No longer automatically register CustomResourceDefinition

README.md

@@ -31,7 +31,33 @@ namespaces.
 
 ### 0. Pre-requisites
 
-* Kubernetes cluster with CustomResourceDefinitions enabled (1.7+) (see [#49](https://github.com/jetstack-experimental/cert-manager/issues/49))
+* Kubernetes cluster with CustomResourceDefinitions or ThirdPartyResource
+support
+
+cert-manager uses custom resources/third party resources to represent
+Certificates and Issuers. In order for cert-manager to do this, we must
+register our custom API types with the Kubernetes API server. How we do this
+varies slightly from Kubernetes 1.7 onwards:
+
+#### Kubernetes 1.7 and later
+
+Kubernetes 1.7 introduced [CustomResourceDefinitions](https://kubernetes.io/docs/concepts/api-extension/custom-resources/).
+A pre-made CRD for cert-manager is in `docs/crd.yaml`. We can install it with:
+
+```
+$ kubectl create -f https://raw.githubusercontent.com/jetstack-experimental/cert-manager/master/docs/crd.yaml
+```
+
+#### Kubernetes 1.6 and below
+
+As Kubernetes 1.6 does not support CustomResourceDefinitions, we must instead
+use ThirdPartyResources, the older, now deprecated version of
+CustomResourceDefinition. A pre-made TPR for cert-manager is in
+`docs/tpr.yaml`. We can install it with:
+
+```
+$ kubectl create -f https://raw.githubusercontent.com/jetstack-experimental/cert-manager/master/docs/tpr.yaml
+```
 
 ### 1. Deploy cert-manager
 

cmd/controller/crd.go

@@ -1,70 +0,0 @@
-package main
-
-import (
-	"fmt"
-	"log"
-	"time"
-
-	apiextensionsv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
-	apiextensionsclient "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset"
-	apiErrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/util/errors"
-	"k8s.io/apimachinery/pkg/util/wait"
-)
-
-func CreateCustomResourceDefinition(clientset apiextensionsclient.Interface, name, groupName, version, plural, kind string) (*apiextensionsv1beta1.CustomResourceDefinition, error) {
-	crd := &apiextensionsv1beta1.CustomResourceDefinition{
-		ObjectMeta: metav1.ObjectMeta{
-			Name: name,
-		},
-		Spec: apiextensionsv1beta1.CustomResourceDefinitionSpec{
-			Group:   groupName,
-			Version: version,
-			Scope:   apiextensionsv1beta1.NamespaceScoped,
-			Names: apiextensionsv1beta1.CustomResourceDefinitionNames{
-				Plural: plural,
-				Kind:   kind,
-			},
-		},
-	}
-	crd, err := clientset.ApiextensionsV1beta1().CustomResourceDefinitions().Create(crd)
-	if err != nil {
-		if apiErrors.IsAlreadyExists(err) {
-			return crd, nil
-		}
-		return nil, err
-	}
-
-	// wait for CRD being established
-	err = wait.Poll(500*time.Millisecond, 60*time.Second, func() (bool, error) {
-		crd, err = clientset.ApiextensionsV1beta1().CustomResourceDefinitions().Get(name, metav1.GetOptions{})
-		if err != nil {
-			return false, err
-		}
-		for _, cond := range crd.Status.Conditions {
-			switch cond.Type {
-			case apiextensionsv1beta1.Established:
-				if cond.Status == apiextensionsv1beta1.ConditionTrue {
-					return true, err
-				}
-			case apiextensionsv1beta1.NamesAccepted:
-				if cond.Status == apiextensionsv1beta1.ConditionFalse {
-					fmt.Printf("Name conflict: %v\n", cond.Reason)
-				}
-			}
-		}
-		return false, err
-	})
-
-	if err != nil {
-		deleteErr := clientset.ApiextensionsV1beta1().CustomResourceDefinitions().Delete(name, nil)
-		if deleteErr != nil {
-			return nil, errors.NewAggregate([]error{err, deleteErr})
-		}
-		return nil, err
-	}
-
-	log.Printf("Registered CustomResourceDefinition for apiVersion=%s/%s kind=%s", groupName, version, kind)
-	return crd, nil
-}

cmd/controller/main.go

@@ -21,7 +21,6 @@ import (
 	"fmt"
 	"time"
 
-	apiextensionsclient "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset"
 	"k8s.io/client-go/informers"
 	"k8s.io/client-go/kubernetes"
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
@@ -54,10 +53,6 @@ func main() {
 		log.Fatalf("error getting in-cluster config: %s", err.Error())
 	}
 
-	if err := registerCRDResources(cfg); err != nil {
-		log.Fatalf("error registering custom resource definition with API server: %s", err.Error())
-	}
-
 	cl, err := kubernetes.NewForConfig(cfg)
 
 	if err != nil {
@@ -123,20 +118,3 @@ func kubeConfig(apiServerHost string) (*rest.Config, error) {
 
 	return cfg, nil
 }
-
-func registerCRDResources(config *rest.Config) error {
-	apiextensionsclientset, err := apiextensionsclient.NewForConfig(config)
-	if err != nil {
-		return err
-	}
-
-	if _, err := CreateCustomResourceDefinition(apiextensionsclientset, "certificates.certmanager.k8s.io", "certmanager.k8s.io", "v1alpha1", "certificates", "Certificate"); err != nil {
-		return err
-	}
-
-	if _, err := CreateCustomResourceDefinition(apiextensionsclientset, "issuers.certmanager.k8s.io", "certmanager.k8s.io", "v1alpha1", "issuers", "Issuer"); err != nil {
-		return err
-	}
-
-	return nil
-}

docs/tpr.yaml

@@ -0,0 +1,15 @@
+apiVersion: extensions/v1beta1
+kind: ThirdPartyResource
+metadata:
+  name: certificate.certmanager.k8s.io
+description: "A specification for a cert-manager certificate"
+versions:
+- name: v1alpha1
+---
+apiVersion: extensions/v1beta1
+kind: ThirdPartyResource
+metadata:
+  name: issuer.certmanager.k8s.io
+description: "A specification for a cert-manager issuer"
+versions:
+- name: v1alpha1