diff --git a/README.md b/README.md
index 9199101b5..a43b5ecbc 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ The MySQL Operator provides the following core features:
 
 ## Requirements
 
- * Kubernetes 1.7.0 +
+ * Kubernetes 1.8.0 +
 
 ## Contributing
 
diff --git a/cmd/mysql-operator/app/mysql_operator.go b/cmd/mysql-operator/app/mysql_operator.go
index db8055df4..9d7a0ae90 100644
--- a/cmd/mysql-operator/app/mysql_operator.go
+++ b/cmd/mysql-operator/app/mysql_operator.go
@@ -73,11 +73,6 @@ func Run(s *options.MySQLOperatorServer) error {
 	kubeClient := kubernetes.NewForConfigOrDie(kubeconfig)
 	mysqlopClient := mysqlop.NewForConfigOrDie(kubeconfig)
 
-	serverVersion, err := kubeClient.Discovery().ServerVersion()
-	if err != nil {
-		glog.Fatalf("Failed to discover Kubernetes API server version: %v", err)
-	}
-
 	// Shared informers (non namespace specific).
 	operatorInformerFactory := informers.NewFilteredSharedInformerFactory(mysqlopClient, resyncPeriod(s)(), s.Namespace, nil)
 	kubeInformerFactory := kubeinformers.NewFilteredSharedInformerFactory(kubeClient, resyncPeriod(s)(), s.Namespace, nil)
@@ -88,12 +83,10 @@ func Run(s *options.MySQLOperatorServer) error {
 		*s,
 		mysqlopClient,
 		kubeClient,
-		serverVersion,
 		operatorInformerFactory.Mysql().V1().MySQLClusters(),
 		kubeInformerFactory.Apps().V1beta1().StatefulSets(),
 		kubeInformerFactory.Core().V1().Pods(),
 		kubeInformerFactory.Core().V1().Services(),
-		kubeInformerFactory.Core().V1().ConfigMaps(),
 		30*time.Second,
 		s.Namespace,
 	)
diff --git a/contrib/manifests/rbac.yaml b/contrib/manifests/rbac.yaml
index ea7973dd0..a00f491c9 100644
--- a/contrib/manifests/rbac.yaml
+++ b/contrib/manifests/rbac.yaml
@@ -3,45 +3,141 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: mysql-operator
+
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: mysql-agent
+
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRole
+kind: Role
 metadata:
   name: mysql-operator
 rules:
   - apiGroups:
-    - "*"
+    - ""
     resources:
-    - "*"
+    - pods
     verbs:
-    - "*"
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups:
+    - ""
+    resources:
+    - secrets
+    verbs:
+    - create
+
+  - apiGroups:
+    - ""
+    resources:
+    - services
+    verbs:
+    - create
+    - get
+    - list
+    - watch
+
+  - apiGroups:
+    - apps
+    resources:
+    - statefulsets
+    verbs:
+    - create
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups:
+    - mysql.oracle.com
+    resources:
+    - mysqlbackups
+    - mysqlbackupschedules
+    - mysqlclusters
+    - mysqlrestores
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups:
+    - mysql.oracle.com
+    resources:
+    - mysqlbackups
+    verbs:
+    - create
+
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRoleBinding
+kind: ClusterRole
+metadata:
+  name: mysql-agent
+rules:
+  - apiGroups:
+    - ""
+    resources:
+    - pods
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups:
+    - ""
+    resources:
+    - secrets
+    verbs:
+    - get
+
+  - apiGroups:
+    - mysql.oracle.com
+    resources:
+    - mysqlbackups
+    - mysqlbackupschedules
+    - mysqlclusters
+    - mysqlrestores
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: RoleBinding
 metadata:
   name: mysql-operator
 roleRef:
   apiGroup: rbac.authorization.k8s.io
-  kind:  ClusterRole
+  kind:  Role
   name: mysql-operator
 subjects:
 - kind: ServiceAccount
   name: mysql-operator
   namespace: <NAMESPACE>
+
 ---
-kind: ClusterRoleBinding
+kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: mysql-agent
 roleRef:
   apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: mysql-operator
+  kind: Role
+  name: mysql-agent
 subjects:
 - kind: ServiceAccount
   name: mysql-agent
diff --git a/docs/tutorial.md b/docs/tutorial.md
index e203a2dd8..d74396cb0 100644
--- a/docs/tutorial.md
+++ b/docs/tutorial.md
@@ -47,10 +47,10 @@ To install the chart in a cluster without RBAC with the release name `my-release
 $ helm install --name my-release mysql-operator
 ```
 
-If your cluster has RBAC enabled then you will need to run:
+If your cluster has RBAC disabled then you will need to run:
 
 ```console
-$ helm install --name my-release mysql-operator --set rbac.enabled=true
+$ helm install --name my-release mysql-operator --set rbac.enabled=false
 ```
 
 The above command deploys the MySQL Operator on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
@@ -73,11 +73,38 @@ The following tables lists the configurable parameters of the MySQL-operator cha
 
 Parameter | Description | Default
 --------- | ----------- | -------
-`rbac.enabled` | If true, enables RBAC | `false`
+`rbac.enabled` | If true, enables RBAC | `true`
 `operator.namespace` | Controls the namespace in which the operator is deployed | `mysql-operator`
 
 ## Create a simple MySQL cluster
 
+The first time you create a MySQL Cluster in a namespace you need to create the
+`mysql-agent` ServiceAccount and RoleBinding in that namespace:
+
+```bash
+$ cat <<EOF | kubectl create -f -
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: mysql-agent
+  namespace: my-namespace
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: mysql-agent
+  namespace: my-namespace
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: mysql-agent
+subjects:
+- kind: ServiceAccount
+  name: mysql-agent
+  namespace: my-namespace
+EOF
+```
+
 Now let's create a new MySQL cluster. Create a cluster.yaml file with the following contents
 
 ```yaml
diff --git a/mysql-operator/templates/02-rbac.yaml b/mysql-operator/templates/02-rbac.yaml
index 4a9dfa428..31e49238c 100644
--- a/mysql-operator/templates/02-rbac.yaml
+++ b/mysql-operator/templates/02-rbac.yaml
@@ -4,12 +4,14 @@ kind: ServiceAccount
 metadata:
   name: mysql-operator
   namespace: {{ if .Values.operator.global }}mysql-operator{{ else }}{{ .Values.operator.namespace}}{{ end }}
+
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: mysql-agent
   namespace: {{ if .Values.operator.global }}default{{ else }}{{ .Values.operator.namespace}}{{ end }}
+
 ---
 {{- if .Values.rbac.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1beta1
@@ -19,14 +21,108 @@ metadata:
   namespace: {{ .Values.operator.namespace}}{{ end }}
 rules:
   - apiGroups:
-    - "*"
+    - ""
     resources:
-    - "*"
+    - pods
     verbs:
-    - "*"
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups:
+    - ""
+    resources:
+    - secrets
+    verbs:
+    - create
+
+  - apiGroups:
+    - ""
+    resources:
+    - services
+    verbs:
+    - create
+    - get
+    - list
+    - watch
+
+  - apiGroups:
+    - apps
+    resources:
+    - statefulsets
+    verbs:
+    - create
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups:
+    - mysql.oracle.com
+    resources:
+    - mysqlbackups
+    - mysqlbackupschedules
+    - mysqlclusters
+    - mysqlrestores
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups:
+    - mysql.oracle.com
+    resources:
+    - mysqlbackups
+    verbs:
+    - create
+
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: {{ if .Values.operator.global }}Cluster{{ end }}RoleBinding
+kind: {{ if .Values.operator.global }}Cluster{{ end }}Role
+metadata:
+  name: mysql-agent{{ if .Values.operator.global }}{{ else}}
+  namespace: {{ .Values.operator.namespace}}{{ end }}
+rules:
+  - apiGroups:
+    - ""
+    resources:
+    - pods
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups:
+    - ""
+    resources:
+    - secrets
+    verbs:
+    - get
+
+  - apiGroups:
+    - mysql.oracle.com
+    resources:
+    - mysqlbackups
+    - mysqlbackupschedules
+    - mysqlclusters
+    - mysqlrestores
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind:  {{ if .Values.operator.global }}Cluster{{ end }}RoleBinding
 metadata:
   name: mysql-operator
   namespace: {{ .Values.operator.namespace}}
@@ -38,18 +134,19 @@ subjects:
 - kind: ServiceAccount
   name: mysql-operator
   namespace: {{ .Values.operator.namespace }}
+
 ---
-kind: {{ if .Values.operator.global }}Cluster{{ end }}RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
+kind:  {{ if .Values.operator.global }}Cluster{{ end }}RoleBinding
 metadata:
   name: mysql-agent
-  namespace: {{ if .Values.operator.global }}default{{ else }}{{ .Values.operator.namespace }}{{ end }}
+  namespace: {{ .Values.operator.namespace}}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
-  kind: {{ if .Values.operator.global }}Cluster{{ end }}Role
-  name: mysql-operator
+  kind:  {{ if .Values.operator.global }}Cluster{{ end }}Role
+  name: mysql-agent
 subjects:
 - kind: ServiceAccount
   name: mysql-agent
-  namespace: {{ if .Values.operator.global }}default{{ else }}{{ .Values.operator.namespace }}{{ end }}
+  namespace: {{ .Values.operator.namespace }}
 {{- end }}
diff --git a/mysql-operator/values.yaml b/mysql-operator/values.yaml
index 23db571ba..07c22d703 100644
--- a/mysql-operator/values.yaml
+++ b/mysql-operator/values.yaml
@@ -1,5 +1,5 @@
 rbac:
-  enabled: false
+  enabled: true
 operator:
   namespace: mysql-operator
   global: true
diff --git a/pkg/controllers/cluster/config_control.go b/pkg/controllers/cluster/config_control.go
index be2e71a95..c22c39fdd 100644
--- a/pkg/controllers/cluster/config_control.go
+++ b/pkg/controllers/cluster/config_control.go
@@ -16,39 +16,27 @@ package cluster
 
 import (
 	"k8s.io/api/core/v1"
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/client-go/kubernetes"
-	corelisters "k8s.io/client-go/listers/core/v1"
 )
 
 // ConfigMapControlInterface defines the interface that the
-// MySQLClusterController uses to create, update, and delete Configmap. It
-// is implemented as an interface to enable testing.
+// MySQLClusterController uses to create Configmaps. It is implemented as an
+// interface to enable testing.
 type ConfigMapControlInterface interface {
 	CreateConfigMap(c *v1.ConfigMap) error
-	DeleteConfigMap(c *v1.ConfigMap) error
 }
 
 type realConfigMapControl struct {
-	client          kubernetes.Interface
-	configMapLister corelisters.ConfigMapLister
+	client kubernetes.Interface
 }
 
 // NewRealConfigMapControl creates a concrete implementation of the
 // ConfigMapControlInterface.
-func NewRealConfigMapControl(client kubernetes.Interface, ConfigMapLister corelisters.ConfigMapLister) ConfigMapControlInterface {
-	return &realConfigMapControl{client: client, configMapLister: ConfigMapLister}
+func NewRealConfigMapControl(client kubernetes.Interface) ConfigMapControlInterface {
+	return &realConfigMapControl{client: client}
 }
 
 func (rsc *realConfigMapControl) CreateConfigMap(c *v1.ConfigMap) error {
 	_, err := rsc.client.CoreV1().ConfigMaps(c.Namespace).Create(c)
 	return err
 }
-
-func (rsc *realConfigMapControl) DeleteConfigMap(c *v1.ConfigMap) error {
-	err := rsc.client.CoreV1().ConfigMaps(c.Namespace).Delete(c.Name, nil)
-	if apierrors.IsNotFound(err) {
-		return nil
-	}
-	return err
-}
diff --git a/pkg/controllers/cluster/controller.go b/pkg/controllers/cluster/controller.go
index 06741008e..f17560c80 100644
--- a/pkg/controllers/cluster/controller.go
+++ b/pkg/controllers/cluster/controller.go
@@ -17,7 +17,6 @@ package cluster
 import (
 	"context"
 	"fmt"
-	"strconv"
 	"time"
 
 	apps "k8s.io/api/apps/v1beta1"
@@ -25,9 +24,9 @@ import (
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	labels "k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apimachinery/pkg/types"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	wait "k8s.io/apimachinery/pkg/util/wait"
-	version "k8s.io/apimachinery/pkg/version"
 	appsinformers "k8s.io/client-go/informers/apps/v1beta1"
 	coreinformers "k8s.io/client-go/informers/core/v1"
 	kubernetes "k8s.io/client-go/kubernetes"
@@ -131,25 +130,9 @@ type MySQLController struct {
 	// secretControl enables control of Services associated with MySQLClusters.
 	secretControl SecretControlInterface
 
-	// apiServerVersion holds version information about the Kubernetes API
-	// server of the current cluster.
-	apiServerVersion *version.Info
-
 	// recorder is an event recorder for recording Event resources to the
 	// Kubernetes API.
 	recorder record.EventRecorder
-
-	//configControl enables control of the config associated with MySQLClusters.
-	// TODO: 'configMapControl' would be more consistent?
-	configControl ConfigMapControlInterface
-
-	// configMapLister is able to list/get ConfigMaps from a shared
-	// informer's store.
-	configMapLister corelisters.ConfigMapLister
-
-	// configMapListerSynced returns true if the ConfigMap shared informer
-	// has synced at least once.
-	configMapListerSynced cache.InformerSynced
 }
 
 // NewController creates a new MySQLController.
@@ -157,12 +140,10 @@ func NewController(
 	opConfig options.MySQLOperatorServer,
 	opClient mysqlop.Interface,
 	kubeClient kubernetes.Interface,
-	apiServerVersion *version.Info,
 	clusterInformer opinformers.MySQLClusterInformer,
 	statefulSetInformer appsinformers.StatefulSetInformer,
 	podInformer coreinformers.PodInformer,
 	serviceInformer coreinformers.ServiceInformer,
-	configMapInformer coreinformers.ConfigMapInformer,
 	resyncPeriod time.Duration,
 	namespace string,
 ) *MySQLController {
@@ -199,9 +180,8 @@ func NewController(
 
 		secretControl: NewRealSecretControl(kubeClient),
 
-		queue:            workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "mysqlcluster"),
-		apiServerVersion: apiServerVersion,
-		recorder:         recorder,
+		queue:    workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "mysqlcluster"),
+		recorder: recorder,
 	}
 
 	clusterInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
@@ -210,14 +190,6 @@ func NewController(
 			m.enqueueCluster(new)
 		},
 		DeleteFunc: func(obj interface{}) {
-			major, _ := strconv.Atoi(m.apiServerVersion.Major)
-			minor, _ := strconv.Atoi(m.apiServerVersion.Minor)
-			if major <= 1 && minor <= 7 {
-				if err := m.deleteClusterResources(obj); err != nil {
-					utilruntime.HandleError(fmt.Errorf("Failed to delete cluster resources: %v", err))
-				}
-			}
-
 			cluster, ok := obj.(*api.MySQLCluster)
 			if ok {
 				m.onClusterDeleted(cluster.Name)
@@ -246,9 +218,6 @@ func NewController(
 		DeleteFunc: m.handleObject,
 	})
 
-	m.configMapLister = configMapInformer.Lister()
-	m.configMapListerSynced = statefulSetInformer.Informer().HasSynced
-	m.configControl = NewRealConfigMapControl(kubeClient, m.configMapLister)
 	return &m
 }
 
@@ -268,8 +237,7 @@ func (m *MySQLController) Run(ctx context.Context, threadiness int) {
 		m.clusterListerSynced,
 		m.statefulSetListerSynced,
 		m.podListerSynced,
-		m.serviceListerSynced,
-		m.configMapListerSynced) {
+		m.serviceListerSynced) {
 		return
 	}
 
@@ -335,22 +303,22 @@ func (m *MySQLController) syncHandler(key string) error {
 		return nil
 	}
 
+	nsName := types.NamespacedName{Namespace: namespace, Name: name}
+
 	// Get the MySQLCluster resource with this namespace/name.
 	cluster, err := m.clusterLister.MySQLClusters(namespace).Get(name)
 	if err != nil {
-		// The MySQLCluster resource may no longer exist, in which case we stop
-		// processing.
+		// The MySQLCluster resource may no longer exist, in which case we stop processing.
 		if apierrors.IsNotFound(err) {
 			utilruntime.HandleError(fmt.Errorf("mysqlcluster '%s' in work queue no longer exists", key))
 			return nil
 		}
-
 		return err
 	}
 
 	cluster.EnsureDefaults()
 	if err = cluster.Validate(); err != nil {
-		return err
+		return errors.Wrap(err, "validating MySQLCluster")
 	}
 
 	operatorVersion := buildversion.GetBuildVersion()
@@ -366,26 +334,18 @@ func (m *MySQLController) syncHandler(key string) error {
 		return m.clusterUpdater.UpdateClusterLabels(cluster.DeepCopy(), labels.Set(cluster.Labels))
 	}
 
-	// Create a MySQL root password secret for the cluster if required and one
-	// does not already exist.
+	// Create a MySQL root password secret for the cluster if required.
 	if cluster.RequiresSecret() {
-		_, err := m.secretControl.GetForCluster(cluster)
-		if apierrors.IsNotFound(err) {
-			glog.V(2).Infof("Creating a new root password Secret for cluster %s/%s", cluster.Namespace, cluster.Name)
-			err = m.secretControl.CreateSecret(secrets.NewMysqlRootPassword(cluster))
-		}
-		if err != nil {
-			return errors.Wrap(err, fmt.Sprintf("could not get secrets from cluster '%s/%s'", cluster.Namespace, cluster.Name))
+		err = m.secretControl.CreateSecret(secrets.NewMysqlRootPassword(cluster))
+		if err != nil && !apierrors.IsAlreadyExists(err) {
+			return errors.Wrap(err, "creating root password Secret")
 		}
 	}
 
-	// TODO: Should create shared getter method in resources/services.
-
 	svc, err := m.serviceLister.Services(cluster.Namespace).Get(cluster.Name)
 	// If the resource doesn't exist, we'll create it
 	if apierrors.IsNotFound(err) {
-		glog.V(2).Infof("Creating a new Service for cluster %s/%s", cluster.Namespace, cluster.Name)
-
+		glog.V(2).Infof("Creating a new Service for cluster %q", nsName)
 		svc = services.NewForCluster(cluster)
 		err = m.serviceControl.CreateService(svc)
 	}
@@ -405,12 +365,10 @@ func (m *MySQLController) syncHandler(key string) error {
 		return errors.New(msg)
 	}
 
-	// TODO: Should create shared getter method in resources/statefulsets.
-
 	ss, err := m.statefulSetLister.StatefulSets(cluster.Namespace).Get(cluster.Name)
 	// If the resource doesn't exist, we'll create it
 	if apierrors.IsNotFound(err) {
-		glog.V(2).Infof("Creating a new StatefulSet for cluster %s/%s", cluster.Namespace, cluster.Name)
+		glog.V(2).Infof("Creating a new StatefulSet for cluster %q", nsName)
 		ss = statefulsets.NewForCluster(cluster, m.opConfig.Images, svc.Name)
 		err = m.statefulSetControl.CreateStatefulSet(ss)
 	}
@@ -441,13 +399,12 @@ func (m *MySQLController) syncHandler(key string) error {
 	// StatefulSet resource.
 	if cluster.Spec.Replicas != *ss.Spec.Replicas {
 		glog.V(4).Infof("Updating %q: clusterReplicas=%d statefulSetReplicas=%d",
-			cluster.Spec.Replicas, ss.Spec.Replicas)
+			nsName, cluster.Spec.Replicas, ss.Spec.Replicas)
+		old := ss.DeepCopy()
 		ss = statefulsets.NewForCluster(cluster, m.opConfig.Images, svc.Name)
-		ss, err = m.kubeClient.AppsV1beta1().StatefulSets(cluster.Namespace).Update(ss)
-		// If an error occurs during Update, we'll requeue the item so we can
-		// attempt processing again later. This could have been caused by a
-		// temporary network failure, or any other transient reason.
-		if err != nil {
+		if err := m.statefulSetControl.Patch(old, ss); err != nil {
+			// Requeue the item so we can attempt processing again later.
+			// This could have been caused by a temporary network failure etc.
 			return err
 		}
 	}
@@ -483,7 +440,7 @@ func (m *MySQLController) ensureMySQLOperatorVersion(c *api.MySQLCluster, ss *ap
 	if requiresMySQLAgentStatefulSetUpgrade(ss, container, operatorVersion) {
 		glog.Infof("Upgrading cluster statefulset '%s/%s' to latest operator version: %s", ss.Namespace, ss.Name, operatorVersion)
 		updated := updateStatefulSetToOperatorVersion(ss.DeepCopy(), m.opConfig.Images.MySQLAgentImage, operatorVersion)
-		err = m.statefulSetControl.PatchStatefulSet(ss, updated)
+		err = m.statefulSetControl.Patch(ss, updated)
 		if err != nil {
 			return errors.Wrap(err, "upgrade operator version: PatchStatefulSet failed")
 		}
@@ -526,82 +483,6 @@ func (m *MySQLController) updateClusterStatus(cluster *api.MySQLCluster, ss *app
 	return nil
 }
 
-// deleteClusterResources manually issues a delete for the dependant resources
-// of a MySQLCluster.
-// DEPRECIATED: Not required after Kubernetes 1.8. Remove when dropping support
-// for 1.7.
-func (m *MySQLController) deleteClusterResources(obj interface{}) error {
-	cluster, ok := obj.(*api.MySQLCluster)
-	if !ok {
-		d, ok := obj.(cache.DeletedFinalStateUnknown)
-		if !ok {
-			return fmt.Errorf("deleteClusterResources() received unexpected type %T", obj)
-		}
-		// We don't care about the object being stale. We want to ensure that
-		// its dependant resources are absent anyway.
-		cluster = d.Obj.(*api.MySQLCluster)
-	}
-
-	if cluster.RequiresSecret() {
-		glog.V(4).Infof("Ensuring Secret deleted for MySQLCLuster %s/%s", cluster.Namespace, cluster.Name)
-		s, err := m.secretControl.GetForCluster(cluster)
-		if err != nil {
-			if !apierrors.IsNotFound(err) {
-				return err
-			}
-		} else if metav1.IsControlledBy(s, cluster) {
-			if err := m.secretControl.DeleteSecret(s); err != nil {
-				return err
-			}
-		}
-	}
-
-	// TODO(apryde): This needs to be modified to check for user-defined my.cnf
-	// ConfigMap as by default one is no longer created.
-	glog.V(4).Infof("Ensuring my.cnf ConfigMap deleted for MySQLCLuster %s/%s", cluster.Namespace, cluster.Name)
-	mycnf, err := m.configMapLister.ConfigMaps(cluster.Namespace).Get(cluster.Name)
-	if err != nil {
-		if !apierrors.IsNotFound(err) {
-			return err
-		}
-	} else if metav1.IsControlledBy(mycnf, cluster) {
-		if err := m.configControl.DeleteConfigMap(mycnf); err != nil {
-			return err
-		}
-	}
-
-	glog.V(4).Infof("Ensuring Service deleted for MySQLCLuster %s/%s", cluster.Namespace, cluster.Name)
-	svcName := cluster.Name
-	svc, err := m.serviceLister.Services(cluster.Namespace).Get(svcName)
-	if err != nil {
-		if !apierrors.IsNotFound(err) {
-			return err
-		}
-	} else if metav1.IsControlledBy(svc, cluster) {
-		if err := m.serviceControl.DeleteService(svc); err != nil {
-			return err
-		}
-	}
-
-	// Ensure the cluster's StatefulSet does not exist.
-	glog.V(4).Infof("Ensuring StatefulSet deleted for MySQLCLuster %s/%s", cluster.Namespace, cluster.Name)
-	statefulSetName := cluster.Name
-	ss, err := m.statefulSetLister.StatefulSets(cluster.Namespace).Get(statefulSetName)
-	if err != nil {
-		if !apierrors.IsNotFound(err) {
-			return err
-		}
-	} else if metav1.IsControlledBy(ss, cluster) {
-		if err := m.statefulSetControl.DeleteStatefulSet(ss); err != nil {
-			return err
-		}
-	}
-
-	glog.V(4).Infof("Ensured all components of MySQLCLuster %s/%s deleted", cluster.Namespace, cluster.Name)
-
-	return nil
-}
-
 // enqueueCluster takes a MySQLCluster resource and converts it into a
 // namespace/name string which is then put onto the work queue. This method
 // should *not* be passed resources of any type other than MySQLCluster.
diff --git a/pkg/controllers/cluster/controller_test.go b/pkg/controllers/cluster/controller_test.go
index fc2a7762b..ba1cf518c 100644
--- a/pkg/controllers/cluster/controller_test.go
+++ b/pkg/controllers/cluster/controller_test.go
@@ -30,8 +30,6 @@ import (
 	"k8s.io/client-go/kubernetes/fake"
 	cache "k8s.io/client-go/tools/cache"
 
-	"github.com/golang/glog"
-
 	options "github.com/oracle/mysql-operator/cmd/mysql-operator/app/options"
 	api "github.com/oracle/mysql-operator/pkg/apis/mysql/v1"
 	"github.com/oracle/mysql-operator/pkg/constants"
@@ -101,8 +99,8 @@ func TestSyncClusterValidateError(t *testing.T) {
 	if err == nil {
 		t.Errorf("SyncHandler should return an error when the cluster resource is invalid.")
 	}
-	if err.Error() != `status.phase: Invalid value: "Bad_Phase": invalid phase specified` {
-		t.Error("SyncHandler should return the correct error when the cluster resource is invalid: ", err)
+	if err.Error() != `validating MySQLCluster: status.phase: Invalid value: "Bad_Phase": invalid phase specified` {
+		t.Errorf("SyncHandler should return the correct error when the cluster resource is invalid: %q", err)
 	}
 }
 
@@ -501,7 +499,6 @@ type fakeMySQLControllerInformers struct {
 	statefulSetInformer appsinformers.StatefulSetInformer
 	podInformer         coreinformers.PodInformer
 	serviceInformer     coreinformers.ServiceInformer
-	configMapInformer   coreinformers.ConfigMapInformer
 }
 
 // newFakeMySQLController creates a new fake MySQLController with a fake mysqlop and kube clients and informers
@@ -510,11 +507,6 @@ func newFakeMySQLController(cluster *api.MySQLCluster, kuberesources ...runtime.
 	mysqlopClient := mysqlfake.NewSimpleClientset(cluster)
 	kubeClient := fake.NewSimpleClientset(kuberesources...)
 
-	serverVersion, err := kubeClient.Discovery().ServerVersion()
-	if err != nil {
-		glog.Fatalf("Failed to discover Kubernetes API server version: %+v", err)
-	}
-
 	kubeInformerFactory := informers.NewSharedInformerFactory(kubeClient, util.NoResyncPeriodFunc())
 	mysqlopInformerFactory := mysqlinformer_factory.NewSharedInformerFactory(mysqlopClient, util.NoResyncPeriodFunc())
 
@@ -523,19 +515,16 @@ func newFakeMySQLController(cluster *api.MySQLCluster, kuberesources ...runtime.
 		statefulSetInformer: kubeInformerFactory.Apps().V1beta1().StatefulSets(),
 		podInformer:         kubeInformerFactory.Core().V1().Pods(),
 		serviceInformer:     kubeInformerFactory.Core().V1().Services(),
-		configMapInformer:   kubeInformerFactory.Core().V1().ConfigMaps(),
 	}
 
 	fakeController := NewController(
 		mockOperatorConfig(),
 		mysqlopClient,
 		kubeClient,
-		serverVersion,
 		fakeInformers.clusterInformer,
 		fakeInformers.statefulSetInformer,
 		fakeInformers.podInformer,
 		fakeInformers.serviceInformer,
-		fakeInformers.configMapInformer,
 		30*time.Second,
 		cluster.Namespace)
 
@@ -543,7 +532,6 @@ func newFakeMySQLController(cluster *api.MySQLCluster, kuberesources ...runtime.
 	fakeController.statefulSetListerSynced = alwaysReady
 	fakeController.podListerSynced = alwaysReady
 	fakeController.serviceListerSynced = alwaysReady
-	fakeController.configMapListerSynced = alwaysReady
 
 	// Override default control structs with customer fakes.
 	fakeController.statefulSetControl = NewFakeStatefulSetControl(fakeController.statefulSetControl, kubeClient)
diff --git a/pkg/controllers/cluster/secret_control.go b/pkg/controllers/cluster/secret_control.go
index 97c0e8c6f..d931f897e 100644
--- a/pkg/controllers/cluster/secret_control.go
+++ b/pkg/controllers/cluster/secret_control.go
@@ -16,7 +16,6 @@ package cluster
 
 import (
 	"k8s.io/api/core/v1"
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes"
 
@@ -24,13 +23,12 @@ import (
 	"github.com/oracle/mysql-operator/pkg/resources/secrets"
 )
 
-// SecretControlInterface defines the interface that the
-// MySQLClusterController uses to create, update, and delete Secrets. It
-// is implemented as an interface to enable testing.
+// SecretControlInterface defines the interface that the MySQLClusterController
+// uses to get and create Secrets. It is implemented as an interface to enable
+// testing.
 type SecretControlInterface interface {
 	GetForCluster(cluster *api.MySQLCluster) (*v1.Secret, error)
 	CreateSecret(s *v1.Secret) error
-	DeleteSecret(s *v1.Secret) error
 }
 
 type realSecretControl struct {
@@ -53,11 +51,3 @@ func (rsc *realSecretControl) CreateSecret(s *v1.Secret) error {
 	_, err := rsc.client.CoreV1().Secrets(s.Namespace).Create(s)
 	return err
 }
-
-func (rsc *realSecretControl) DeleteSecret(s *v1.Secret) error {
-	err := rsc.client.CoreV1().Secrets(s.Namespace).Delete(s.Name, nil)
-	if apierrors.IsNotFound(err) {
-		return nil
-	}
-	return err
-}
diff --git a/pkg/controllers/cluster/service_control.go b/pkg/controllers/cluster/service_control.go
index 98446931c..f7feab957 100644
--- a/pkg/controllers/cluster/service_control.go
+++ b/pkg/controllers/cluster/service_control.go
@@ -16,17 +16,14 @@ package cluster
 
 import (
 	"k8s.io/api/core/v1"
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/client-go/kubernetes"
 	corelisters "k8s.io/client-go/listers/core/v1"
 )
 
-// ServiceControlInterface defines the interface that the
-// MySQLClusterController uses to create, update, and delete Services. It
-// is implemented as an interface to enable testing.
+// ServiceControlInterface defines the interface that the MySQLClusterController
+// uses to create Services. It is implemented as an interface to enable testing.
 type ServiceControlInterface interface {
 	CreateService(s *v1.Service) error
-	DeleteService(s *v1.Service) error
 }
 
 type realServiceControl struct {
@@ -44,11 +41,3 @@ func (rsc *realServiceControl) CreateService(s *v1.Service) error {
 	_, err := rsc.client.CoreV1().Services(s.Namespace).Create(s)
 	return err
 }
-
-func (rsc *realServiceControl) DeleteService(s *v1.Service) error {
-	err := rsc.client.CoreV1().Services(s.Namespace).Delete(s.Name, nil)
-	if apierrors.IsNotFound(err) {
-		return nil
-	}
-	return err
-}
diff --git a/pkg/controllers/cluster/statefulset_control.go b/pkg/controllers/cluster/statefulset_control.go
index 17a7ace60..e3834e57b 100644
--- a/pkg/controllers/cluster/statefulset_control.go
+++ b/pkg/controllers/cluster/statefulset_control.go
@@ -18,8 +18,6 @@ import (
 	"fmt"
 
 	apps "k8s.io/api/apps/v1beta1"
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	kubernetes "k8s.io/client-go/kubernetes"
 	appslisters "k8s.io/client-go/listers/apps/v1beta1"
 
@@ -29,12 +27,11 @@ import (
 )
 
 // StatefulSetControlInterface defines the interface that the
-// MySQLClusterController uses to create, update, and delete StatefulSets. It
+// MySQLClusterController uses to create and update StatefulSets. It
 // is implemented as an interface to enable testing.
 type StatefulSetControlInterface interface {
 	CreateStatefulSet(ss *apps.StatefulSet) error
-	DeleteStatefulSet(ss *apps.StatefulSet) error
-	PatchStatefulSet(old *apps.StatefulSet, new *apps.StatefulSet) error
+	Patch(old *apps.StatefulSet, new *apps.StatefulSet) error
 }
 
 type realStatefulSetControl struct {
@@ -53,17 +50,7 @@ func (rssc *realStatefulSetControl) CreateStatefulSet(ss *apps.StatefulSet) erro
 	return err
 }
 
-func (rssc *realStatefulSetControl) DeleteStatefulSet(ss *apps.StatefulSet) error {
-	policy := metav1.DeletePropagationBackground
-	opts := &metav1.DeleteOptions{PropagationPolicy: &policy}
-	err := rssc.client.AppsV1beta1().StatefulSets(ss.Namespace).Delete(ss.Name, opts)
-	if apierrors.IsNotFound(err) {
-		return nil
-	}
-	return err
-}
-
-func (rssc *realStatefulSetControl) PatchStatefulSet(old *apps.StatefulSet, new *apps.StatefulSet) error {
+func (rssc *realStatefulSetControl) Patch(old *apps.StatefulSet, new *apps.StatefulSet) error {
 	_, err := util.PatchStatefulSet(rssc.client, old, new)
 	return err
 }
diff --git a/pkg/controllers/cluster/statefulset_control_test.go b/pkg/controllers/cluster/statefulset_control_test.go
index c5af65e96..d4d83d826 100644
--- a/pkg/controllers/cluster/statefulset_control_test.go
+++ b/pkg/controllers/cluster/statefulset_control_test.go
@@ -30,7 +30,7 @@ func NewFakeStatefulSetControl(statefulSetControl StatefulSetControlInterface, c
 	return &fakeStatefulSetControl{statefulSetControl, client}
 }
 
-func (rssc *fakeStatefulSetControl) PatchStatefulSet(old *apps.StatefulSet, new *apps.StatefulSet) error {
+func (rssc *fakeStatefulSetControl) Patch(old *apps.StatefulSet, new *apps.StatefulSet) error {
 	_, err := util.UpdateStatefulSet(rssc.client, new)
 	return err
 }
diff --git a/wercker.yml b/wercker.yml
index 8c3150034..7919fd369 100644
--- a/wercker.yml
+++ b/wercker.yml
@@ -147,7 +147,10 @@ e2e-test:
       code: |
         export KUBECONFIG="/tmp/kubeconfig"
         echo -n "${KUBECONFIG_VAR}" | openssl enc -base64 -d -A > "${KUBECONFIG}"
-        ginkgo -nodes=4 -v test/e2e -- \
+        ginkgo \
+          -nodes=5 \
+          -v \
+          test/e2e -- \
           --kubeconfig="${KUBECONFIG}" \
           --operator-version="$(cat dist/version.txt)" \
           --s3-access-key="${S3_ACCESS_KEY}" \