Application Platform with Crossplane and Shipa

A New Control Plane

Crossplane is an open-source project that lets you turn a Kubernetes cluster into a control plane. 

Crossplane lets you interact with your cloud provider API from a Kubernetes cluster, enabling you to create cloud resources required by your applications, such as databases or other resources supported by Crossplane for different cloud providers.

I have seen platform engineering teams leverage Crossplane to define boundaries or help their developers create and deploy their applications, reducing the need to deal with the underlying infrastructure complexity imposed by Kubernetes.

Application Management

While leveraging Crossplane to abstract the deployment of resources into your cluster is great, most teams are still exploring ways to help application owners, SREs, or anyone involved in the application management to understand things such as: 

  • Who owns the application
  • The application object dependencies
  • Health, status, and logs for the application
  • The other services the application communicates with
  • How secure the application is
  • Historical events of the application

As you scale the number of applications, teams, services, and clusters you onboard, answering the questions above can get pretty overwhelming.

Suppose you get paged during the day because one of the applications is not working correctly. The lack of visibility over the items above can impact application support time, hurt the end-user experience, and increase support complexity.

Another common scenario is when onboarding new members to your teams, be it SRE, DevOps, Platform, or Development. Clear visibility over the items above will help them hit the ground running and deliver value faster.

Developer Platform

By combining Shipa with your Crossplane implementation, your team can immediately address the items above.

Connecting Shipa to a namespace and cluster where Crossplane is deploying your applications will surface all applications deployed in that namespace, their dependencies, health status, and more:

Shipa leverages the labels defined in your Crossplane definitions to discover and surface your applications.

You can create multiple Frameworks to address scenarios such as different environments, teams, services, and more. Shipa will centralize all information into a centralized developer platform when you connect these frameworks to one or multiple clusters.

This approach will make it easier for anyone involved in the application management to support their applications.

Addressing Security

Since Shipa uses Frameworks to implement policies when you connect a framework to a namespace and cluster, Shipa will verify and flag any application deployed by Crossplane that does not follow the security requirements you might have:

This lets you quickly see how applications comply or violate security across various domains, such as registry control, network policy, resource consumption, etc.


The combination of Crossplane and Shipa enables you to drive automation while allowing application owners to manage their services and teams to make sure applications and environments are secure.