Yury Tsarev, Upbound��Steven Borrelli, Upbound
Resilient Multiregion
Global Control Planes
With Crossplane
and K8GB
Building A Global Platform
Platform
Region b
Region A
End users
App Devs
Platform
Engineers
App
CI/CD
consume
push
manage
Platform API
provision
Cloud Infra
K8
Apps
Goals
Run workloads and infra provisioning across two clusters
Active/Passive Control Planes with automated failover
Use app health status to determine active cluster
Automatically update DNS for failover�
Core Technology
Global Load Balancer
Universal Control Plane
Cluster A
High-Level Architecture
Crossplane NS
providers
functions
App NS
K8GB NS
coredns
external-dns
k8gb
ō
Cluster B
Crossplane NS
providers
functions
App NS
1. dns lookup
shared app cache
K8gb providers
2. Zone delegation
K8GB NS
coredns
external-dns
k8gb
Crossplane
Universal Control Plane built on Kubernetes
Models Every Resource as a CRD
Extended by Providers and Functions
v2 (August) native app support
Crossplane
CRDs Model APIs
Functions Create Desired State
K8GB
🌐 Application resilience across multiple Kubernetes clusters and regions
⚙️ Seamless traffic management with multiple load balancing strategies
🛡️ No single point of failure and no management cluster
🎛️ Simple control with a single Custom Resource
📈 Backed by a community and trusted by enterprises
�
K8GB is architected to run on top of any CNCF-conformant K8s cluster�and Ingress controller, Istio Virtual Service, GatewayAPI is on the roadmap�
✅ Operates in any on-prem, cloud or hybrid scenarios
✅ Supported external DNS providers for full zone delegation automation:
✅ AWS Route53
✅ Azure Public DNS
✅ NS1
✅ Infoblox
✅ Cloudflare
✅ RFC2136 implementations (e.g. Bind/Windows DNS)
K8GB | Integrations
Global Load Balancing Strategies
50% 30% 20%
Round Robin
Weighted�Round Robin
Failover
GeoIP
K8GB | Custom Resource
Demo
Active Cluster
Passive Cluster
❌
Crossplane GlobalApp CRD
apiVersion: example.crossplane.io/v1
kind: GlobalApp
metadata:
name: gslb-kubecon-china
spec:
region: southeastasia # Shared infrastructure region
primaryGeoTag: "cn" # Same primary geo tag for consistent failover
namespace: "demo"
hostname: "globalapp.cloud.example.com"
managementPolicies: ["Observe"] # Initial policy (will be overridden)
autoApplyRecommendedPolicy: true # Automatic GSLB-driven failover
GSLB Object
App Release:�Podinfo
Azure Resource Group�Azure Redis Cache
GlobalApp Composite Creates
Integrating GSLB Health with Crossplane Resources
status:�� health: {}�
if active && healthy: �� managementPolicies: [“*”]
else:
managementPolicies: [“Observe”]
GSLB
Crossplane Function
Managed Resources
Redis Cache
Resource Group
Helm Chart
Ingress
Set
provider-kubernetes
Dynamic
Watch
Demo
managementPolicies:
- “Create”
- “Delete”
- “Observe”
- “Update”
Active Cluster
managementPolicies:
- “Observe”
Passive Cluster
❌
Future Directions
Thank You!