awslabs · candonov · Sep 12, 2023 · Sep 8, 2023 · Sep 10, 2023 · Sep 10, 2023
@@ -5,8 +5,10 @@ This example deploys the following components
 - Creates Internet gateway for Public Subnets and NAT Gateway for Private Subnets
 - Creates EKS Cluster Control plane with one managed node group
 - Crossplane Add-on to EKS Cluster
+- Upbound AWS Provider for Crossplane
 - AWS Provider for Crossplane
 - Kubernetes Provider for Crossplane
+- Helm Provider for Crossplane
 
 ## Crossplane Deployment Design
 
@@ -45,7 +47,7 @@ Ensure that you have installed the following tools in your Mac or Windows Laptop
 ### Troubleshooting
 1. If `terraform apply` errors out after creating the cluster when trying to apply the helm charts, try running the command:
 ```shell
-aws eks --region <enter-your-region> update-kubeconfig --name <cluster-name>
+aws eks --region <enter-your-region> update-kubeconfig --name <cluster-name> --alias <cluster-name>
 ```
 and executing terraform apply again.
 
@@ -59,7 +61,8 @@ git clone https://github.com/aws-samples/crossplane-aws-blueprints.git
 ```
 
 > [!IMPORTANT]  
-> The examples in this repository make use of one of the Crossplane AWS providers. For example, if you are using the `crossplane_upbound_aws_provider_enable` provider, make sure to set the [`crossplane_aws_provider_enable`](https://github.com/awslabs/crossplane-on-eks/blob/main/bootstrap/terraform/main.tf#L59) to `false` in order install only the necessary CRDs to the Kubernetes cluster.
+> The examples in this repository make use of one of the Crossplane AWS providers. 
+For that reason `upbound_aws_provider.enable` is set to `true` and `aws_provider.enable` is set to `false`. If you use the examples for `aws_provider`, adjust the terraform [main.tf](https://github.com/awslabs/crossplane-on-eks/blob/main/bootstrap/terraform/main.tf) in order install only the necessary CRDs to the Kubernetes cluster.
 
 #### Step2: Run Terraform INIT
 Initialize a working directory with configuration files
@@ -147,6 +150,10 @@ echo "$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.
 ## Clean up
 1. Delete resources created by Crossplane such as first Claims, then XRDs and Compositions.
 
+1. Remove crossplane providers by setting `enable = false` in main.tf for each provider and running `terraform apply`
+
+1. Run `kubectl get providers` to validate all providers were removed. If any left, remove using `kubectl delete providers <provider>`
+
 1. Delete the EKS cluster and it's resources with the following command
 ```bash
 ./destroy.sh

@@ -0,0 +1,53 @@
+################################################################################
+# Crossplane
+################################################################################
+
+module "crossplane" {
+  source  = "aws-ia/eks-blueprints-addon/aws"
+  version = "1.1.0"
+
+  create = var.enable_crossplane
+
+  # https://github.com/crossplane/crossplane/tree/master/cluster/charts/crossplane
+  name             = try(var.crossplane.name, "crossplane")
+  description      = try(var.crossplane.description, "A Helm chart to deploy crossplane project")
+  namespace        = try(var.crossplane.namespace, "crossplane-system")
+  create_namespace = try(var.crossplane.create_namespace, true)
+  chart            = try(var.crossplane.chart, "crossplane")
+  chart_version    = try(var.crossplane.chart_version, "1.13.2")
+  repository       = try(var.crossplane.repository, "https://charts.crossplane.io/stable/")
+  values           = try(var.crossplane.values, [])
+
+  timeout                    = try(var.crossplane.timeout, null)
+  repository_key_file        = try(var.crossplane.repository_key_file, null)
+  repository_cert_file       = try(var.crossplane.repository_cert_file, null)
+  repository_ca_file         = try(var.crossplane.repository_ca_file, null)
+  repository_username        = try(var.crossplane.repository_username, null)
+  repository_password        = try(var.crossplane.repository_password, null)
+  devel                      = try(var.crossplane.devel, null)
+  verify                     = try(var.crossplane.verify, null)
+  keyring                    = try(var.crossplane.keyring, null)
+  disable_webhooks           = try(var.crossplane.disable_webhooks, null)
+  reuse_values               = try(var.crossplane.reuse_values, null)
+  reset_values               = try(var.crossplane.reset_values, null)
+  force_update               = try(var.crossplane.force_update, null)
+  recreate_pods              = try(var.crossplane.recreate_pods, null)
+  cleanup_on_fail            = try(var.crossplane.cleanup_on_fail, null)
+  max_history                = try(var.crossplane.max_history, null)
+  atomic                     = try(var.crossplane.atomic, null)
+  skip_crds                  = try(var.crossplane.skip_crds, null)
+  render_subchart_notes      = try(var.crossplane.render_subchart_notes, null)
+  disable_openapi_validation = try(var.crossplane.disable_openapi_validation, null)
+  wait                       = try(var.crossplane.wait, false)
+  wait_for_jobs              = try(var.crossplane.wait_for_jobs, null)
+  dependency_update          = try(var.crossplane.dependency_update, null)
+  replace                    = try(var.crossplane.replace, null)
+  lint                       = try(var.crossplane.lint, null)
+
+  postrender    = try(var.crossplane.postrender, [])
+  set           = try(var.crossplane.set, [])
+  set_sensitive = try(var.crossplane.set_sensitive, [])
+
+  tags = var.tags
+}
+
@@ -0,0 +1,22 @@
+variable "tags" {
+  description = "A map of tags to add to all resources"
+  type        = map(string)
+  default     = {}
+}
+
+################################################################################
+# Crossplane
+################################################################################
+
+variable "enable_crossplane" {
+  description = "Enable Crossplane Kubernetes add-on"
+  type        = bool
+  default     = false
+}
+
+variable "crossplane" {
+  description = "Crossplane add-on configuration values"
+  type        = any
+  default     = {}
+}
+
@@ -82,14 +82,6 @@ configs:
           end
 
           for i, condition in ipairs(obj.status.conditions) do
-            if condition.type == "Ready" then
-              if condition.status == "True" then
-                health_status.status = "Healthy"
-                health_status.message = "Resource is up-to-date."
-                return health_status
-              end
-            end
-
             if condition.type == "LastAsyncOperation" then
               if condition.status == "False" then
                 health_status.status = "Degraded"
@@ -105,6 +97,14 @@ configs:
                 return health_status
               end
             end
+
+            if condition.type == "Ready" then
+              if condition.status == "True" then
+                health_status.status = "Healthy"
+                health_status.message = "Resource is up-to-date."
+                return health_status
+              end
+            end
           end
 
           return health_status
@@ -121,14 +121,6 @@ configs:
           end
 
           for i, condition in ipairs(obj.status.conditions) do
-            if condition.type == "Ready" then
-              if condition.status == "True" then
-                health_status.status = "Healthy"
-                health_status.message = "Resource is up-to-date."
-                return health_status
-              end
-            end
-
             if condition.type == "LastAsyncOperation" then
               if condition.status == "False" then
                 health_status.status = "Degraded"
@@ -144,6 +136,14 @@ configs:
                 return health_status
               end
             end
+
+            if condition.type == "Ready" then
+              if condition.status == "True" then
+                health_status.status = "Healthy"
+                health_status.message = "Resource is up-to-date."
+                return health_status
+              end
+            end
           end
 
           return health_status
@@ -161,14 +161,46 @@ configs:
           end
 
           for i, condition in ipairs(obj.status.conditions) do
+            if condition.type == "LastAsyncOperation" then
+              if condition.status == "False" then
+                health_status.status = "Degraded"
+                health_status.message = condition.message
+                return health_status
+              end
+            end
+
+            if condition.type == "Synced" then
+              if condition.status == "False" then
+                health_status.status = "Degraded"
+                health_status.message = condition.message
+                return health_status
+              end
+            end
+
             if condition.type == "Ready" then
               if condition.status == "True" then
                 health_status.status = "Healthy"
                 health_status.message = "Resource is up-to-date."
                 return health_status
               end
             end
+          end
 
+          return health_status
+      %{endif}
+      %{ if crossplane_kubernetes_provider_enable }
+      "kubernetes.crossplane.io/*":
+        health.lua: |
+          health_status = {
+            status = "Progressing",
+            message = "Provisioning ..."
+          }
+
+          if obj.status == nil or obj.status.conditions == nil then
+            return health_status
+          end
+
+          for i, condition in ipairs(obj.status.conditions) do
             if condition.type == "LastAsyncOperation" then
               if condition.status == "False" then
                 health_status.status = "Degraded"
@@ -184,6 +216,14 @@ configs:
                 return health_status
               end
             end
+
+            if condition.type == "Ready" then
+              if condition.status == "True" then
+                health_status.status = "Healthy"
+                health_status.message = "Resource is up-to-date."
+                return health_status
+              end
+            end
           end
 
           return health_status

@@ -2,8 +2,8 @@
 
 set -xe
 
+terraform destroy -target="module.crossplane" -auto-approve
 terraform destroy -target="module.eks_blueprints_addons" -auto-approve
-terraform destroy -target="module.eks_blueprints_crossplane_addons" -auto-approve
 terraform destroy -target="module.eks" -auto-approve
 terraform destroy -target="module.vpc" -auto-approve
 terraform destroy -auto-approve
@@ -0,0 +1,8 @@
+apiVersion: apiextensions.crossplane.io/v1alpha1
+kind: EnvironmentConfig
+metadata:
+  name: cluster
+data:
+  awsAccountID: "${awsAccountID}"
+  eksOIDC: ${eksOIDC}
+  vpcID: ${vpcID}