Kubernetes & Crossplane

Deploying a Unikernel to Unikraft Cloud with Crossplane

Crossplane operates as a Kubernetes add-on, turning it into a universal control plane that manages both cloud services and infrastructure. It introduces the concept of ‘Infrastructure as Code,’ enabling users to define and provision cloud resources using Kubernetes-style manifest files.

Installation and Configuration of the Crossplane Provider

Before You Begin:

• Confirm administrative access to a Kubernetes cluster (can be a local one like Minikube).
• Secure a token for the Unikraft Cloud platform.
• Choose a unikraft unikernel image, like nginx.
• Ensure Crossplane and its CLI are installed in the cluster.

Installation Steps:

• Install the provider: Deploy the Unikraft Cloud provider using the command:

crossplane xpkg install provider ghcr.io/kraftcloud/crossplane-provider-kraftcloud:0.2.0 --wait=1m

• Authenticate the provider against Unikraft Cloud:

Create a base64 encoded Secret in crossplane-system and apply a ProviderConfig that refers to this secret.

Paste a base64 encoded token into the credentials field in the YAML below.

Save them to a file named secret.yaml:

apiVersion: v1
kind: Secret
metadata:
  namespace: crossplane-system
  name: example-provider-secret
type: Opaque
data:
  credentials: #base64 encoded kraftcloud token
---
apiVersion: kraftcloud.crossplane.io/v1alpha1
kind: ProviderConfig
metadata:
  name: example
spec:
  credentials:
    source: Secret
    secretRef:
      namespace: crossplane-system
      name: example-provider-secret
      key: credentials

Then, simply run:

kubectl apply -f secret.yaml

Done! Your provider is now running and will be able to communicate with Unikraft Cloud’s API.

Tip

Important: The Unikraft Cloud token must be base64 encoded twice to align with Crossplane’s way of handling secrets. The token you receive is already base64 encoded, but you have to encode it again.

Deploying a Unikernel Instance

If you’re eager to get started quickly, you can utilize our official nginx image, readily available for all users.

For those interested in custom solutions, you can still build and use your own images — see the Quick Start guide.

To deploy an nginx instance, ensure the provider is installed and running, then use the following YAML configuration:

apiVersion: compute.kraftcloud.crossplane.io/v1alpha1
kind: Instance
metadata:
  name: example
spec:
  forProvider:
    metro: fra0 # Here you control which metro the instance should be scheduled at
    image: nginx:latest
    memory: "64Mi"
    args:
    - "-c"
    - "/nginx/conf/nginx.conf"
    internalPort: 8080
    port: 443
    desiredState: running # It's possible to create "stopped" instances.
  providerConfigRef:
    name: example # Reference to pre-applied crossplane config containing your token

After applying this YAML, you will be able to list the instance via:

kubectl get instance

This will result in:

NAME      READY   SYNCED   EXTERNAL-NAME                          AGE
example   True    True     ced7f992-5feb-4fb7-9d3e-e92886d8859f   27m

To get even more information, run:

kubectl describe instance example

The output of this command will contain various additional data, such as:

Status:
  At Provider:
    Boot Time:   7080
    Created At:  2023-11-22T07:50:24Z
    Dns:         little-frost-y209h46o.fra0.kraft.host.
    Private IP:  172.16.16.1
  Conditions:
    Last Transition Time:  2023-11-22T07:50:25Z
    Reason:                Available
    Status:                True
    Type:                  Ready
    Last Transition Time:  2023-11-22T07:50:24Z
    Reason:                ReconcileSuccess
    Status:                True
    Type:                  Synced
Events:
  Type    Reason                   Age                From                                               Message
  ----    ------                   ----               ----                                               -------
  Normal  CreatedExternalResource  28m                managed/instance.compute.kraftcloud.crossplane.io  Successfully requested creation of external resource
  Normal  UpdatedExternalResource  11m (x4 over 14m)  managed/instance.compute.kraftcloud.crossplane.io  Successfully requested update of external resource

As you can see, one of the outputs is the DNS of the created instance. You can take that address and query it to confirm your instance is working properly:

curl https://little-frost-y209h46o.fra0.kraft.host

To delete the instance, simply delete the kubernetes object. The crossplane provider will reconcile the state in Unikraft Cloud and remove the instance for you:

kubectl delete instance example

Troubleshooting and FAQs

How to debug issues with the provider?

The first place to start is the log output of the running provider pod. Locate the pod and inspect its logs via:

kubectl logs -f kraftcloud-provider-pod-name -n crossplane-system

Create, delete or update the instance definition in the kubernetes cluster and look for errors in the log.

This workflow is also possible locally. If you are authenticated against a cluster with crossplane installed, check out the repo and run:

make submodules
make run

Before attempting the above, make sure the Unikraft Cloud connection token has been applied to the cluster.

Which actions does the provider support?

In its present state (0.2.0), the provider allows creating, deleting, starting and stopping running unikernel instances.

How can I see the state of my deployments?

Unikraft Cloud integrates with our kraftkit CLI. You will be able to see the instances created with crossplane by running:

KRAFTCLOUD_METRO=fra0 kraft cloud instance ls

For more information, please refer to kraftkit’s documentation.