- fixing up the dockerfile

- adding the k8s demo services

Dockerfile

@@ -1,4 +1,4 @@
-FROM gliderlabs/alpine:latest
+FROM alpine:latest
 MAINTAINER Rohith <gambol99@gmail.com>
 
 ADD bin/vault-sidekick /vault-sidekick

services/demo-ns.yml

@@ -0,0 +1,7 @@
+---
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: demo
+  labels:
+    name: demo

services/demo-rc.yaml

@@ -0,0 +1,45 @@
+---
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  namespace: demo
+  name: vault-demo
+spec:
+  replicas: 1
+  selector:
+    name: vault-demo
+  template:
+    metadata:
+      labels:
+        name: vault-demo
+    spec:
+      containers:
+      - name: vault-sidekick
+        image: gambol99/vault-sidekick:0.0.1
+        args:
+          - -logtostderr=true
+          - -v=4
+          - -tls-skip-verify=true
+          - -auth=/etc/token/vault-token.yml
+          - -output=/etc/secrets
+          - -cn=secret:db:up=30s,rv=true
+          - -cn=pki:example-dot-com:cn=demo.example.com,fmt=cert,fn=demo.example.com
+          - -vault=https://vault.services.cluster.local:8200
+        volumeMounts:
+          - name: secrets
+            mountPath: /etc/secrets
+          - name: token
+            mountPath: /etc/token
+      - name: apache
+        image: fedora/apache
+        ports:
+        - containerPort: 80
+        volumeMounts:
+          - name: secrets
+            mountPath: /etc/secrets
+      volumes:
+        - name: secrets
+          emptyDir: {}
+        - name: token
+          secret:
+            secretName: vault-token

services/demo-secrets.yml

@@ -0,0 +1,15 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  namespace: demo
+  name: vault-token
+data:
+  #
+  # vault auth-enable userpass
+  # vault write auth/userpass/users/demo password=SOME_PASSWORD policies=root
+  #
+  vault-token.yml: |
+    method: userpass
+    username: demo
+    password: SOME_PASSWORD

services/sidekick-rc.yaml

@@ -1,45 +0,0 @@
-#
-#   Author: Rohith
-#   Date: 2015-05-20 23:36:02 +0100 (Wed, 20 May 2015)
-#
-#  vim:ts=2:sw=2:et
-#
----
-apiVersion: v1
-kind: ReplicationController
-metadata:
-  name: sidekick-demo
-spec:
-  replicas: 1
-  selector:
-    name: sidekick-demo
-  template:
-    metadata:
-      labels:
-        name: sidekick-web
-    spec:
-      containers:
-      - name: vault-sidekick
-        image: gambol99/vault-sidekick:latest
-        env:
-          - name: VAULT_ADDR
-            value: https://VAULT_IP:8200
-          - name: VAULT_TOKEN
-            value: TOKEN
-        args:
-          - -v=3
-          - -output=/etc/secrets
-          - -rn=secret:/prod/db;fn=db.creds,fmt=yaml
-        volumeMounts:
-          - name: secrets
-            mountPath: /etc/secrets
-      - name: apache
-        image: fedora/apache
-        volumeMounts:
-          - name: secrets
-            mountPath: /etc/secrets
-        ports:
-        - containerPort: 80
-      volumes:
-        - name: secrets
-          emptyDir: {}