Introducing Spaces: Bring Upbound Managed Control Planes into your own environment

September 5, 2023

Craig D Wilhite

Read time: 5 mins


Today, we are announcing a new feature of Upbound: Spaces. Upbound Spaces allows teams to run their own Upbound managed control planes in any hyperscale cloud provider or data center where compliance or data sovereignty is a concern.

Previously, when users wanted to run Crossplane, they had to spin up an entire Kubernetes cluster per instance of Crossplane and manage its lifecycle. With managed control planes, users can offload that management to Upbound’s software. Now, with Spaces, users can self-host many managed control planes in a single Kubernetes cluster running in their own environment in addition to the Upbound managed environment that we offer today.

It’s been incredible to see the ways customers are building platforms powered by managed control planes on Upbound. Variphy is an analytics platform for Unified Communications who’ve found a lot of value building on Upbound. Dylan Moore, a Principal Engineer at Variphy shared, “By using Upbound, we are able to shift complex cloud-native management and deployment to a highly scalable service rather than trying to manage it all ourselves. Upbound's new self-hosted feature gives us more options for where we deploy managed control planes. This helps us be more efficient while allowing flexibility for future deployment requirements.”

For other users, they want to offload the toil of managing Crossplane at scale to Upbound, but requirements such as compliance and data sovereignty mean they need to run control planes in their own environments instead of as SaaS. Spaces let you extend the Upbound platform into your own environment–whether that’s a cloud account in AWS, Azure, or Google Cloud or an on-prem data center–which provides the data separation needed for certain environments.

Nuno Guedes, cloud compute lead at Millennium bcp shared, “As Portugal’s largest private bank, we invest in the best technologies to provide us with business value while enabling us to adhere to our compliance standards. Upbound helped us to modernize and standardize our workflow backed by control planes, leading our platform team to save thousands of hours yearly, reducing human error and improving compliance and visibility. Upbound Spaces enables us to reach new scale and service continuity targets, while providing a tailored control plane experience to our internal customers.”

Business critical customers can begin using the Spaces feature today. Interested users can get trial access to the feature by contacting Upbound.

The power of managed control planes

At the heart of the Upbound platform is managed control planes. Our managed control planes were built from the ground up for performance, scalability, and full lifecycle management:

  • Lower operational complexity: You no longer have to manage individual Kubernetes clusters to use Crossplane, making it practical for organizations to successfully operate tens–or even hundreds–of control planes. Organize your control planes by team, business unit, or application. You choose.
  • Highly scalable: each managed control plane runs a hyper-optimized Crossplane instance, dynamically scaling resource consumption. Scale to arbitrary sizes with your organization by running many of them.
  • Git integration out of the box: Drive the configuration of your control planes from Git without needing to set up additional tools.

Managed control planes commoditize creating new instances of Crossplane and unlock new ways to build multi-tenant solutions that are highly secure.

Fully managed control planes in your own environment

Think of an Upbound Space as a self-managed slice of the Upbound platform in your own environment, whether that’s a hyperscale cloud provider or on-prem. Spaces supplement our SaaS service by enabling a new deployment option: to have control planes that run in your preferred hosting environment and Upbound’s own SaaS. Spaces let you:

  • Increase scale and cost efficiency by running 50 or more control planes per Kubernetes Cluster instead of just 1.
  • Each control plane configuration is fully managed from git
  • Integrate with Kubernetes ecosystem tooling to manage the full lifecycle of the control planes.

All that’s required to bootstrap a Space is a Kubernetes cluster. Popular managed Kubernetes services including Amazon EKS, Google GKE, and Microsoft AKS are fully supported.

After you bootstrap an Upbound Space into a Kubernetes Cluster, you can use the up CLI or interact with its API directly to create managed control planes in your Space. The control planes’ lifecycles are automatically managed by Upbound software running in the Kubernetes cluster.

Today at launch, we have full support for interacting with a Space using the up CLI. It’s on our roadmap to add the ability to optionally connect a Space back to Upbound’s global SaaS service and Console. This will give you a unified point of control across all your managed control planes. You’ll be able to use the same great control plane explorer views and debugging tools on a managed control plane running in a Space.

Declarative Interfaces

We’re also introducing new declarative interfaces for interacting with resources in Upbound. Customers can use the new Controlplane API to declaratively create new managed control planes. Users can use popular GitOps tools combined with Git to declaratively create new managed control planes. This capability will first be available for control planes running in a Space and make its way back to the broader Upbound platform soon.

Enhanced Git integration

All managed control planes have a single source of truth for their configuration stored in a Git repository. In Upbound, GitHub integration is available out-of-the-box. This enables platform teams to define their control plane’s API definitions and compositions in Git. Upbound handles packaging and deploying the configuration to the managed control plane.

We’re expanding the capabilities of Upbound’s built-in Git integration to support deploying all Crossplane resource types. In addition to deploying XRDs and compositions, you can now deploy “runtime” configurations like ProviderConfigs, EnvironmentConfigs, and more. Control planes also now have a ControlplaneSource property that allows them to source configuration from any Git repository–not just GitHub–provided the version control service offers SSH, BearerToken, Basic, or None as auth methods. This enhancement is available for managed control planes when running in a Space today and will make its way back into the broader Upbound platform soon.

Bring managed control planes into your own Space today

You can get started building with Spaces today. Spaces is a feature of Upbound and available in our business critical tier. A trial is available if you contact Upbound. Head over to Upbound's docs to find the quickstart guides. For pricing and other commercial information, contact Upbound sales.

What to learn more? Watch the livestream on Thursday, September 7 at 8 AM PT, Unveiling Upbound Spaces: Unlock the Power of Managed Control Planes in Your Own Hosted Environment. Register for this webinar September 28 @ 8 AM PT to hear more about why running Upbound Spaces might be right for you, especially if you have rigorous compliance and data sovereignty requirements for your internal developer platforms (IDPs) and cloud-native Infrastructure-as-Code (IaC)!

Subscribe to the Upbound Newsletter