Crossplane Tutorial (vs Terraform): Create AWS VPC - EKS - IRSA - Cluster Autoscaler - CSI Driver #1
Vložit
- čas přidán 23. 07. 2024
- 🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
▬▬▬▬▬ Experience & Location 💼 ▬▬▬▬▬
► I’m a Senior Software Engineer at Juniper Networks (12+ years of experience)
► Located in San Francisco Bay Area, CA (US citizen)
▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
► LinkedIn: / anton-putra
► Twitter/X: / antonvputra
► GitHub: github.com/antonputra
► Email: me@antonputra.com
▬▬▬▬▬▬ Related videos 👨🏫 ▬▬▬▬▬▬
👉 [Playlist] Kubernetes Tutorials: • Kubernetes Tutorials
👉 [Playlist] Terraform Tutorials: • Terraform Tutorials fo...
👉 [Playlist] Network Tutorials: • Network Tutorials
👉 [Playlist] Apache Kafka Tutorials: • Apache Kafka Tutorials
👉 [Playlist] Performance Benchmarks: • Performance Benchmarks
👉 [Playlist] Database Tutorials: • Database Tutorials
▬▬▬▬▬▬▬ Timestamps ⏰ ▬▬▬▬▬▬▬
0:00 Intro
3:48 Install Crossplane on Kubernetes
5:44 Create S3 Bucket using Crossplane
14:02 Create AWS VPC using Crossplane
24:44 Create EKS Cluster using Crossplane
32:12 Create OpenID Connect Provider (OIDC)
34:18 Deploy EBS CSI driver
40:56 Deploy Cluster Autoscaler
▬▬▬▬▬▬▬ Source Code 📚 ▬▬▬▬▬▬▬
► GitHub: github.com/antonputra/tutoria...
#Crossplane #AWS #EKS - Věda a technologie
🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
You put so much effort to teach us
Hats off to your hardwork.
Thank you, Prashant!❤
Once again, great work! I am not a DevOps, but your videos are sufficient enough for me to get up to speed with the work I need to do.
Thank you! I'll refresh the Crossplane tutorial soon since there are some updates, such as pod identities, which will make it much easier to use Crossplane.
The best CZcams channel for these kinds of topics!!!
❤️
@AntonPutra, thank you very much for this content. I have searched for a detailed video on the usage of crossplane on youtube, You actually nailed it.
Thank you, Taiwo Lawal. I think nowadays most people would like to provision Kubernetes and use all the features and integrations that it provides.
First of all thanks for yet another great video - looking forward to learn a lot from it.
Looking at the possibilities I get goosebumps. Being able to not only associate a service account with iam roles but to also create the trust relationships, create a s3 bucket, setup rds credentials store them in secrets manager and reference them with external secrets operator all managed in argocd.
Brings us close to a internal developer platform. All what is left is a easy to use UI
Thanks Thomas!
I was waiting for this video
working on another one: compositions, import existing infra and some other more advanced features
Thrilled to watch tutorials on cutting-edge technologies! Your content is invaluable. Keep up the amazing work!@@AntonPutra
@@mhmdbahja Thank you! Appreciate it!
Excellent tutorial . Thank you teacher , Guru 🙏🏻
THank you, Mohit!❤
Thank you so much! It helped a lot!
welcome!
Thank you! Can you continue the crossplane video series? Like Composition, convert the existing code you used to the Helm chart.
Thank you!
My pleasure! I'll update this lesson soon to incorporate pod identities and refresh the rest of it with new API versions.
You are great! I recommend your channel to everyone 😊 great videos!
Does crossplane support all same resources and their settings that are available in Terraform AWS provider? What about other providers? Or it supports only a small set?
Thank you Юрий! Well, my understanding that Crossplane AWS provider is based on the official Terraform provider, so I think there is a small lag between new feature in AWS -> implementation in AWS terraform provider -> Adoption in Crossplane provider as a custom resource
Thank you so much for your lovely efforts, do you have any basic tutorial about cross plane use cases how to use and when to use?
You can use it to manage your cloud and not only infrastructure; essentially, anything you can do with Terraform, you can do with Crossplane.
@@AntonPutra so we can provision the entire infrastructure, manage the kubernetes objects using corssplane as well?
@@viswaviswa8616 You can manage Kubernetes objects with helm Crossplane provider but I would recommend to use ArgoCD or Flux for that purpose
Excellent video.
I have a question, how do you create those animated diagrams?
Thanks! Adobe suite
Hi Anton Putra, nice video! TY!
I have a question:What would be a best practice for using AWS Admin credentials in production? Use IAM Role?
Thanks you! The best practise never use admin anywhere😊
Always follow the least privilege principle. For production create multiple IAM roles with different access such as read/write/destroy and use them in different parts of pipeline or grant them to different users. Only few selected users should be able to "write" and "destroy". Ideally everything must be under git control and Terraform runs only on PRs or merges. Take a look on Atlantis.
I forgot that it's about Crossplane but you get a point lol
So, to create a Kubernetes cluster you need an another cluster 😀 By the way, what the benefits do to use Crossplane to compare with Terraform/Terragrunt or AWS CDK?
Yes, it's a chicken and egg problem. Moreover, I wouldn't place all my environments in a single Kubernetes cluster; meaning, for production, I would use different host Kubernetes clusters, each with different levels of access. The biggest benefit is the reconciliation loop of Kubernetes. Compared to Terraform, Crossplane will detect any drift if someone manually updates the infrastructure and will reapply it to match your YAML.
@AntonPutra
How to use Crossplane with K8S on Bare metal?
Thank you so much for your efforts.
Thank you. If you are referring to a host, it functions the same as Minikube. However, if you are asking about managing bare metal clusters or VMware, you need to search for the specific provider here: marketplace.upbound.io/providers or build one.
Is it possible here to do something that we could do with terraform outputs? Like get output fin another resource and use it in the current one?
Not yet, they use different mechanism for cross reference - github.com/crossplane/crossplane/blob/master/design/one-pager-cross-resource-referencing.md
Which video shows how to update the aws-auth config map to allow more users to access the cluster. i can't find one on your channel.
Sure, this one - czcams.com/video/aIpHYYcR7oU/video.html
In which use cases or scenarios do you think Crossplane offers significant advantages over Terraform?
1. Detects the drift and corrects it.
2. Simpler and easier to use, especially for those without experience with Terraform.
3. Avoids team disputes over what to include in a Terraform module and how to structure the code.
@@AntonPutraregarding p.3, would not the team dispute what to include in crossplane now? 😅
@@user-hv3hg9gp5o Well, crossplane compositions are much simpler then Tf modules. In the future I guess😊
It looks cool at first, but I see several hardcoded IDs retrieved manually from the AWS console:
- account ID
- OIDC fingerprint
I'm wondering how could those be fetched dynamically.
Another thing i don't get right now: In terraform i can factorize common code in modules; Achieving the same with those plain yaml manifests would require the usage of some kind of templating system: Helm, kustomize. Correct?
1. As I mentioned in the video, not everything can be automated with Crossplane yet; some steps are manual, and if you need 1-click deployment, Terraform is the better choice.
2. Crossplane has a notion of Compositions that allow you to combine multiple Managed Resources such as VPC & Subnets into one, which is somewhat similar to a Terraform module.
3. You can also use Helm and Kustomize to combine multiple resources and share values.
@@AntonPutra thx for the hints!
You added providerConfigRef (name: default) only one time for the s3 bucket and didn't do it for other resources. Is it because you created "ProviderConfig" with "default" name and it will be used automatically, or there is another reason?
Yes, it defaults to "default".
"If providerConfigRef isn’t applied, Providers use the ProviderConfig named default."
Here is a link - docs.crossplane.io/latest/concepts/managed-resources/#providerconfigref
I have repeated the same steps with provider version 0.40 but I'm unable to create a cluster. It's shows the sync status as false.
try to get logs from crossplane components/provider, you may get more info. They to "kubectl describe ..." as well
Audio bug at 29:45...here you just define x2
thanks, probably missed it
@@AntonPutra 💪keep on rocking!
@@Daveooooooooooo0 will do :)
very good video!
thanks!
I checked your GitHub but didn’t find this lesson 176. Do you mind making it public after removing your AWS secrets ?