GitOps your cloud infrastructure with Crossplane and Argo CD
- Kaur Kallas
- Platform Engineering
- September 15, 2024
Table of Contents
Most teams already deploy their applications with GitOps: the desired state lives in Git, and a controller like Argo CD reconciles the cluster to match. So why is the infrastructure underneath those apps still provisioned by someone running Terraform from a laptop — or worse, clicking around a cloud console at 2am?
That gap is what Crossplane closes. It turns your Kubernetes cluster into a control plane for infrastructure — databases, buckets, networks, even whole clusters — represented as ordinary Kubernetes objects. And once a piece of infrastructure is just another Kubernetes resource, Argo CD manages it exactly like it manages a Deployment: same Git, same reconciliation, same audit trail.
The shape of the setup
- Providers teach Crossplane how to talk to a cloud or service — AWS, GCP, Azure, and plenty beyond them. Mix them in one cluster and you’re managing multi-cloud from a single control plane.
- Compositions are the real unlock: you bundle a pile of low-level resources behind a higher-level, opinionated API. Instead of twelve AWS objects, a developer asks for one
PlatformDatabase— encrypted, backed up and sized to your standards, because you defined what that means. - Argo CD watches Git and applies the manifests, so a pull request is the infrastructure change.
Put it together and a developer opens a PR for a database, a reviewer approves it, and a few minutes later it exists — no privileged credentials handed out, no ticket queue, and the whole thing recorded in Git.
Why I reach for it
- One workflow. App and infra changes flow through the same review, pipeline and reconciler. Fewer tools to babysit, less context-switching.
- A platform API, not a ticket queue. Compositions give teams a paved road — they self-serve what they need, and you keep control of how it’s actually built. That catalogue of golden paths is exactly what later makes an internal developer platform worth having.
- Drift correction for free. Change a managed resource out of band and Crossplane pulls it back to the declared state — the same property that makes GitOps for apps so calming.
It isn’t free of sharp edges. Compositions take real thought to design well, and you’re now running a control plane you have to operate and upgrade. But for a team already living in Kubernetes, treating infrastructure as just more Kubernetes objects is a genuinely powerful simplification — and it’s the foundation that makes everything above it, from self-service to promotion pipelines, possible.
The Crossplane guide to Argo CD integration is a good next stop. Or get in touch — this is the kind of platform foundation I build every day.