Fixing out of date api in the using-secrets kubernetes yaml

Signed-off-by: Josh Cox <[email protected]>

example/kubernetes/using-secrets/README.md

@@ -5,3 +5,15 @@
 Then edit the yaml files in the environment directory to have the desired paraneters, and then make the secret file:
 
 `make ldap-secret.yaml`
+
+And deploy the secret you just made:
+
+`kubectl apply -f ldap-secret.yaml`
+
+Apply the deployment yaml for ldap in k8s:
+
+`kubectl apply -f ldap-deployment.yaml`
+
+Finally apply the service yaml for ldap in k8s:
+
+`kubectl apply -f ldap-deployment.yaml`

example/kubernetes/using-secrets/ldap-deployment.yaml

@@ -1,10 +1,13 @@
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: ldap
   labels:
     app: ldap
 spec:
+  selector:
+    matchLabels:
+      app: ldap
   replicas: 1
   template:
     metadata:
@@ -14,7 +17,6 @@ spec:
       containers:
         - name: ldap
           image: osixia/openldap:1.4.0
-          args: ["--copy-service"]
           volumeMounts:
             - name: ldap-data
               mountPath: /var/lib/ldap
@@ -29,6 +31,57 @@ spec:
           ports:
             - containerPort: 389
               name: openldap
+          env:
+            - name: LDAP_LOG_LEVEL
+              value: "256"
+            - name: LDAP_ORGANISATION
+              value: "Example Inc."
+            - name: LDAP_DOMAIN
+              value: "example.org"
+            - name: LDAP_ADMIN_PASSWORD
+              value: "admin"
+            - name: LDAP_CONFIG_PASSWORD
+              value: "config"
+            - name: LDAP_READONLY_USER
+              value: "false"
+            - name: LDAP_READONLY_USER_USERNAME
+              value: "readonly"
+            - name: LDAP_READONLY_USER_PASSWORD
+              value: "readonly"
+            - name: LDAP_RFC2307BIS_SCHEMA
+              value: "false"
+            - name: LDAP_BACKEND
+              value: "mdb"
+            - name: LDAP_TLS
+              value: "true"
+            - name: LDAP_TLS_CRT_FILENAME
+              value: "ldap.crt"
+            - name: LDAP_TLS_KEY_FILENAME
+              value: "ldap.key"
+            - name: LDAP_TLS_DH_PARAM_FILENAME
+              value: "dhparam.pem"
+            - name: LDAP_TLS_CA_CRT_FILENAME
+              value: "ca.crt"
+            - name: LDAP_TLS_ENFORCE
+              value: "false"
+            - name: LDAP_TLS_CIPHER_SUITE
+              value: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC"
+            - name: LDAP_TLS_VERIFY_CLIENT
+              value: "demand"
+            - name: LDAP_REPLICATION
+              value: "false"
+            - name: LDAP_REPLICATION_CONFIG_SYNCPROV
+              value: "binddn=\"cn=admin,cn=config\" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase=\"cn=config\" type=refreshAndPersist retry=\"60 +\" timeout=1 starttls=critical"
+            - name: LDAP_REPLICATION_DB_SYNCPROV
+              value: "binddn=\"cn=admin,$LDAP_BASE_DN\" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase=\"$LDAP_BASE_DN\" type=refreshAndPersist interval=00:00:00:10 retry=\"60 +\" timeout=1 starttls=critical"
+            - name: LDAP_REPLICATION_HOSTS
+              value: "#PYTHON2BASH:['ldap://ldap-one-service', 'ldap://ldap-two-service']"
+            - name: KEEP_EXISTING_CONFIG
+              value: "false"
+            - name: LDAP_REMOVE_CONFIG_AFTER_SETUP
+              value: "true"
+            - name: LDAP_SSL_HELPER_PREFIX
+              value: "ldap"
       volumes:
         - name: ldap-data
           hostPath: