Why Palette
Published 2023-05-02

New Palette Crossplane provider for easy Kubernetes clusters

Senior Software Engineer @ Spectro Cloud

If you’re like many of the customers we work with, you’re looking at technologies like Crossplane to simplify the complexity and variety of infrastructure elements you deal with.

Crossplane is an open-source “universal control plane”. It runs inside your Kubernetes cluster and enables you to declaratively control all kinds of non-Kubernetes public cloud resources (like AWS S3 storage buckets) using familiar Kubernetes commands and the Kubernetes API.


If you work in ops, Crossplane enables you to automate cloud resource management the same way you manage Kubernetes resources. Crossplane is a Kubernetes controller, so it monitors and enforces desired state across all of the cloud resources it provisions and manages, whether it’s an EC2 instance or a Mongo database.

If you’re a developer, you can use Crossplane’s declarative API to request the creation of infrastructure resources and plug it into your application without having to leave the comfort of your Kubernetes cluster. You can focus on writing cloud-agnostic code and delivering value, rather than dealing with the complexities of cloud providers. Instead, use Kubernetes as the front-end for a hybrid infrastructure ecosystem.

Crossplane is an actively developed incubating project in the Cloud Native Computing Foundation (CNCF) created by Upbound. It has gained huge popularity in a short span of time due to the ease with which it can be deployed and operated.

Just like our favorite project, Cluster API, and the popular IaC tool Terraform, you can extend Crossplane through providers. Providers are packages that bundle a set of managed resources and their controllers to allow Crossplane to provision those custom resources, so there’s a provider for Azure and another for GCP, one for Terraform and another for Argo CD and other CI/CD tools. In fact, there are lots.

Drive Palette from Crossplane with our new provider!

Now there’s a Crossplane provider for Spectro Cloud Palette, available right now on Github.

From Crossplane you can now drive almost all of Palette’s infrastructure management capabilities through the Palette API, meaning you can provision clusters, build and apply repeatable Cluster Profiles, deploy edge-native hosts, perform day 2 management activities, and much more, to all the infrastructure destinations that Palette supports such as AWS, GCP, Azure, Vsphere, MAAS and baremetal.


If you’re familiar with the Palette provider for Terraform, you’ll be right at home — the Palette Crossplane provider is generated from the Palette Terraform provider and therefore supports all operations that the Terraform provider supports.

Deploy a Kubernetes cluster with the Palette provider for Crossplane

In the following sections we will set up the Palette provider on an existing Kubernetes cluster running Crossplane, and use it to deploy a Kubernetes cluster on AWS using a Palette Cluster Profile.


Getting a Spectro Cloud Palette API key

To create a new Spectro Cloud API key, visit www.spectrocloud.com and log in to your Palette account. On the top-right, click the dropdown menu under your username and click on ‘My API Keys’ and generate a new key by clicking ‘Add a new API key’. Store this key in a safe place for later use.

Installing the Palette Crossplane provider

Providers are packaged controllers that reconcile the desired state of the cloud resources to match the current state to the desired state. Install the Crossplane provider for Palette by running the following commands:

cat &lt;<EOF | kubectl apply -f - apiVersion: pkg.crossplane.io/v1 kind: Provider metadata: name: provider-palette spec: package: xpkg.upbound.io/crossplane-contrib/provider-palette:v0.12.0 EOF

Create the provider config:

Once the Crossplane provider for Palette is successfully installed:

  • Create the secret:

    apiVersion: v1 kind: Secret metadata: name: palette-creds namespace: crossplane-system type: Opaque stringData: credentials: | { "api_key": "XXXXXLydf9zN9yvA71pnZLyuxXXXXXX", "project_name": "Default", "host": "api.spectrocloud.com" }

    From the above template, create the Palette credential secrets by running:

    kubectl apply -f secret.yaml

    NOTE: Remember to update the api_key field in the credential secret with the API key created in the previous step.

  • Create the providerconfig:

    apiVersion: palette.crossplane.io/v1beta1 kind: ProviderConfig metadata: name: default spec: credentials: source: Secret secretRef: name: palette-creds namespace: crossplane-system key: credentials

    From the above template, create the Palette provider config by running:

    kubectl apply -f providerconfig.yaml

Creating a cloud account

Now that we have configured the Crossplane provider, let us provision an AWS cloud account resource on the Palette platform that will help us create a Kubernetes cluster on AWS.

Create the secret containing AWS secret key:

apiVersion: v1 kind: Secret metadata: name: aws-secret namespace: crossplane-system type: Opaque stringData: data: "EgAbCdCXXXXX53d5r69sDLhcbh0Z3D4mpXXXXXX/"

From the above template, create the secret by running:

kubectl apply -f aws_secret.yaml

NOTE: Remember to update the data field in the aws secret with the secret key of the AWS access key created earlier

Create the cloudaccount resource:

apiVersion: cloudaccount.palette.crossplane.io/v1alpha1 kind: Aws metadata: name: aws-crossplane-test namespace: crossplane-system annotations: crossplane.io/external-name: "aws-test-cloudaccount" spec: forProvider: context: project type: secret awsAccessKey: "AKIATD5NORWYJXPRY5VF" awsSecretKeySecretRef: key: data name: aws-secret namespace: crossplane-system

From the above manifest, create the cloud account by running:

kubectl apply -f cloudaccount.yaml


You should now see the cloud account registered and ready to use under your Spectro Cloud account.

Creating a Kubernetes cluster on AWS

The cloud account that we created in the previous step enables us to create Kubernetes clusters on AWS using the Palette platform.

Get the cloud account ID by describing the cloud account created in the previous step:

kubectl describe aws.cloudaccount aws-crossplane-test

You will find the cloud account ID under ‘status.atProvider.id’

Create an AWS cluster resource:

apiVersion: cluster.palette.crossplane.io/v1alpha1 kind: Aws metadata: name: aws-prakash-crossplane-cluster namespace: crossplane-system spec: forProvider: cloudConfig: - sshKeyName: "spectro2022" region: "us-east-1" machinePool: - azs: - us-east-1a count: 3 instanceType: t3.xlarge name: machinePool1 - azs: - us-east-1a count: 1 instanceType: t3.xlarge name: masterPool1 controlPlane: true clusterProfile: - id: 633eabcfcacb8794e0c54cd7 cloudAccountId: 63bfe795d59b2a1ea30d7859 providerConfigRef: name: default

From the above manifest, create the cluster by running:

kubectl apply -f cluster_aws.yaml

NOTE: Use the cluster profile created as a prerequisite to provision the cluster. You can find the cluster profile ID in the URL when you select the cluster profile


The cluster profile ID is highlighted and can be found in the cluster profile URL

Once applied, check your Palette console to check the creation of your AWS cluster


The Cluster status will transition into Running and once the Cluster Health status shows up as healthy, the cluster is ready to use. You can access the Kubeconfig to the newly created cluster by clicking on the link under the ‘Kubernetes Config file’ section under ‘Overview’.

What’s next?

Hopefully you can already see that the Palette Crossplane provider for Kubernetes is a powerful tool that simplifies resource management. If you’re a Crossplane user, it opens up a whole new set of capabilities for you.

Now that you have got your cluster up and running using the Palette provider for Crossplane, you can use it to explore all the other things that Palette can do. Why not try creating an App Profile to model all the components of an application stack? Build a library of Cluster Profiles to make deploying future clusters repeatable? Try out Virtual Clusters for instant access to a K8s environment?

We’ll be keeping the Crossplane provider up to date in line with our Terraform provider, so the latest developments in Palette will always be at your fingertips.

For any suggestions and feedback, you can get in touch with us on the Spectro Cloud community Slack workspace. To report issues, please create an issue in the official provider repository at https://github.com/crossplane-contrib/provider-palette. To learn more about Palette and its capabilities and to try it out, please visit: https://www.spectrocloud.com/get-started.

Author Bio
Senior Software Engineer @ Spectro Cloud

Related Articles

Spectro Cloud uniquely enables organizations to manage Kubernetes in production, at scale. Our Palette management platform gives effortless control of the full Kubernetes lifecycle, across clouds, data centers, bare metal and edge environments.
Connect with us
Connect with us

© 2023 Spectro Cloud®. All rights reserved.