crossplane-provider-yc
is a Crossplane provider that is built
using Upjet code generation tools and exposes XRM-conformant
managed resources for Yandex Cloud.
Install crossplane:
kubectl create namespace crossplane-system
helm repo add crossplane-stable https://charts.crossplane.io/stable
helm repo update
helm install crossplane --namespace crossplane-system crossplane-stable/crossplane
Check crossplane status:
helm list -n crossplane-system
kubectl get all -n crossplane-system
Install crossplane CLI:
curl -sL https://raw.githubusercontent.com/crossplane/crossplane/master/install.sh | sh && \
sudo mv crossplane $(dirname $(which kubectl))
Install the provider by using the following command after changing tag to the latest release:
crossplane xpkg install provider xpkg.upbound.io/yandexcloud/crossplane-provider-yc:v0.4.1
Create service account:
yc iam service-account create --name <service-account>
Add roles to this service account:
yc resource-manager folder add-access-binding <folder-id> --role <role>
Request key:
yc iam key create --service-account-id <service-account-id> --output key.json
Create k8s secret:
kubectl create secret generic yc-creds -n "crossplane-system" --from-file=credentials=./key.json
Apply example ProviderConfig:
kubectl apply -f examples/providerconfig/providerconfig.yaml
Update provider version on new tag (e.g. v0.4.1):
kubectl crossplane update provider crossplane-provider-yc v0.4.1
Add existing resource id metadata.annotations["crossplane.io/external-name"]
metadata:
annotations:
crossplane.io/external-name: <cloud-resource-id>
To avoid making changes to an existing resouce that needs to be references (folder, subnet, etc.),
add spec.managementPolicy: ObserveOnly
spec:
managementPolicy: ObserveOnly
Add spec.deletionPolicy: Orphan
spec:
deletionPolicy: Orphan
❯ k explain Folder.spec.deletionPolicy
KIND: Folder
VERSION: resourcemanager.yandex-cloud.jet.crossplane.io/v1alpha1
FIELD: deletionPolicy <string>
DESCRIPTION:
DeletionPolicy specifies what will happen to the underlying external when
this managed resource is deleted - either "Delete" or "Orphan" the external
resource.
You can enforce deletionPolicy: Orphan
with gatekeeper if you need.
For filing bugs, suggesting improvements, or requesting new features, please open an issue.