Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crossplane provider? #5

Open
gfeldman opened this issue Sep 5, 2023 · 3 comments
Open

Crossplane provider? #5

gfeldman opened this issue Sep 5, 2023 · 3 comments

Comments

@gfeldman
Copy link

gfeldman commented Sep 5, 2023
edited
Loading

First, thank you so much for this project. I am fully onboard with the statement and would like to help if I can. I don't know much rust though.

I am curious if you have thought about making this a crossplane provider where you could also have the crds from the cloud provider to provision the node as opposed to making a cli. I am attaching the droplet definition I used for the exit node provisioning. The CRD for the droplet has a field for the public ip to fetch for the exit node, so we can probably make a crossplane composition pacakge that uses your operator with different clouds.

P.S. I later went in and blocked outside access on port 9090. If we had this type of provisioning in the controller then it wouldn't be too hard to also implement allowedSourceRanges part of the load balancer spec to sync to a firewall / security group

apiVersion: compute.do.crossplane.io/v1alpha1
kind: Droplet
metadata:
  name: droplet-inlet
spec:
  forProvider:
    region: nyc1
    size: s-1vcpu-1gb
    image: ubuntu-20-04-x64
    sshKeys:
    - "key id"
    userData: |
      #!/bin/bash
      apt-get -y update
      apt-get install curl -y
      curl "https://i.jpillora.com/chisel\!\?type=script" | bash
      mv /chisel /usr/local/bin
      cat <<EOF >> /etc/systemd/system/chisel.service
      [Unit]
      Description=Chisel Tunnel
      Wants=network-online.target
      After=network-online.target
      StartLimitIntervalSec=0

      [Install]
      WantedBy=multi-user.target

      [Service]
      Restart=always
      RestartSec=1
      User=root
      ExecStart=/usr/local/bin/chisel server --port=9090 --reverse
      # Additional .env file for auth and secrets
      EnvironmentFile=-/etc/sysconfig/chisel
      EOF
      systemctl enable chisel
      systemctl start chisel

  providerConfigRef:
    name: provider-do-config
@korewaChino
Copy link
Member

We actually are kind of figuring out how to do cloud provisioning, actually.

We were looking into something like Pulumi for the provider backend, but thank you for telling us about the existence of this!

We actually have received multiple requests about this feature, and have also planned to work on this in the future.

@gfeldman
Copy link
Author

gfeldman commented Sep 7, 2023
edited
Loading

Great. As a first step, I will try to work on a reusable crossplane composition package that combines the chisel operator and one or two implementations of exit nodes. Maybe a composition package is all that is needed as opposed to a full blown operator.

https://docs.crossplane.io/latest/concepts/compositions/

Basically the composition would combine the official cloud instance crds and a helm provider to dynamically pass the ip from the cloud instance crd to the exit node.

@lleyton
Copy link
Member

lleyton commented Jan 27, 2024

We decided to handle cloud provisioning through our own mechanism within the operator. Initial support for AWS, DigitalOcean, and Linode are in the latest release of the operator.

Give it a go :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gfeldman @lleyton @korewaChino