diff --git a/container_files/etc/docker_config/discovery_url.txt b/container_files/etc/docker_config/discovery_url.txt
new file mode 100644
index 0000000..16f26d7
--- /dev/null
+++ b/container_files/etc/docker_config/discovery_url.txt
@@ -0,0 +1 @@
+https:\/\/service1.internet2.edu\/shibboleth-ds\/index.html
\ No newline at end of file
diff --git a/container_files/etc/docker_config/docker_config.sh b/container_files/etc/docker_config/docker_config.sh
new file mode 100644
index 0000000..d637eb0
--- /dev/null
+++ b/container_files/etc/docker_config/docker_config.sh
@@ -0,0 +1,24 @@
+#/bin/sh
+entityID_file="/etc/docker_config/entity_id.txt"
+dicoveryURL_file="/etc/docker_config/discovery_url.txt"
+if [ -f $entityID_file ]; then
+ entityID=`cat $entityID_file`
+ discoveryURL=`cat $dicoveryURL_file`
+else
+ if [[ -z "${entityID}" ]]; then
+ entityID="Some default value because entityID is undefined"
+ else
+ entityID="${entityID}"
+ fi
+ if [[ -z "${discoveryURL}" ]]; then
+ discoveryURL="Some default value because discoveryURL is undefined"
+ else
+ discoveryURL="${discoveryURL}"
+ fi
+fi
+
+
+sed -e "s/\${entityID}/$entityID/" -e "s/\${discoveryURL}/$discoveryURL/" /etc/docker_config/shibboleth2.xml > /etc/shibboleth/shibboleth2.xml
+cp /etc/docker_config/mfa-proxy.incommon.org-metdata.xml /etc/shibboleth/
+ln -s /etc/docker_config/proxy.conf /etc/httpd/conf.d/proxy.conf
+/opt/bin/httpd-shib-foreground
diff --git a/container_files/etc/docker_config/entity_id.txt b/container_files/etc/docker_config/entity_id.txt
new file mode 100644
index 0000000..9cdd51a
--- /dev/null
+++ b/container_files/etc/docker_config/entity_id.txt
@@ -0,0 +1 @@
+https:\/\/siteadmin.inc.testbed.tier.internet2.edu\/
\ No newline at end of file
diff --git a/container_files/etc/docker_config/mfa-proxy.incommon.org-metdata.xml b/container_files/etc/docker_config/mfa-proxy.incommon.org-metdata.xml
new file mode 100644
index 0000000..ef252e2
--- /dev/null
+++ b/container_files/etc/docker_config/mfa-proxy.incommon.org-metdata.xml
@@ -0,0 +1,52 @@
+
+
+
+
+
+ InCommon Multifactor Authentication IdP Proxy
+ A SAML IdP Proxy that implements distributed Duo multifactor authentication
+
+
+
+
+
+
+MIIEEjCCAvoCCQCunlLthlNf0DANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMC
+VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEDAOBgNVBAcTB09ha2xhbmQxHjAcBgNV
+BAoTFUNpcnJ1cyBJZGVudGl0eSwgSW5jLjEiMCAGA1UECxMZQ2lycnVzIElkZW50
+aXR5IE1GQSBQcm94eTElMCMGA1UEAxMcbWZhLXByb3h5LmNpcnJ1c2lkZW50aXR5
+LmNvbTEpMCcGCSqGSIb3DQEJARYac3VwcG9ydEBjaXJydXNpZGVudGl0eS5jb20w
+HhcNMTQwMzIxMTUyOTMyWhcNMzQwMzIwMTUyOTMyWjCByjELMAkGA1UEBhMCVVMx
+EzARBgNVBAgTCkNhbGlmb3JuaWExEDAOBgNVBAcTB09ha2xhbmQxHjAcBgNVBAoT
+FUNpcnJ1cyBJZGVudGl0eSwgSW5jLjEiMCAGA1UECxMZQ2lycnVzIElkZW50aXR5
+IE1GQSBQcm94eTElMCMGA1UEAxMcbWZhLXByb3h5LmNpcnJ1c2lkZW50aXR5LmNv
+bTEpMCcGCSqGSIb3DQEJARYac3VwcG9ydEBjaXJydXNpZGVudGl0eS5jb20wggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXndGfNVqaMyAYne0Bm7l8xNTZ
+WbzYmY7Ydhco/CMfOfTEYKGGv3n7o1Sozx2cEHiVAeiYNL/N8Tihp0y6Mh+dh0HQ
+wFBSbsbTGFocARVfaCoKn6p0GLaBm9I4KyTn2/U5DRJ9gcNmIkx72PHWg22Z+SCy
+K/awX90otWjVfpEYpODA4aAvZT/DeNR4gedy7kOPT2NNbpSPa33x/DyR+Ts4RQKM
+R2F50oceOajEao9DqLTaGqLKROGW1atgL6bwIn2Wbi3v86kqw2NiBdGz173XL7DK
+1KO73e9KaLG2QgdhDpBXz07oXyhfLZr/9Qh0JELDgJCCHjr3ww3NCK+m508jAgMB
+AAEwDQYJKoZIhvcNAQEFBQADggEBAIduyJXJqMSk/6g2ItBmOaox3uS4eawl0n64
+qOL+tJqbxHVw6j6GLNukQ1Tem0W9F3jblBE6CY+GOEpul4sTv7PkJ2+EoNi6j74a
+22VKbQpD/2Gk1kR+u7PWQHtRLfzmYX/ssoN4U7ekRfSZj4W/44cGka8y5fv58GpW
+H45nZwzsT3YOWrVHfSDE39SLfWDFiLmwhoKrZ6K/SVX1cIiR1LRgK1wy22hSehQD
+DXihc3A6Xw7eKGHQ1JD2t/mn2ml6DBLww94xvxkIhAvW3FCSvdMHuwLXDMG5kYbJ
+a8USrn8wzJKX8L//XJDEorAgrmS2Zn1ewmHIKrR23T7lvsjtttU=
+
+
+
+
+
+
+
+
+ InCommon LLC
+ InCommon Operations
+ http://www.incommon.org
+
+
+ Tech Support
+ techsupport@internet2.edu
+
+
diff --git a/container_files/etc/docker_config/proxy.conf b/container_files/etc/docker_config/proxy.conf
new file mode 100644
index 0000000..0f2289b
--- /dev/null
+++ b/container_files/etc/docker_config/proxy.conf
@@ -0,0 +1,2 @@
+ProxyPass /siteadmin/ http://siteadmin-svc:3000/
+ProxyPassReverse /siteadmin/ http://siteadmin-svc:3000/
diff --git a/container_files/etc/docker_config/shibboleth2.xml b/container_files/etc/docker_config/shibboleth2.xml
new file mode 100644
index 0000000..d9898e7
--- /dev/null
+++ b/container_files/etc/docker_config/shibboleth2.xml
@@ -0,0 +1,117 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ SAML2 SAML1
+
+
+ SAML2 Local
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/siteadmin-ingress.yaml b/siteadmin-ingress.yaml
new file mode 100644
index 0000000..4287aed
--- /dev/null
+++ b/siteadmin-ingress.yaml
@@ -0,0 +1,14 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: "siteadmin-ingress"
+ annotations:
+ zalando.org/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:823003027569:certificate/c846f0e4-1c48-4315-9b41-cf29cd487700
+spec:
+ rules:
+ - host: "siteadmin.inc.testbed.tier.internet2.edu"
+ http:
+ paths:
+ - backend:
+ serviceName: "siteadmin-sp-svc"
+ servicePort: 80
diff --git a/siteadmin-sp-deployment.yaml b/siteadmin-sp-deployment.yaml
new file mode 100644
index 0000000..e10a1c6
--- /dev/null
+++ b/siteadmin-sp-deployment.yaml
@@ -0,0 +1,31 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ labels:
+ app: siteadmin-sp
+ name: siteadmin-sp
+ namespace: siteadmin-deployment
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: siteadmin-sp
+ name: siteadmin-sp
+ spec:
+ containers:
+ - name: siteadmin-sp
+ image: tier/siteadmin-sp
+ command: ["/bin/bash","/etc/docker_config/docker_config.sh"]
+ ports:
+ - containerPort: 80
+ protocol: TCP
+ - containerPort: 443
+ protocol: TCP
+ volumeMounts:
+ - name: siteadmin-sp-config
+ mountPath: /etc/docker_config
+ volumes:
+ - name: siteadmin-sp-config
+ configMap:
+ name: siteadmin-sp-config
diff --git a/siteadmin-sp-svc.yml b/siteadmin-sp-svc.yml
new file mode 100644
index 0000000..7a8acc0
--- /dev/null
+++ b/siteadmin-sp-svc.yml
@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: siteadmin-sp-svc
+ labels:
+ app: siteadmin-sp-svc
+spec:
+ ports:
+ - port: 80
+ protocol: TCP
+ targetPort: 80
+ name: http
+ - port: 443
+ protocol: TCP
+ targetPort: 443
+ name: https
+ selector:
+ app: siteadmin-sp
diff --git a/upload_config.sh b/upload_config.sh
new file mode 100755
index 0000000..1e53fa2
--- /dev/null
+++ b/upload_config.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+kubectl -n siteadmin-deployment create configmap siteadmin-sp-config --from-file=container_files/etc/docker_config