Declarative Infrastructure: Crossplane and the Control Plane Shift, Lavkesh Dwivedi

Crossplane takes the Kubernetes operator pattern and applies it to cloud infrastructure. Instead of Terraform state files and CLI operations, cloud resources are managed as Kubernetes custom resources through a continuous control loop.

What Crossplane is

Crossplane runs inside a Kubernetes cluster and provides providers (AWS, Azure, GCP, Helm) that map Kubernetes custom resources to cloud resources. You define an S3 bucket as a Kubernetes YAML manifest; Crossplane's AWS provider ensures the bucket exists and matches the spec. Crossplane uses the same reconciliation loop as any Kubernetes controller: desired state declared in the cluster, actual state in the cloud, continuous reconciliation.

Composite resources for abstraction

Crossplane's Composite Resource Definition (XRD) lets platform teams define higher-level abstractions over raw cloud resources. A 'PostgreSQLInstance' composite resource might provision an RDS instance, a parameter group, a security group, and a Secrets Manager secret. The application team requests a PostgreSQLInstance; the platform team defines what that means in terms of cloud resources. The abstraction layer decouples application teams from cloud-provider specifics.

The GitOps integration

Crossplane integrates naturally with GitOps tools (Flux, ArgoCD): Crossplane manifests go in Git, the GitOps operator applies them to the cluster, and Crossplane reconciles the cloud state. Infrastructure changes are reviewed as pull requests. The full cloud provisioning history is in Git. Rollback is a git revert followed by the GitOps sync.

Terraform vs Crossplane

Terraform and Crossplane solve the same problem differently. Terraform is a CLI tool with state files that is run explicitly (terraform apply). Crossplane is a continuously running control plane that maintains desired state. Terraform's explicit run model is predictable and auditable; Crossplane's continuous reconciliation handles drift automatically but is more complex to operate. For organisations already running Kubernetes, Crossplane's operational model is familiar.