HomeArchitectureHow does Crossplane leverage Kubernetes CRDs to simplify DevOps?

How does Crossplane leverage Kubernetes CRDs to simplify DevOps?

As cloud-based automation has become popular, discussions about Terraform, Helm, and Pulumi have become common. With Kubernetes rising in adoption, how do you automate the lifecycle of a cloud-native application? How can it be done at scale keeping in mind all the complexity of today’s DevOps teams? To connect the dots, here is a discussion that sheds light on automating cloud-antive application using Kubernetes CRDs, and specifically the open source tool – Crossplane.

The Role of Custom Resource Definitions

So, what are Custom Resource Definitions? According to the Kubernetes Docs:
A CRD is a Kubernetes API extension unavailable in a default Kubernetes installation. It depicts a specific Kubernetes installation customization. However, several core Kubernetes functions are created through custom resources, making them highly modular.

Some Custom Resource Definition Implementers

CRDs appear to be an exotic feature that may not be used everywhere. However, CRDs are almost everywhere. If you know Calico, it is a project using CRDs. Other projects using CRD are KubeFlow and Operatorhub, which implements the Operator pattern. It is also composed of several CRDs.

Another tool that uses CRD is Crossplane. It includes a set of CRDs that helps developers deploy apps to a cluster to deliver cloud resources directly from the cluster. With Crossplane CRDs, cloud resources are handled declaratively through YAML files. Users can create resources on the CLI through kubectl.

What is Crossplane?

Crossplane is an open-source cloud-agnostic tool that helps in the management of multiple cloud platforms in a tech stack. It offers workload and resource generalization to the existing management capabilities that help offer great workload portability.

What is Crossplane

Crossplane provides complete lifecycle management of infrastructure and services to vendors, clusters, environments, and offerings.

Crossplane allows you to provide, draft and use infrastructure in any cloud service provider through the Kubernetes API. It helps create resources on the cloud through manifests and integrates them with your CI/CD pipelines. The open-source project was started by Upbound and later adopted by the CNCF.

Crossplane controls infrastructure through Kubernetes

Crossplane is used as an add-on to Kubernetes and enhances any Kubernetes cluster by provisioning and managing cloud infrastructure, services, and apps. It uses Kubernetes-preferred declarative and API-supported configuration and management to handle any infrastructure, either in the cloud or on-premise.

Using this method, infrastructure can be configured using CRDs and YAML. It is efficiently managed through tools like Kubernetes API or kubectl. Kubernetes allows outlining security controls through RBAC or policies using OPA (Open Policy Agent) executed through Gatekeeper.

With a Crossplane installation, using a Kubernetes resource controller is considered to manage the complete lifecycle: deployments, health checking, retorting to external amendments, scaling, and failover that diverges from the said configuration.

Crossplane controls infrastructure through Kubernetes

Crossplane works with CD pipelines to store application infrastructure configuration in a one-control cluster. Users can deploy, monitor, and manage resources using cloud-native continuous delivery best practices like GitOps. Crossplane helps apps and infrastructure configuration exist together on a similar Kubernetes cluster.

Open Application Model to Build Cloud-Native Apps

Originally created by Microsoft, Alibaba, and Upbound, the OAM (Open Application Model) includes a model where developers define application components. The operators create component instances and their configurations. The infrastructure operators declare, install and manage the services available on the platform.

With the Open Application Model, platform operators can offer reusable modules in Components, Scopes, and Traits. Developers can then run their apps by choosing a profile that matches their needs.

The OAM specification introductory document offers a story that discovers the lifecycle of normal application delivery.

  • The developer builds a web app.
  • The platform operator organizes application instances and constructs them with operational specifications.
  • The operator chooses the technology to handle the deployment and operations.

To submit an app, every program component is defined as a Component YAML by the developer. This file has a workload and the details required to run it.

For easy application operation, the operator marks parameter values for the components and applies operational specifications such as auto-scaling, traffic routing policy, replica size, and more in the Application Configuration.

Writing and organizing Application Configuration is the same as deploying an application. The platform helps create quick illustrations of outlined workloads and attach operational specifications to workloads as per Application Configuration specifications.

Infrastructure operators declare, install and manage the services available on the platform. For instance, the operator may choose a particular load balance when exposing any service.

The Crossplane Workflow

To make a better decision, let’s discover the workflow of Crossplane:

  • Install Crossplane and develop a Kubernetes cluster.
  • Add a provider installation and configure the credentials. It can be offered from any provider (Azure, AWS, Google)
  • A platform operator describes, creates, and publishes the infrastructure resources with YAML, leading to the addition of infrastructure CRDs to the Kubernetes API for app use.
  • An application operator combines the infrastructure and application components, the configuration, and runs the app.


Upbound offers a commercial, enterprise-grade control plane that’s based on Crossplane. Upbound works as a continuous interface between the cloud providers and platform operators by offering a consistent deployment approach. It comes with a registry of tools to enhance the signup and configuration of different resource providers. Organizations can use it to develop declarative deployments while enjoying the benefits of a CI/CD processes.

If you have questions related to this topic, feel free to book a meeting with one of our solutions experts, mail to sales@amazic.com.


Receive our top stories directly in your inbox!

Sign up for our Newsletters