incubation September 2021
○ v1.14 most recent release - biggest release to date
○ Graduation proposal now open!
■ https://github.com/cncf/toc/pull/1254

4. The Basics
Managed Resources

5. Managed Resources Example: AWS
https://marketplace.upbound.io/providers/upbound/provider-family-aws
Networking
Databases
Kubernetes Clusters
IAM
VMs
Message Queues
Caches
Certificates
…and much more…

6. Managed Resources

7. Managed Resources
Managed Resources
Generate K8s Events
Status contains values
returned from the remote
API and the condition of
the resources.

8. Managed Resource Reconciliation
● Controllers reconcile these CRDs with cloud provider and
on-prem APIs (e.g., GCP, AWS, or any API really)
Kubernetes Control Plane
S3
api-server
S3 controller
apiVer: aws/v1
kind:Bucket
spec:
forProvider:
acl: private
...
watches
apply
AWS
API

9. Control Plane Internal Stack
Kubernetes Runtime
Kubernetes API Machinery
Controller Runtime
Crossplane Runtime
Controller
Controller
Controller
Run Workloads, Ingress,
RBAC
Manage External APIs
Create/Update/Delete
Custom Logic
CRDs, OpenAPI,
Persistence (etcd)
Event, Watch, Request,
Reconciliation
Controller

10. Building Your Control
Plane
Composition

11. Build your own Platform API
● Assemble granular resources, e.g. from multiple clouds.
● Expose as higher level self-service API for your app teams
○ Compose GKE, NodePool, Network, Subnetwork
○ Offer as a single Cluster abstraction (API) with limited config for
developers to self-service
● Hide infrastructure complexity and include policy guardrails
● All with K8s API - compatible with kubectl, GitOps, etc.
● No code required (unless you want), it’s all declarative

12. Claim
Configuration
XRD
Composite Resource
Definition
Composition
Provider
Managed Resource
Managed Resource
Managed Resource
Managed Resource
Managed Resource
Managed Resource
App Dev Platform Engineer

13. Small
PostgreSQL
Configuration
XRD
Composite Resource
Definition
AWS
Composition
provider-aws
Managed Resource
Security Group
Managed Resource
DB Parameter
Group
Managed Resource
RDS Instance
App Dev Platform Engineer

14. Composite Resources
Standard openAPIV3
Schema
Custom API Group
First create Composite
Resource Definition
(XRD) to declare our
custom platform API

15. Compositions
Then we define a
Composition which
implements XRD
List of Managed Resources
to Compose
XRD reference

16. Patches
Patches enable propagation
of data from Composite
Resource (XR) down to
composed Managed
Resources (MR)
Map transform to
manipulate the config data
Copy of value from XR
spec down to MR spec

17. Composition Functions

18. ● No iteration. No conditionals. No templates.
● No advanced logic other than simple patch & transforms
● List of resources is static
● No ability to call external APIs to get values
● and others…composition is not a programming language
○ We didn’t want to grow a DSL expressed in YAML
Limitations of Composition

19. ● Run a pipeline of simple functions
● Written in your language of choice with any logic your use case needs
● Sweet spot between “no code” ←→ building an entire controller
○ Focus on your platform’s unique needs only
○ Crossplane still does the heavy lifting of CRUD-ing resources,
finalizers, owner refs, etc
● You don’t have to write any code to start using functions
○ Reusable functions that are generally useful
○ e.g., helm/go templates, CUE scripts, etc.
What can Functions do?

20. Writing Functions - Go

21. Using Functions - for loop (go templates)

22. Using Functions - if conditionals (CUE)

23. ● Published Roadmap: crossplane/crossplane/ROADMAP.md
● Mature high impact APIs to v1/Stable (Functions, Management
Policies, Usage)
● Continue investment to improve Developer Experience #4676
○ shift-left: easier/faster to build your platform “correct” first try
● Day 2 operations functions #4729
● Build an entire platform in your language of choice #5172
Roadmap

24. ● Governance has been in place since before Sandbox
○ crossplane/crossplane/GOVERNANCE.md
● Steering committee responsible for overall vision, health, and
success of the project
○ Apple, Nokia, and Upbound
○ Oversight, conflict resolution, vetoes across entire ecosystem
● Autonomous maintainer teams per repository
○ Make local decisions, merge PRs, triage and keep healthy flow
Community and Governance

25. Project and Community Stats
● 1,900 contributors to the project
● Top 10% of all CNCF projects for PR authors (18th out of 173)
● Since Incubation
○ PR authors up 3x from 184 to 660+
○ Companies contributing up 3x from 105 to 338+
○ 120+ companies with “committers” (maintainers w/ write perms)
● In use by several end-user organizations in production and at
scale (ADOPTERS.md)
○ Nike, Autodesk, Grafana, NASA Science Cloud, Elastic, SAP, IBM,
VMWare Tanzu, Nokia, etc.

26. ● Radius
○ Probably more overlap than indicated in sandbox#65, both are focusing on abstractions
for developer self-service
○ Radius focuses more on application model
■ Recipes: limited support in recipes right now, doesn’t appear to be user definable
○ Crossplane focuses more on infrastructure
■ Compositions: platform team completely defines their own custom abstractions
and implementations
● Score
○ Container workload focused only
○ Abstractions for app environments (Helm, Docker Compose, Cloud Run)
○ Doesn’t support infrastructure building blocks (VPCs, IAM, databases, etc.)
Project Comparison

27. Demo - Example Platform
https://github.com/jbw976/platform-demo

28. Demo - Functions
https://github.com/jbw976/xfn-demo

29. Questions?