From 8b8c4db1616a731060a04d227842a34f326eb3f5 Mon Sep 17 00:00:00 2001 From: Rohith Date: Thu, 24 Sep 2015 17:27:28 +0100 Subject: [PATCH] - adding the k8s service file - adding the tls sidekick --- services/demo-rc.yaml | 15 ++++++++++++++- services/demo-svc.yml | 14 ++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 services/demo-svc.yml diff --git a/services/demo-rc.yaml b/services/demo-rc.yaml index 4d73fd7..0d9db2e 100644 --- a/services/demo-rc.yaml +++ b/services/demo-rc.yaml @@ -16,13 +16,14 @@ spec: containers: - name: vault-sidekick image: gambol99/vault-sidekick:0.0.1 + imagePullPolicy: Always args: - -logtostderr=true - -v=4 - -tls-skip-verify=true - -auth=/etc/token/vault-token.yml - -output=/etc/secrets - - -cn=secret:db:up=30s,rv=true + - -cn=secret:db:up=3h,rv=true - -cn=pki:example-dot-com:cn=demo.example.com,fmt=cert,fn=demo.example.com - -vault=https://vault.services.cluster.local:8200 volumeMounts: @@ -30,6 +31,18 @@ spec: mountPath: /etc/secrets - name: token mountPath: /etc/token + - name: nginx-tls-sidekick + image: quay.io/ukhomeofficedigital/nginx-tls-sidekick + imagePullPolicy: Always + args: + - ./run.sh + - -p + - 443:127.0.0.1:80:demo.example.com + ports: + - containerPort: 443 + volumeMounts: + - name: secrets + mountPath: /etc/secrets - name: apache image: fedora/apache ports: diff --git a/services/demo-svc.yml b/services/demo-svc.yml new file mode 100644 index 0000000..98233f0 --- /dev/null +++ b/services/demo-svc.yml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Service +metadata: + labels: + name: vault-demo + name: vault-demo +spec: + ports: + - name: https + port: 443 + targetPort: 443 + selector: + name: vault-demo