Crossplane¶
By enabling this toolset, HolmesGPT will be able to troubleshoot Crossplane-managed infrastructure by inspecting providers, compositions, claims, composite resources, and managed resources across the full resource hierarchy.
Prerequisites¶
Crossplane must be installed on your Kubernetes cluster. HolmesGPT uses kubectl to query Crossplane custom resources, so no additional CLI tools are required.
HolmesGPT needs read access to Crossplane CRDs. If you use Kubernetes RBAC, ensure the service account has permissions to get and list the following API groups:
# Add to your ClusterRole
- apiGroups: ["pkg.crossplane.io"]
resources: ["providers", "providerrevisions"]
verbs: ["get", "list"]
- apiGroups: ["apiextensions.crossplane.io"]
resources: ["compositeresourcedefinitions", "compositions"]
verbs: ["get", "list"]
# For managed resources, add the specific API groups used by your providers.
# Example for AWS provider:
- apiGroups: ["s3.aws.upbound.io", "rds.aws.upbound.io", "ec2.aws.upbound.io"]
resources: ["*"]
verbs: ["get", "list"]
Configuration¶
Add the following to ~/.holmes/config.yaml:
After making changes to your configuration, run:
To test, run:
holmes:
customClusterRoleRules:
- apiGroups: ["pkg.crossplane.io"]
resources: ["providers", "providerrevisions"]
verbs: ["get", "list"]
- apiGroups: ["apiextensions.crossplane.io"]
resources: ["compositeresourcedefinitions", "compositions"]
verbs: ["get", "list"]
toolsets:
crossplane/core:
enabled: true
Update your Helm values and run a Helm upgrade: