kubernetes/control/services/drivetrain/ldap.yml - salt-models/reclass-system - Gitiles

 parameters:
   kubernetes:
     common:
       addons:
         ingress-nginx:
           tcp_data:
             389: drivetrain/openldap:389
           tcp_ports:
           - 389
     control:
       ingress:
         ldap:
           annotations:
           - name: kubernetes.io/ingress.class
             value: nginx
           - name: nginx.ingress.kubernetes.io/ssl-redirect
             value: false
           - name: nginx.ingress.kubernetes.io/rewrite-target
             value: /ldap
           apiVersion: extensions/v1beta1
           cluster: drivetrain
           enabled: true
           create: true
           namespace: drivetrain
           rules:
             hosts:
             - paths:
                 /ldap:
                   service: openldap
                   port: 80
       service:
         openldap:
           enabled: true
           cluster: drivetrain
           service: openldap
           create: true
           namespace: drivetrain
           ports:
           - port: 389
             name: nonssl
           - port: 636
             name: ssl
           - port: 80
             name: admin
           type: ClusterIP
           apiVersion: extensions/v1beta1
           kind: Deployment
           replicas: 1
           container:
             ldap-server:
               image: ${_param:docker_image_openldap}
               image_pull_policy: IfNotPresent
               variables:
               - name: HOSTNAME
                 value: ldap01.${_param:openldap_domain}
               - name: LDAP_ORGANISATION
                 value: ${_param:openldap_organisation}
               - name: LDAP_DOMAIN
                 value: ${_param:openldap_domain}
               - name: LDAP_ADMIN_PASSWORD
                 value: ${_param:openldap_admin_password}
               - name: LDAP_CONFIG_PASSWORD
                 value: ${_param:openldap_config_password}
               - name: LDAP_TLS
                 value: "'false'"
               ports:
               - port: 389
                 name: nonssl
               - port: 636
                 name: ssl
               volumes:
               - name: data
                 mount: /var/lib/ldap
                 read_only: false
               - name: config
                 mount: /etc/ldap/slapd.d
                 read_only: false
             ldap-admin:
               image: ${_param:docker_image_phpldapadmin}
               image_pull_policy: IfNotPresent
               variables:
               - name: PHPLDAPADMIN_LDAP_ADMIN_PASSWORD
                 value: ${_param:openldap_admin_password}
               - name: PHPLDAPADMIN_LDAP_HOSTS
                 value: "#PYTHON2BASH:[{'server': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '$PHPLDAPADMIN_LDAP_ADMIN_PASSWORD'}]}]}]"
               - name: PHPLDAPADMIN_HTTPS
                 value: "'false'"
               - name: PHPLDAPADMIN_TRUST_PROXY_SSL
                 value: "'true'"
               - name: PHPLDAPADMIN_SERVER_ADMIN
                 value: ${_param:admin_email}
               - name: PHPLDAPADMIN_THEME
                 value: mirantis
               - name: PHPLDAPADMIN_SERVER_PATH
                 value: "/ldap"
               ports:
               - port: 80
                 name: admin
           volume:
             config:
               type: glusterfs
               endpoints: glusterfs
               path: openldap-config
               read_only: false
             data:
               type: glusterfs
               endpoints: glusterfs
               path: openldap-data
               read_only: false
	parameters:
	kubernetes:
	common:
	addons:
	ingress-nginx:
	tcp_data:
	389: drivetrain/openldap:389
	tcp_ports:
	- 389
	control:
	ingress:
	ldap:
	annotations:
	- name: kubernetes.io/ingress.class
	value: nginx
	- name: nginx.ingress.kubernetes.io/ssl-redirect
	value: false
	- name: nginx.ingress.kubernetes.io/rewrite-target
	value: /ldap
	apiVersion: extensions/v1beta1
	cluster: drivetrain
	enabled: true
	create: true
	namespace: drivetrain
	rules:
	hosts:
	- paths:
	/ldap:
	service: openldap
	port: 80
	service:
	openldap:
	enabled: true
	cluster: drivetrain
	service: openldap
	create: true
	namespace: drivetrain
	ports:
	- port: 389
	name: nonssl
	- port: 636
	name: ssl
	- port: 80
	name: admin
	type: ClusterIP
	apiVersion: extensions/v1beta1
	kind: Deployment
	replicas: 1
	container:
	ldap-server:
	image: ${_param:docker_image_openldap}
	image_pull_policy: IfNotPresent
	variables:
	- name: HOSTNAME
	value: ldap01.${_param:openldap_domain}
	- name: LDAP_ORGANISATION
	value: ${_param:openldap_organisation}
	- name: LDAP_DOMAIN
	value: ${_param:openldap_domain}
	- name: LDAP_ADMIN_PASSWORD
	value: ${_param:openldap_admin_password}
	- name: LDAP_CONFIG_PASSWORD
	value: ${_param:openldap_config_password}
	- name: LDAP_TLS
	value: "'false'"
	ports:
	- port: 389
	name: nonssl
	- port: 636
	name: ssl
	volumes:
	- name: data
	mount: /var/lib/ldap
	read_only: false
	- name: config
	mount: /etc/ldap/slapd.d
	read_only: false
	ldap-admin:
	image: ${_param:docker_image_phpldapadmin}
	image_pull_policy: IfNotPresent
	variables:
	- name: PHPLDAPADMIN_LDAP_ADMIN_PASSWORD
	value: ${_param:openldap_admin_password}
	- name: PHPLDAPADMIN_LDAP_HOSTS
	value: "#PYTHON2BASH:[{'server': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '$PHPLDAPADMIN_LDAP_ADMIN_PASSWORD'}]}]}]"
	- name: PHPLDAPADMIN_HTTPS
	value: "'false'"
	- name: PHPLDAPADMIN_TRUST_PROXY_SSL
	value: "'true'"
	- name: PHPLDAPADMIN_SERVER_ADMIN
	value: ${_param:admin_email}
	- name: PHPLDAPADMIN_THEME
	value: mirantis
	- name: PHPLDAPADMIN_SERVER_PATH
	value: "/ldap"
	ports:
	- port: 80
	name: admin
	volume:
	config:
	type: glusterfs
	endpoints: glusterfs
	path: openldap-config
	read_only: false
	data:
	type: glusterfs
	endpoints: glusterfs
	path: openldap-data
	read_only: false