init commit

openldap_deployment.yaml

@@ -0,0 +1,57 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: openldap
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: openldap
+  template:
+    metadata:
+      annotations:
+        ### autocert ###
+        autocert.step.sm/name: openldap.default.svc.cluster.local
+        autocert.step.sm/duration: 1h
+        ### autocert ###
+      labels:
+        app: openldap
+    spec:
+      containers:
+      - name: openldap
+        image: jjregistry.localhost:5000/openldap:2.6.0
+        imagePullPolicy: Always
+        env:
+          - name: LDAP_ADMIN_USERNAME
+            value: "admin"
+          - name: LDAP_ADMIN_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                key: adminpassword
+                name: openldap-secret
+          - name: LDAP_USERS
+            valueFrom:
+              secretKeyRef:
+                key: users
+                name: openldap-secret
+          - name: LDAP_PASSWORDS
+            valueFrom:
+              secretKeyRef:
+                key: passwords
+                name: openldap-secret
+          - name: LDAP_ROOT
+            value: "dc=minotaur"
+          - name: LDAP_ENABLE_TLS
+            value: "yes"
+          - name: LDAP_TLS_CERT_FILE
+            value: /var/run/autocert.step.sm/site.crt
+          - name: LDAP_TLS_KEY_FILE
+            value: /var/run/autocert.step.sm/site.key
+          - name: LDAP_TLS_CA_FILE
+            value: /var/run/autocert.step.sm/root.crt
+        ports:
+        - containerPort: 1389
+          name: ldap
+        - containerPort: 1636
+          name: ldaps

openldap_secret.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: openldap-secret
+type: Opaque
+data:
+  adminpassword: YWRtaW4=
+  users: amo=
+  passwords: amo=

openldap_svc.yaml

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    purelb.io/allow-shared-ip: shared
+  name: ldap-svc
+  namespace: default
+  labels:
+    tier: service
+spec:
+  type: LoadBalancer
+  ports:
+  - port: 1389
+    name: ldap
+    targetPort: 1389
+  - port: 1636
+    name: ldaps
+    targetPort: 1636
+  selector:
+    app: openldap