search

kubernetes / sample-controller

Repository for sample controller. Complements sample-apiserver
Apache License 2.0
3.15k stars 1.08k forks source link

Go client of one crd. #15

Closed hochuenw closed 6 years ago

hochuenw commented 6 years ago

Is there a way to use go client to create one crd after this line kubectl create -f artifacts/examples/crd.yaml?

nikhita commented 6 years ago

go client to create one crd

Do you mean how you can create a CRD programatically using a Go client?

You can use the apiextensions client - https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/customresourcedefinition.go.

Here is an example on how to use it: https://github.com/kubernetes/kube-deploy/blob/6fd78203fdd2fde0069b8e0f63788f8e7fd63c52/cluster-api/api/cluster/v1alpha1/crd.go#L25-L73.

However, in general, we do not suggest creating a CRD in this way (also the reason why sample-controller doesn't do this). Creating CRDs is not a permission you regularly want to grant to a controller. Instead, it's better for the admin to do it at the time of deploy so you don’t have to grant more privileges to the controller executable than it actually needs.

hochuenw commented 6 years ago

Hi nikhita, I mean after crd is registered in k8s (e.g. kubectl create -f artifacts/examples/crd.yaml), how to run a crd instance in go instead of kubectl create -f artifacts/examples/example-foo.yaml. It seems possible to use a k8s dynamic client and Unstructured type?

krmayankk commented 6 years ago

@nikhita why is this not recommended to do creation using the client ? We are internally using the extensions client to do this in an automated way . Also How do you block this ?

nikhita commented 6 years ago

how to run a crd instance in go instead of kubectl create -f artifacts/examples/example-foo.yaml. It seems possible to use a k8s dynamic client and Unstructured type?

@hochuenw You can use a typed client i.e. client generated from code-generator and use the Create() method - https://github.com/kubernetes/sample-controller/blob/master/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/foo.go#L99.

Also, the sample-controller uses the Update method (https://github.com/kubernetes/sample-controller/blob/master/controller.go#L334) so you can probably use that as a reference.

nikhita commented 6 years ago

@nikhita why is this not recommended to do creation using the client ?

@krmayankk Creating a CRD is a privileged operation. If you are creating the CRD using the controller, it means your controller has privileged permissions - which isn't really necessary and can be avoided.

Also How do you block this ?

Sorry, I am not sure I follow the question. How to block what?