CRD creation


Will it possible to create CRD from existing kubernetes resource definition. example create new kind: plugin similar to kind: deployment .

All object in the kind: deployment shall be supported in Kind: plugin.

Jebin J

Not from what I can tell, doesn’t meant there isn’t a way to do it though. You’re thinking of something like object inheritance right?

Yes we need object inheritance
our request is we need to create a new resource similar to kind: Job but this resource scheduled by custom controller.

Ya I can’t find any reference in the Docs, but I haven’t gone down the CRD rabbit while quite yet so I might have missed something.

You may want to drop in on the #sig-api-machinery channel in the k8s slack. They might be able to give you a more direct answer or point you in the right direction.

Thanks @macintoshprime.

I didn’t get any answer from k8s slack. In other way how to get kubernetes resource spec ? ( Something like kubectl get crd pulgin -o yaml)

You’re trying to get the definition of what Kind: Job is?

yes @macintoshprime. I’m trying to get the definition of Kind: Job.

Are you looking for this?

Or did I misunderstood something?

Also, you can get something similar with kubectl explain, if it helps too :slight_smile:

Ok yeah so I took a quick look and I can’t think of anything outside of looking at the source code for that kind of info on the base structure of objects.

Maybe you’d be looking at something that fits the Operator model or something else. What is it exactly that you are trying to accomplish with the new CRD?

Hi @macintoshprime

We are trying to implement a new controller to manage secrets and change system account (db admin passwords) password periodically.

To change db password controller will trigger one job and object for the job will get it from now CRD.

To reduce complexity I am thinking whichever object supposed in the job shall be supported in new crd ( this case controller just change the new kind to job is sufficient )

We are not using kind: job directly because we don’t want to schedule this resource during resource creation instead controller will decide when to change password and that time it will trigger

Have you looked at solutions like Vault, Conjur, or secretless for secret management?

Hi @macintoshprime

We evaluated vault and it will not fit our all use case. Other two I will check now

You may very well be in an edge that those don’t cover. Don’t want to see you having to roll your own if something out there already exists that does what you need.