From e173e23d087c0fc3a095457ed392b4f57f5fa575 Mon Sep 17 00:00:00 2001
From: Zak Scholl <zscholl@users.noreply.github.com>
Date: Wed, 21 Feb 2024 13:57:05 -0600
Subject: [PATCH] fix: update k8s manifests for kubernetes install (#16570)

When attempting to follow the kubernetes install directions I
encountered a few issues.

1. The image version was no longer hosted on dockerhub. And new versions
now are tagged with a "v" prefix.
2. The webserver was not able to bind to port 443 on a managed version
of k8s.
3. The dns name(s) for the latest redis helm chart have changed. They
are now `{release}-master` for read-write and `{release}-replica` for
read only nodes.
4. The deployment API is out of date.

This PR fixes those issues.
---
 .../kubernetes/fleet-deployment.yml                    | 10 +++++-----
 .../kubernetes/fleet-migrations.yml                    |  2 +-
 .../configuration-files/kubernetes/fleet-service.yml   |  2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/docs/Configuration/configuration-files/kubernetes/fleet-deployment.yml b/docs/Configuration/configuration-files/kubernetes/fleet-deployment.yml
index da6fc2b67..e7badbf04 100644
--- a/docs/Configuration/configuration-files/kubernetes/fleet-deployment.yml
+++ b/docs/Configuration/configuration-files/kubernetes/fleet-deployment.yml
@@ -1,4 +1,4 @@
-apiVersion: apps/v1beta2
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: fleet-webserver
@@ -20,10 +20,10 @@ spec:
             secretName: fleet-tls
       containers:
         - name: fleet-webserver
-          image: fleetdm/fleet:4.0.1
+          image: fleetdm/fleet:v4.43.3
           command: ["fleet", "serve"]
           ports:
-            - containerPort: 443
+            - containerPort: 8443
           volumeMounts:
             - name: fleet-tls
               mountPath: "/secrets/fleet-tls"
@@ -37,14 +37,14 @@ spec:
                   name: fleet-database-mysql
                   key: mysql-password
             - name: FLEET_REDIS_ADDRESS
-              value: fleet-cache-redis:6379
+              value: fleet-cache-redis-master:6379
             - name: FLEET_REDIS_PASSWORD
               valueFrom:
                 secretKeyRef:
                   name: fleet-cache-redis
                   key: redis-password
             - name: FLEET_SERVER_ADDRESS
-              value: "0.0.0.0:443"
+              value: "0.0.0.0:8443"
             - name: FLEET_SERVER_CERT
               value: "/secrets/fleet-tls/tls.crt"
             - name: FLEET_SERVER_KEY
diff --git a/docs/Configuration/configuration-files/kubernetes/fleet-migrations.yml b/docs/Configuration/configuration-files/kubernetes/fleet-migrations.yml
index f6dc7ebfc..8e432b189 100644
--- a/docs/Configuration/configuration-files/kubernetes/fleet-migrations.yml
+++ b/docs/Configuration/configuration-files/kubernetes/fleet-migrations.yml
@@ -9,7 +9,7 @@ spec:
     spec:
       containers:
         - name: fleet
-          image: fleetdm/fleet:4.0.1
+          image: fleetdm/fleet:v4.43.3
           command: ["fleet", "prepare", "db"]
           env:
             - name: FLEET_MYSQL_ADDRESS
diff --git a/docs/Configuration/configuration-files/kubernetes/fleet-service.yml b/docs/Configuration/configuration-files/kubernetes/fleet-service.yml
index 098270f02..621199dba 100644
--- a/docs/Configuration/configuration-files/kubernetes/fleet-service.yml
+++ b/docs/Configuration/configuration-files/kubernetes/fleet-service.yml
@@ -9,7 +9,7 @@ spec:
   ports:
     - name: proxy-tls
       port: 443
-      targetPort: 443
+      targetPort: 8443
       protocol: TCP
     - name: proxy-http
       port: 80