Learnings From Providing A Platform API With Kubernetes And Crossplane


Authors:   Jan Willies, Hannes Blut


Challenges and opportunities in using Kubernetes and CRDs for managing infrastructure and applications
  • Managing more YAML with Kubernetes and CRDs
  • User expectations and challenges in applying infrastructure changes
  • Leveraging the Kubernetes ecosystem for managing policies and costs
  • Challenges in CRD maturity and scalability
  • Using GitOps for deploying infrastructure and applications
  • Need for multi-cluster architectures and management
One challenge discussed was the issue of user expectations when applying infrastructure changes. While Kubernetes is known for quick and immediate reactions, infrastructure changes can take several minutes or even up to an hour to be ready. Some users may not expect this delay and may try to delete and recreate objects, which can cause issues with infrastructure. Another challenge is the need for users to know the Kubernetes API even if they are not running workloads in Kubernetes. This can be addressed by offering a UI for creating resources, but users still need to know some API to create these resources.


Kubernetes' extensible API has turned it into a de-facto abstraction layer not just for building, deploying and operating cloud-native apps, but also as the control plane for the entire enterprise, to provision and manage cloud resources and complex platform components. This session will be about the journey of Kubernetes and Crossplane at Deutsche Bahn, to provide platform consumers with access to a unified API for deployments, infrastructure provisioning and applications in a manner that is independent from the cloud, addressing compliance and cross-cutting concerns while providing a Kubernetes “native” experience. The journey has not been without challenges, where the platform team has managed technical and functional requirements including an access model in an enterprise environment, user expectations of cloud native infrastructure usage, and issues with excessive API load, shared resources, as well as controllers written by the team and open sourced along the way.Click here to view captioning/translation in the MeetingPlay platform!