Crossplane oder: kubectl apply -f cloud-Infrastructure-as-code.yaml @ Mastering GitOps 2022

Transcript

1. qaware.de Crossplane oder: kubectl apply -f cloud-infrastructure.yaml Mario-Leander Reimer [email protected]

   @LeanderReimer

2. 2 Mario-Leander Reimer Principal Software Architect @LeanderReimer #cloudnativenerd #qaware

3. Dev Ops

4. https://commons.wikimedia.org/w/index.php?curid=22237 71 “Tear down this wall!”

5. None

6. We architect, build and run the PaaS and application layers.

   We architect and build the IaaS and CaaS layers. QAware | 6 Architect Build Run IaaS (AWS EC2, NLB, ALB, ...) Amazon CloudWatch AWS IAM Amazon EC2 Amazon EBS Amazon Route 53 Amazon VPC Cloud-friendly & Cloud-native Applications PaaS (Software infrastructure blueprints with Helm and a Continuous Delivery Toolchain) Application-specific Software Infrastructure Amazon SNS Amazon S3 CaaS (Amazon Elastic Kubernetes Service with storage-, network- and OS-virtualization)

7. “Too much cognitive load will become a bottleneck for fast

   flow and high productivity for many DevOps teams.” QAware | 7 ▪ Intrinsic Cognitive Load Relates to fundamental aspects and knowledge in the problem space (e.g. used languages, APIs, frameworks) ▪ Extraneous Cognitive Load Relates to the environment (e.g. console command, deployment, configuration) ▪ Germane Cognitive Load Relates to specific aspects of the business domain (aka. „value added“ thinking)

8. The Platform team as a key enabler for high productivity

   of stream-aligned DevOps teams. QAware | 8 ▪ Responsible to build and operation a platform to enable and support the teams in their day to day development work. ▪ The platform aims to hide the inherent complexity to reduce the cognitive load for the other teams. – Standardization – Self-Service ▪ Fully automated software delivery is the goal! https://hennyportman.wordpress.com/2020/05/25/review-team-topologies/

9. Crossplane als Abstraktionsschicht und Glue zwischen Software Engineers und Platform

   Engineers. QAware | 9 Architect Build Run IaaS (AWS EC2, NLB, ALB, ...) Amazon CloudWatch AWS IAM Amazon EC2 Amazon EBS Amazon Route 53 Amazon VPC Cloud-friendly & Cloud-native Applications PaaS (Software infrastructure blueprints with Helm and a Continuous Delivery Toolchain) Application-specific Software Infrastructure Amazon SNS Amazon S3 CaaS (Amazon Elastic Kubernetes Service with storage-, network- and OS-virtualization) Platform Team Development Team

10. Crossplane in a Nutshell ▪ https://crossplane.io ▪ Open Source Kubernetes

    Add-on. Universal Control Plane for Cloud Infrastructure. ▪ Plattform Teams können mittels Crossplane die Cloud Infrastruktur Dienste unterstützter Provider zusammenstellen und über High-Level Self-Service APIs bereitstellen. ▪ Cloud Infrastruktur Dienste können von Anwendungs-Teams deklarativ definiert werden ▪ Provider bündeln eine Menge an Managed Resources und den dazugehörigen Controller. Alle gängigen Cloud Provider werden unterstützt, e.g. AWS, GCP, Azure, Alibaba, … ▪ Managed Resources sind granulare, hochgenaue Crossplane-Repräsentationen einer Ressource in einem externen System. ▪ Composite Resource Definitionen oder XRDs ermöglichen die Definitionen neuer Abstraktionen für zusammengesetzte Managed Resources. ▪ Configurations und Packages erlauben die einfache Definition, Verteilung und Aktualisierung von XRDs und deren Abhängigkeiten. QAware | 10

11. Examples for Managed AWS Resources QAware | 11 apiVersion: sqs.aws.crossplane.io/v1beta1

    kind: Queue metadata: name: test-queue.fifo labels: region: eu-central-1 spec: deletionPolicy: Delete forProvider: region: eu-central-1 contentBasedDeduplication: true delaySeconds: 3 fifoQueue: true # 2 KB message size maximumMessageSize: 2048 # 5 minutes messageRetentionPeriod: 300 providerConfigRef: name: providerconfig-aws apiVersion: s3.aws.crossplane.io/v1beta1 kind: Bucket metadata: name: mastering-gitops annotations: crossplane.io/external-name: mastering-gitops-eu-central-1 labels: region: eu-central-1 spec: deletionPolicy: Delete forProvider: acl: private locationConstraint: eu-central-1 serverSideEncryptionConfiguration: rules: - applyServerSideEncryptionByDefault: sseAlgorithm: AES256 providerConfigRef: name: providerconfig-aws

12. https://github.com/qaware/mastering-gitops

13. Conceptual Showcase Architecture QAware | 13 Provision

14. Composite Resource Definitions (XRDs) in a Nutshell QAware | 14

15. qaware.de QAware GmbH Aschauer Straße 32 81549 München Tel. +49

    89 232315-0 [email protected] twitter.com/qaware linkedin.com/company/qaware-gmbh xing.com/companies/qawaregmbh slideshare.net/qaware github.com/qaware