Skip to main content
  • Blog  / 
  • Crossplane and...

Crossplane and Terraform: How They Differ, and How They Can Play Together

What you need to know about the two ubiquitous Infrastructure-as-Code tools.

Headshot of Damaso Sanoja
Damaso SanojaSoftware Engineer
Crossplane and Terraform: How They Differ, and How They Can Play Together

Crossplane and Terraform may appear similiar at first glance, but they each bring unique capabilities to the table. Crossplane is an open-source Kubernetes add-on helpful in defining and managing cloud resources using Kubernetes-style APIs. Meanwhile, Terraform is a widely adopted infrastructure provisioning tool used to define and manage infrastructure as code across multiple cloud providers. Let's take a close look at how they function individually, and importantly, how they can be integrated to uplevel your infrastructure automation efforts.

Platform management tools are software solutions designed to automate and manage infrastructure and applications across various environments. They streamline deployment, management and scaling of applications and infrastructure to ensure efficient and consistent operations. Among these platforms, Crossplane and Terraform excel by using infrastructure as code (IaC) to provision and manage infrastructure, enabling change tracking through version control, which improves deployment reliability, speed and scalability, and cuts down on manual errors.

Crossplane

Crossplane is a control plane framework that provides a single, Kubernetes-based platform to manage resources and applications across different clouds and services.

Ease of Setup and DevEx

Installing Crossplane is a two-step process. You need a Kubernetes cluster and the Helm package manager. Platform engineers and DevOps teams can install Crossplane from the command line and then tailor it to fit their needs by modifying its Helm chart.

After setting it up, you can manage and configure Crossplane using its command line interface (CLI). However, it's important to note that Crossplane lacks a dedicated graphical user interface (GUI), so you'll have to rely on the CLI and Kubernetes tools to manage your infrastructure, resources and applications.

Key Features

Crossplane lets you manage infrastructure resources and services using Kubernetes concepts (pods, services, deployments, etc.) and existing Kubernetes tools. This simplifies the learning curve for those already familiar with Kubernetes.

What's more, Crossplane's approach lets you take advantage of Kubernetes' custom resource definitions (CRDs) to extend its core functionality. Core Crossplane components such as compositions, composite resources and claims are CRDs. These CRDs allow Crossplane to connect with different clouds, manage resources and even create templates for grouping multiple managed resources as a single object. This capability makes it easier to manage a range of services across multiple clouds.

A look at Crossplane's architecture will help you understand these resources.

Architecture

Crossplane is a better choice in Kubernetes environments since its architecture allows it to integrate directly with Kubernetes clusters, which facilitates the creation of custom Kubernetes APIs.

Crossplane architecture
Diagram by Damaso Sanoja

Crossplane acts as a Kubernetes controller, keeping track of external resources and ensuring they match their intended state. If a resource changes or is deleted outside Kubernetes, Crossplane automatically fixes or recreates the resource.

The components that make this functionality possible are:

  • Managed resources: These are the actual cloud resources and services Crossplane is capable of provisioning and managing.
  • Providers: Plugins connect Crossplane to various cloud providers, enabling it to manage a wide array of resources.
  • Composite resource definitions (XRDs): XRDs allow you to create and manage complex, user-defined resources.
  • Composition: This is a method of bundling together different resources and configurations to construct a higher-level resource or application.
  • Claims: These are user requests for provisioning or accessing specific resources within Crossplane, which the platform processes and fulfills.
  • Configuration packages: Organize managed resources into user-friendly APIs, streamlining how your team accesses cloud services.

Another advantage of Crossplane architecture is that platform teams only interact with Kubernetes, while Crossplane manages the external communications. This simplifies establishing security and access control for resources from a single location. It also enables platform teams to customize and simplify Kubernetes APIs for users by integrating various external resources, making the overall platform more user-friendly and efficient.

Configuration Type

Crossplane adopts Kubernetes's declarative model with compositions, which let engineers define a desired state using Kubernetes YAML syntax. In comparison, Terraform uses HashiCorp Configuration Language (HCL), a language specifically designed for infrastructure as code. HCL is praised for its readability and concise syntax, catering to a broad audience beyond just Kubernetes users. However, it requires learning a new language for those not already familiar with it.

Crossplane's Kubernetes-centric model promotes consistency and integration within Kubernetes environments, while Terraform's HCL offers flexibility and accessibility for a wider range of users and scenarios. Each approach has its own unique strengths, with the choice largely depending on the team or organization's specific needs and existing infrastructure.

Licensing and Pricing

Crossplane follows an open source model and is provided at no cost, with the flexibility for users to modify and share it. The open source nature of Crossplane ensures transparency and allows for customization, making it an attractive option for those looking to tailor their infrastructure management tools to specific needs.

In comparison, Terraform offers a free, open source version and paid editions (more on this shortly).

Support Level

Under an open source model, Crossplane primarily provides support through its community-driven channels. Users can access the documentation, forums, a dedicated Slack channel, YouTube tutorials, podcasts and blog posts for assistance. These resources enable both new and experienced users to exchange knowledge and troubleshoot issues.

For businesses seeking more robust support, Upbound's Universal Crossplane (UXP), a production-grade version of Crossplane, offers enterprise-level support. Beyond enhanced support, UXP introduces advanced features, including resource parity with Terraform and a user-friendly web-based interface.

The blend of community support and optional enterprise-level services ensures that users at all levels can effectively deploy and manage their cloud-native applications with Crossplane.

Ecosystem

The Crossplane ecosystem revolves around the Upbound Marketplace, which provides an extensive range of resources and integrations. At its core, the marketplace features providers, composition functions and configuration packages.

The Equinix Crossplane Provider facilitates direct connectivity and management of Equinix's dedicated cloud services within Crossplane's multicloud compositions. This integration demonstrates the platform's versatility in orchestrating a wide array of services across different environments.

Ideal Use Cases

If you need to manage resources across multiple clouds, Kubernetes clusters and infrastructure providers, Crossplane is a great platform management solution. Its design as a unified control plane makes it ideal for cloud-based services and hybrid or multicloud deployments.

While Crossplane's tight integration with Kubernetes offers organizations the ability to efficiently manage a variety of resources using familiar tools and processes, organizations lacking prior Kubernetes expertise may find it difficult to adopt Crossplane due to a potentially steep learning curve. Additionally, while Crossplane offers powerful capabilities for cloud resource management, it's not intended for provisioning bare metal infrastructure.

Terraform

Terraform is an open source IaC tool created by HashiCorp that allows platform engineers and DevOps teams to define and provision any type of infrastructure (including bare metal) using its own configuration language, HCL. It offers three distinct editions:

  1. Terraform Community Edition: A self-managed and free option
  2. Terraform Cloud: A subscription-based, managed service
  3. Terraform Enterprise: A paid, self-managed solution with customizable deployments

Terraform's focus on provisioning infrastructure is what differentiates it from Crossplane, which is more focused on providing a control plane for cloud services.

Ease of Setup and DevEx

When it comes to infrastructure management, Terraform offers various deployment options that streamline the configuration process.

Users can set up Terraform Community Edition and use the CLI for managing infrastructure tasks. For those seeking an enhanced developer experience, Terraform Cloud and Terraform Enterprise are better options, as they provide a UI alongside the CLI. This dual-interface approach offered by the paid editions of Terraform meets the needs of a wider audience and simplifies the management and visualization of infrastructure. Keep in mind, though, that Terraform Community Edition offers a similar developer experience to Crossplane's CLI.

Key Features

Terraform's standout feature is its flexibility, allowing platform engineers to install its CLI locally for orchestrating infrastructure without the Kubernetes dependency required by Crossplane.

That said, one significant distinction between Terraform and Crossplane lies in their capacity for building custom platforms. While Terraform supports deploying applications and services in cloud instances, it primarily focuses on provisioning infrastructure like bare metal servers and VMs, which can introduce complexities when building and managing custom platforms from end to end. To bridge this gap, third-party tools such as Ansible might be necessary. Ansible complements Terraform by automating software provisioning, configuration management and application deployment, thus facilitating a more cohesive approach to platform management.

In contrast, Crossplane is designed to operate within Kubernetes ecosystems, potentially offering a more integrated experience for managing cloud-native platforms. Terraform offers a more streamlined approach, thanks to its clear and consistent file structure. This structure includes essential files like `terraform.tfstate` for state management as well as several configuration files, such as `main.tf` for primary configuration, `variables.tf` for variable definitions, `outputs.tf` for output values, `provider.tf` for provider configuration, `terraform.tfvars` for variable values and `backend.tf` for backend configuration. Each file serves a distinct purpose, making the architecture straightforward and organized. 

Architecture

The following diagram shows a representation of the architecture that Terraform is built on:

Terraform architecture
Diagram by Damaso Sanoja

Terraform's architecture is designed around several core components that work together to manage infrastructure as code. These components include:

  • The Terraform CLI, which features a comprehensive command package that executes all Terraform operations, enabling users to plan, apply, destroy and manage infrastructure resources.
  • Backends, which play a role in storing Terraform's state files and managing states across team members.
  • A configuration loader, which is tasked with parsing and loading the Terraform configuration files, ensuring that infrastructure is defined accurately according to user specifications.
  • A state manager, which keeps track of the infrastructure's current state, allowing Terraform to make informed decisions about the changes needed to reach the desired state.
  • A graph builder, which constructs a resource dependency graph that outlines how different resources are interconnected.
  • A graph walker, which uses a dependency graph to determine the sequence for creating or modifying resources to ensure dependencies are correctly handled.
  • Vertex evaluation, which assesses graph builder dependencies to manage resource configuration.
  • Expression evaluation, which handles variable interpolation and function calls within the configuration to make dynamic configurations possible.
  • Subgraphs, which are specialized sections of the larger dependency graph that focus on a subset of resources or operations. They allow Terraform to execute specific tasks (such as plan, apply, or destroy) in an isolated manner, targeting only the relevant resources.

In addition to Terraform's core components, Terraform providers are also an integral part of the overall Terraform architecture. They let you connect Terraform with numerous cloud services and infrastructure platforms so that users can manage a wide array of resources through a unified interface. 

Terraform uses simpler primitives than Crossplane, which is why many teams still prefer its approach.

Configuration Type

Terraform and Crossplane both employ declarative models to manage resources; however, there are some key differences between each approach.

As previously stated, Terraform uses HCL, which allows for a straightforward workflow of writing, planning and applying changes. In contrast, Crossplane uses its composition CRD, using YAML files that align with Kubernetes's API and patterns.

Depending on your organization’s needs, Terraform's high-level configuration language might be a more intuitive alternative to the Kubernetes YAML files used by Crossplane.

Licensing and Pricing

HashiCorp offers different licensing and pricing models across its Terraform editions.

The Community Edition provides basic infrastructure management capabilities for free. Terraform Cloud includes a SaaS solution with a free tier for small teams in addition to paid plans that add features like role-based access control, policy enforcement and cost estimation based on resources under management (RUM).

Terraform Enterprise, aimed at larger organizations, offers a self-hosted option with advanced security, scalability and support features. As previously mentioned, both the Cloud and Enterprise editions include an intuitive UI in addition to the CLI.

Support Level

Terraform provides a structured support system, particularly through its Cloud and Enterprise tiers. These tiers offer enterprise-level support, featuring HashiCorp's service-level agreement (SLA), which guarantees specific response times based on the severity of the issue. Additionally, Terraform Cloud and Enterprise users benefit from direct access to HashiCorp engineers. This level of support includes training, consultation and technical guidance to optimize Terraform usage in complex environments.

The support of the Community Edition relies on the broader community forum and GitHub issue tracker, tutorials, HashiCorp blog and podcasts.

Regardless of the Terraform edition, your organization can opt for paid HashCorp training courses, HashiCorp's Infrastructure Automation Certification or reaching out to the Customer Success team for additional service levels.

This contrasts with Crossplane's support, where both its open source and UXP versions balance community-driven assistance with the option for enterprise-level support. This makes Terraform's support offerings beneficial for organizations requiring guaranteed response times, specialized training, personalized support levels and direct access to technical experts.

Ecosystem

The Terraform Registry is a hub for the Terraform ecosystem that centralizes the discovery and sharing of IaC components. It includes:

  • Providers, which are essential for integrating Terraform with various cloud and infrastructure platforms.
  • Modules, which offer a way to create reusable and shareable configurations that simplify complex infrastructure setups.
  • Policy libraries, which provide a collection of predefined policies to enforce best practices and compliance standards.
  • Tasks, which enable the execution of custom automation workflows.

Similar to Crossplane, your organization can connect to Equinix resources using a Terraform provider, which facilitates seamless connectivity to Equinix's dedicated cloud services. This allows for streamlined orchestration within multicloud and hybrid environments.

Ideal Use Cases

Terraform excels as an infrastructure provisioning tool, as it offers flexibility for a range of deployment scenarios, such as on-premises, public and dedicated clouds. Moreover, Terraform's ability to operate both from a local computer and on the cloud (via Terraform Cloud) makes it adaptable to diverse environments.

Terraform Community Edition is ideal for orchestrating small to medium infrastructures, although it may encounter limitations with more complex infrastructures, including drift, collaboration challenges and management intricacies. For larger or more complex deployments, Terraform Cloud or Terraform Enterprise offer enhanced features for collaboration, state management and scalability. However, while Terraform can build comprehensive platforms, integration with third-party tools may be necessary.

Despite these considerations, Terraform's broad provider support and modular design ensure it remains a powerful tool for comprehensive infrastructure automation, approaching Crossplane/Universal Crossplane's flexibility in many use cases.

In this piece, you learned that Terraform is an ideal tool for provisioning infrastructure, including bare metal setups, while Crossplane offers a centralized control plane for orchestrating both applications and infrastructure across varied environments, although it requires a Kubernetes cluster to function. With this in mind, instead of thinking in terms of "Crossplane vs. Terraform," it's more productive to think about how to combine the strengths of both tools.

For instance, you could use Terraform for initial infrastructure setup, such as provisioning a Kubernetes cluster with Crossplane, and then use Crossplane for ongoing management and orchestration. Additionally, you could use Upbound's Terraform Provider to use Terraform configurations within Crossplane, marrying the convenience of Terraform's HCL with Crossplane's advanced features like automatic drift correction and composition. You could even take that convenience to the next level by using the Equinix providers mentioned above to combine the benefits of Terraform and Crossplane and build a customized end-to-end platform on a dedicated cloud. The possibilities are endless!

Published on

14 March 2024

Category