Automating cloud infrastructure: Do you want APIs with that?
Flipping the script to a control plane
Interview Cloud software automation generally begins with scripts, but at some point, according to Oren Teich, chief product officer of Upbound, that approach becomes unmanageable.
"Where it doesn't work is as things start to scale up," Teich told The Register in an interview, "whether that's scaling because you have a bunch of different people all trying to modify scripts at the same time, you have a bunch of people trying to consume the output of those things, or you have a bunch of different organizations."
"Sometimes that happens because you're five people, sometimes it happens because you're 5,000. There's no real number but at some point that approach stops working."
Crossplane debuted as an open source project back in 2018. Created by Upbound founder and CEO Bassam Tabbara, its software is for building control planes that manage cloud services like Kubernetes and associated components. Similar to HashiCorp's Terraform, which was recently forked due to a licensing change, Crossplane helps orchestrate infrastructure.
"Every [software-as-a-service] business in the world, literally 100 percent, the way they solve automation problems is they expose an API," said Teich. "No one, no one gives a customer a script to call. They say 'We have an API.' Well, companies have the exact same problem. Internally at some point, you realize scripts aren't the way. And so then you need to have an API, – and a collection of APIs is simply known as a control plane."
Last Wednesday, Upbound, a company and a managed enterprise platform based on Crossplane, extended its business offering with a feature called Spaces that lets customers deploy managed control planes – collections of APIs – in their own datacenters.
Teich said customers use Crossplane and Upbound not just because script-based automation becomes too complicated but because cloud computing is too complicated.
"Just spinning up a simple service is actually a choice of 1000 things," he said. "Go into a Kubernetes cluster and say you want to look at the options, and then multiply that by the challenges of your organizational dynamics. Your networking team wants to have a say, your database team wants to say, your security team wants to have a say."
"The only way to actually handle that complexity is through APIs and interfaces. And this has nothing to do with us. It's just like the only abstraction concepts that humans invented over the last 50 years. And so that ultimately winds up looking like a control plane."
Crossplane, said Teich, lets you extend Kubernetes to manage other resources. It lets you talk to other cloud resources and compose those pieces into abstractions that get exposed as APIs.
"A lot of companies we talked to are struggling to get Kubernetes clusters into their customers' hands easily," he said, referring to internal dev teams. "So whether you're a giant multinational oil company or a small startup, you're hitting the same struggles, which is you need to have an opinionated path that you're trying to give your developers where you want to give them a cluster, a CI/CD and the whole thing, all hooked up automatically."
Crossplane and Upbound provide a way to give those teams an API and everything else gets handled programmatically.
Bringing that to self-hosted environments, so companies can manage orchestrated code on-premises, may seem an old-fashioned way to do things when so many services reside in the cloud, but Teich said that despite the fact that cloud computing has been common practice for years, many companies haven't made that transition.
"What we do as a control plane and provisioning systems and management systems, is at the heart of so much that, for some people, it's just a high bar for trust," he said. "So although we have things like banks on our SaaS platform, some companies are like, 'Look, it just comes down to we feel more comfortable having some part of this in our own hands'."
To corporate customers, Upbound takes the form of a graphical dashboard on a hosted platform. Spaces, the on-premises control plane deployment feature, takes the form of a command line interface, or CLI, that customers install into an existing Kubernetes cluster.
"The level of complexity that's involved in actually managing software and cloud applications today, it's so unbelievably high that even simple things now require new levels of abstraction."
The CLI, which led to graphic interfaces as a simpler mode of interaction, is now helping simplify the orchestration of computing infrastructure.
- OpenTF forks Terraform, insists HashiCorp is the splinter group
- Microsoft moves to tighten Azure DevOps security with granular access tokens
- People actually write novels about DevOps – and an author spoke about his take at Dynatrace's Perform event
- Why securing East-West network traffic is so important – and how it can be done
"At the end of the day the problem is: how do we give development teams an appropriate level of access to the appropriate resources in the appropriate environments with the absolute least amount of friction so that developers can be productive?" said Rachel Stephens, senior analyst with consultancy RedMonk, in an email to The Register.
"Over the years, we as an industry have experimented with numerous ways to enable that vision over many parts of the stack. Upbound is a continuation of that vision, specifically focused around bringing productive development interfaces to developers in organizations that are using Kubernetes."
Stephens added: "Control planes (like Crossplane) attempt to solve this problem by providing developers API-based access to Kubernetes environments.
"Essentially it allows infrastructure teams to offer an internal 'cluster-as-a-service' offering to make it easy for developers to spin up the resources they need." ®