Overview
Add a new optional lab (LAB06) focused on deploying cloud resources using Crossplane. This lab sits alongside LAB05 as an optional specialization track, requiring only LAB01–03 as prerequisites.
Lab Structure
Introduction
- What Crossplane is and what makes it unique (control plane approach, CRDs as the API, Compositions/Claims as the abstraction model)
- Brief positioning vs ASO (LAB03) and Terranetes (LAB05): when to reach for each tool
- What we'll build: Azure ResourceGroup + StorageAccount, then abstracted via a Composition so developers use a simple Claim
Part 1 – Install Crossplane
- Install Crossplane via Helm into the Kind cluster
- Verify pods are running
- Install the Crossplane CLI / kubectl plugin
Part 2 – Configure the Azure Provider
- Install
upbound/provider-family-azure (official Upbound provider)
- Create a ProviderConfig with Azure credentials (reuse the Service Principal from LAB03)
- Verify the provider is healthy
Part 3 – Deploy Managed Resources Directly
- Create a
ResourceGroup Managed Resource (MR)
- Create a
StorageAccount Managed Resource
- Watch them reconcile against Azure (
kubectl describe, Azure portal)
- Understand the direct MR → Azure cloud resource mapping
Part 4 – Create a Composition (the Crossplane superpower)
- Define an XRD (CompositeResourceDefinition) that describes an AppStorage concept
- Create a Composition that maps AppStorage → ResourceGroup + StorageAccount MRs
- Provision a Composite Resource (XR) directly to verify the Composition works
Part 5 – Self-Service with Claims + ArgoCD
- Expose the XRD as a Claim so application teams use a simplified API
- Create a Claim YAML in a Git repo
- Add an ArgoCD Application that syncs Claims from Git
- End-to-end flow: Git commit → ArgoCD sync → Crossplane reconciles → Azure resources appear
Part 6 (Stretch) – Add the GitHub Provider
- Install
crossplane-contrib/provider-github
- Create a ProviderConfig using a GitHub PAT (reuse setup pattern from LAB05)
- Provision a GitHub repository as a Managed Resource
- Demonstrates Crossplane's multi-provider strength: one Claim can trigger Azure + GitHub resources
Cleanup
- Delete Claims/XRs (Crossplane cascades deletes to Managed Resources and Azure)
- Uninstall providers
Files to Create
| File |
Description |
LAB06.md |
Full lab instructions (same style as LAB03/LAB05) |
lab06/ |
Sample manifests: XRD, Composition, example Claim, ArgoCD Application, ProviderConfig template |
README.md |
Add LAB06 to the Optional Labs section |
Key Design Decisions
| Decision |
Choice |
Reason |
| Provider |
upbound/provider-family-azure |
Best-maintained, broadest CRD coverage |
| Credentials |
Service Principal JSON secret |
Consistent with LAB03 |
| Demo resource |
Azure Storage Account |
Same as LAB03 — lets participants compare ASO CRDs vs Crossplane Claims |
| GitOps integration |
ArgoCD Application pointing at a Claims folder |
Consistent with LAB02 self-service pattern |
| Stretch goal |
GitHub provider |
Multi-provider demo without needing extra cloud accounts |
Prerequisites for Participants
- ✅ LAB01: Kind cluster + ArgoCD running
- ✅ LAB02: Self-service GitOps repo + ArgoCD ApplicationSets
- ✅ LAB03: Azure Service Principal + Azure CLI configured
