NashTech Insights

Get in touch

Employing GitOps for Infrastructure and Applications Utilizing Crossplane and Argo CD

Picture of Le Cao
Le Cao
Table of Contents

Key takeaways:

The fundamental objective of DevOps is to facilitate self-service capabilities and foster collaboration between developers and operators. By integrating Crossplane within a GitOps framework, both groups now share a unified language for communication.

This eliminates the necessity for disparate workflows that might cause confusion for either party. Embracing a unified workflow for both infrastructure and applications truly embodies the ethos of DevOps.

GitOps and Terraform

The core tenets of GitOps encompass:

  1. The system’s configuration is articulated in a declarative manner, typically realized through Kubernetes manifests.
  2. The system’s definition is versioned and subjected to audit trails, typically stored within Git repositories.
  3. An automated software agent regularly fetches the state from Git and aligns it with the platform’s current state, commonly achieved through tools like Flux or ArgoCD.
  4. Continuous reconciliation ensures that any alterations made in Git are promptly mirrored within the system. Git serves as the authoritative source of truth in this context.

If you’re familiar with Terraform, you likely understand the challenges of applying GitOps to the Terraform CLI. Terraform meets the first requirement by utilizing a declarative format. However, it falls short in fulfilling the other three GitOps principles related to Git storage, automated reconciliation, and bidirectional synchronization.

Once Terraform completes its execution, it disengages from the system. Therefore, if you manually remove a resource, such as a Virtual Machine created by Terraform, the vanilla Terraform setup remains unaware of the change. Additionally, Terraform maintains its own state, which differs entirely from the definition files stored in Git.

Initially, integrating GitOps with infrastructure might seem complex. It becomes evident that to meet GitOps prerequisites, additional layers need to be incorporated atop vanilla Terraform.

However, there’s a newcomer on the scene: Crossplane!

GitOps and Crossplane

Crossplane offers capabilities akin to Terraform in creating infrastructure, yet it stands out with significant distinctions:

  1. Crossplane operates as a Kubernetes application, allowing it to generate various types of infrastructure.
  2. Definitions within Crossplane are Kubernetes manifests, aligning seamlessly with Kubernetes-native practices.
  3. Users have the flexibility to leverage manifests describing resources from popular cloud providers or craft custom resources tailored to their specific needs.

As a simple example here is an EC2 instance described in Crossplane:

apiVersion: ec2.aws.crossplane.io/v1alpha1
kind: Instance
metadata:
  name: ec2-instance
spec:
  forProvider:
    region: us-east-1
    imageId: ami-0d23d3e4c0f9ebd1843
    securityGroupRefs:
      - name: ex-cluster-sg
    subnetIdRef:
      name: sample-subnet1  
  providerConfigRef:
    name: example

The crucial aspect here is that the provided file adheres to the standard Kubernetes manifest format. Consequently, you can:

  • Deploy it using kubectl.
  • Validate its syntax and structure using manifest verification tools like kubeval or kube-linter.
  • Utilize templating functionalities with Helm or Kustomize.
  • Employ any tool within the Kubernetes ecosystem for reading, managing, or storing it.

Given its standard manifest format, you can effortlessly store it in Git and manage it seamlessly with ArgoCD, enabling a comprehensive GitOps workflow. This capability holds immense significance.

By integrating ArgoCD with Crossplane, you establish a comprehensive solution for applying GitOps principles not just to applications but also to infrastructure. Envision having this capability directly accessible within your ArgoCD dashboard.

How ArgoCD and Crossplane work together

Crossplane simplifies the process of modeling your infrastructure using Kubernetes manifests. While this is beneficial on its own, incorporating ArgoCD into the equation offers numerous advantages, essentially bringing all the benefits of GitOps to your infrastructure management.

  1. Clear Visibility: You have a comprehensive overview of your infrastructure simply by examining the Git repository.
  2. Change Tracking: By analyzing the Git history, you can precisely identify what alterations were made and when they occurred.
  3. Synchronization: The state of your infrastructure perfectly aligns with the state stored in Git. Unlike Terraform, which maintains its own state as the single source of truth, Crossplane ensures consistency between infrastructure and Git states.
  4. Enhanced Security: External credentials become unnecessary, streamlining the authentication process.
  5. Rollback Capability: Reverting to a previous version of your infrastructure is effortless with Git’s reset or revert functionalities.
  6. Elimination of Configuration Drift: By embracing GitOps, you mitigate the risks associated with configuration drift, ensuring that your infrastructure remains consistent and compliant.

ArgoCD essentially remains agnostic regarding the content of the Kubernetes manifests it oversees. These manifests can encompass a wide array of resources, including standard Kubernetes applications, virtual machines, container registries, load balancers, object storage configurations, firewall rules, and more.

Implementing infrastructure creation and deployment through GitOps

Now that we’ve established the seamless integration of ArgoCD and Crossplane for infrastructure management, we’re poised to extend this synergy to application and platform management.

This entails the following workflow:

  1. Starting from Scratch: Begin with a clean slate.
  2. Utilizing Crossplane for Cluster Provisioning: Employ Crossplane to instantiate a Kubernetes cluster.
  3. Version Control and Management with ArgoCD: Commit the Crossplane manifest to version control and administer it through ArgoCD.
  4. Application Deployment Using Standard Manifests: Deploy an application to the newly provisioned cluster using a standard manifest (e.g., deployment).
  5. Git-Based Management: Similarly, commit this application manifest to Git. ArgoCD will then oversee it akin to any other Kubernetes manifest, despite its representation of infrastructure components.

Here is the whole workflow:

The Kubernetes cluster where Crossplane operates serves solely to initialize Crossplane itself; it doesn’t host any production workloads. For basic demonstrations, this cluster can be any instance, including a local one running on your workstation.

The outcome is a unified approach to managing both infrastructure and applications directly through Argo CD.

Picture of Le Cao

Le Cao

I am Engineering Manager at NashTech Vietnam. I have been with the company for over 10 years and during this time, I have gained extensive experience and knowledge in the field of .NET, Frontend and DevOps. My primary responsibilities include managing and overseeing the development, testing, and deployment of software applications to ensure high quality and reliable products are delivered to our clients. I am passionate about exploring new technologies and implementing best practices to improve our development processes and deliverables. I am also dedicated to fostering a culture of collaboration and innovation within our team to achieve our goals.

Leave a Comment

Your email address will not be published. Required fields are marked *

Suggested Article

Insomnia: The Ultimate API Testing Tool

Insomnia: The Ultimate API Testing Tool

ByTuan Hoang Minh 2nd May 2024 Application Engineering,Quality Solutions
Navigating Sales Tax Compliance in E-Commerce: A QA Guide to Testing Origin vs. Destination-Based Sales Tax

Navigating Sales Tax Compliance in E-Commerce: A QA Guide to Testing Origin vs. Destination-Based Sales Tax

ByPhuong Vo 2nd May 2024 Quality Solutions

Lenses, Prisms and Optics in Scala

Byutkarshup 1st May 2024 Application Engineering