Skip to content

Sveltos coordinating Crossplane

Sveltos, ClusterAPI and Crossplane

In this example, we will use Sveltos to coordinate with Crossplane to create a Google Cloud Storage Bucket for each managed cluster. We will then deploy an application in each managed cluster that uploads a file to the proper bucket.

The following YAML code:

  1. Creates a ClusterProfile resource that instructs Sveltos to create a Bucket Custom Resource (CR) in the management cluster.
  2. Instructs Sveltos to fetch the Bucket CR instance, and use the Bucket status url and id fields to instantiate a Pod template.
  3. Deploys the Pod in the managed cluster.

Once the Pod is deployed, it will upload a file to the my-bucket bucket.

Example

cat > crossplane_google_bucket.yaml <<EOF
---
apiVersion: config.projectsveltos.io/v1beta1
kind: ClusterProfile
metadata:
  name: deploy-resources
spec:
  clusterSelector:
    matchLabels:
      env: fv
  templateResourceRefs:
  - resource:
      apiVersion: storage.gcp.upbound.io/v1beta1
      kind: Bucket
      name: crossplane-bucket-{{ .Cluster.metadata.namespace }}-{{ .Cluster.metadata.name }}
    identifier: CrossplaneBucket
  - resource:
      apiVersion: v1
      kind: Secret
      namespace: crossplane-system
      name: gcp-secret
    identifier: Credentials
  policyRefs:
  - deploymentType: Local
    kind: ConfigMap
    name: bucket
    namespace: default
  - deploymentType: Remote
    kind: ConfigMap
    name: uploader
    namespace: default
---
apiVersion: v1
kind: ConfigMap
metadata:   
  name: bucket
  namespace: default
  annotations:
    projectsveltos.io/template: "true"
data:       
  bucket.yaml: |
    apiVersion: storage.gcp.upbound.io/v1beta1
    kind: Bucket
    metadata:
    name: crossplane-bucket-{{ .Cluster.metadata.namespace }}-{{ .Cluster.metadata.name }}
    labels:
      docs.crossplane.io/example: provider-gcp
      clustername: {{ .Cluster.metadata.name }}
      clusternamespace: {{ .Cluster.metadata.namespace }}
    spec:
      forProvider:
        location: US
      providerConfigRef:
        name: default
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: uploader
  namespace: default
  annotations:
    projectsveltos.io/template: "true"
data:
  secret.yaml: |
    apiVersion: v1
    kind: Secret
    metadata:
      name: gcs-credentials
      namespace: default
      annotations:
        bucket: "{{ (getResource "CrossplaneBucket").status.atProvider.url }}"
    type: Opaque
    data:
      service-account.json: {{ $data:=(getResource "Credentials").data }} {{ (index $data "creds") }}
  pod.yaml: |
    apiVersion: v1
    kind: Pod
    metadata:
      name: create-and-upload-to-gcs
      namespace: default
      annotations:
        bucket: {{ (getResource "CrossplaneBucket").status.atProvider.url }}
    spec:
      containers:
      - name: uploader
        image: google/cloud-sdk:slim
        command: ["bash"]
        args:
          - "-c"
          - |
            echo "Hello world" > /tmp/hello.txt
            gcloud auth activate-service-account --key-file=/var/run/secrets/cloud.google.com/service-account.json
            gsutil cp /tmp/hello.txt gs://{{ (getResource "CrossplaneBucket").metadata.name }}
        volumeMounts:
          - name: gcp-sa
            mountPath: /var/run/secrets/cloud.google.com/
            readOnly: true
      volumes:
        - name: gcp-sa
          secret:
            secretName: gcs-credentials
EOF