openldap docker k8s部署

IamstudyingJava2023-07-21 19:47

1、docker部署

首先编写docker-compose.yml文件:

version: '2'

services:

openldap:

image: osixia/openldap:1.5.0

container_name: openldap

restart: always

environment:

LDAP_ORGANISATION: "gavin"

LDAP_DOMAIN: "auth.gavin.cn"

LDAP_BASE_DN: "dc=auth,dc=gavin,dc=cn"

LDAP_ADMIN_PASSWORD: "123456"

LDAP_CONFIG_PASSWORD: "123456"

volumes:

- /opt/openldap/ldap:/var/lib/ldap

- /opt/openldap/slapd.d:/etc/ldap/slapd.d

ports:

  • "389:389"

  • "636:636"

phpldapadmin:

image: osixia/phpldapadmin:latest

container_name: phpldapadmin

restart: always

environment:

PHPLDAPADMIN_LDAP_HOSTS: "openldap"

PHPLDAPADMIN_HTTPS: "false"

ports:

  • "50081:80"

depends_on:

  • openldap

然后通过docker-compose up启动成功。http://localhost:50081/.

用户名为cn=admin,dc=auth,dc=gavin,dc=cn, 密码为123456

2、k8s部署,

首先通过docker命令把镜像推送到harbor

编写openldap.yml,

apiVersion: apps/v1

kind: Deployment

metadata:

annotations: {}

labels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

name: openldap

namespace: base-component

resourceVersion: '43043689'

spec:

progressDeadlineSeconds: 600

replicas: 1

revisionHistoryLimit: 10

selector:

matchLabels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

strategy:

rollingUpdate:

maxSurge: 25%

maxUnavailable: 25%

type: RollingUpdate

template:

metadata:

creationTimestamp: null

labels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

spec:

containers:

  • env:

  • name: LDAP_ORGANISATION

value: gavin

  • name: LDAP_DOMAIN

value: auth.gavin.cn

  • name: LDAP_BASE_DN

value: 'dc=auth,dc=gavin,dc=cn'

  • name: LDAP_ADMIN_PASSWORD

value: 123456

  • name: LDAP_CONFIG_PASSWORD

value: 123456

image: '192.168.20.4:8930/base-component/osixia/openldap:1.0.0'

imagePullPolicy: IfNotPresent

name: openldap

resources: {}

terminationMessagePath: /dev/termination-log

terminationMessagePolicy: File

volumeMounts:

  • mountPath: '/opt/openldap/ldap:/var/lib/ldap'

name: volume-hznp6

  • mountPath: '/opt/openldap/slapd.d:/etc/ldap/slapd.d'

name: volume-hznp6

dnsPolicy: ClusterFirst

restartPolicy: Always

schedulerName: default-scheduler

securityContext: {}

terminationGracePeriodSeconds: 30

volumes:

  • name: volume-hznp6

persistentVolumeClaim:

claimName: openldap

编写phpldapadmin.yml

apiVersion: apps/v1

kind: Deployment

metadata:

annotations: {}

labels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

name: phpldapadmin

namespace: base-component

resourceVersion: '43046631'

spec:

progressDeadlineSeconds: 600

replicas: 1

revisionHistoryLimit: 10

selector:

matchLabels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

strategy:

rollingUpdate:

maxSurge: 25%

maxUnavailable: 25%

type: RollingUpdate

template:

metadata:

creationTimestamp: null

labels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

spec:

containers:

  • env:

  • name: PHPLDAPADMIN_LDAP_HOSTS

value: openldap-svc

  • name: PHPLDAPADMIN_HTTPS

value: 'false'

image: '192.168.20.4:8930/base-component/osixia/phpldapadmin:1.0.0'

imagePullPolicy: IfNotPresent

name: phpldapadmin

resources: {}

terminationMessagePath: /dev/termination-log

terminationMessagePolicy: File

dnsPolicy: ClusterFirst

restartPolicy: Always

schedulerName: default-scheduler

securityContext: {}

terminationGracePeriodSeconds: 30

status:

availableReplicas: 1

conditions:

  • lastTransitionTime: '2023-07-13T06:19:54Z'

lastUpdateTime: '2023-07-13T06:19:54Z'

message: Deployment has minimum availability.

reason: MinimumReplicasAvailable

status: 'True'

type: Available

  • lastTransitionTime: '2023-07-13T06:19:49Z'

lastUpdateTime: '2023-07-13T06:45:55Z'

message: ReplicaSet "phpldapadmin-7bf9f9957c" is progressing.

reason: ReplicaSetUpdated

status: 'True'

type: Progressing

observedGeneration: 6

readyReplicas: 1

replicas: 1

unavailableReplicas: 1

updatedReplicas: 1

编写服务openldap-svc.yml

apiVersion: v1

kind: Service

metadata:

name: openldap-svc

namespace: base-component

resourceVersion: '43043585'

spec:

clusterIP: 10.233.170.152

clusterIPs:

  • 10.233.170.152

externalTrafficPolicy: Cluster

internalTrafficPolicy: Cluster

ipFamilies:

  • IPv4

ipFamilyPolicy: SingleStack

ports:

  • name: r6pkcf

nodePort: 389

port: 389

protocol: TCP

targetPort: 389

  • name: fw8jjr

nodePort: 636

port: 636

protocol: TCP

targetPort: 636

selector:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

sessionAffinity: None

type: NodePort

编写 phpldapadmin-svc.yml

apiVersion: v1

kind: Service

metadata:

name: phpldapadmin-svc

namespace: base-component

resourceVersion: '43042798'

spec:

clusterIP: 10.233.214.176

clusterIPs:

  • 10.233.214.176

externalTrafficPolicy: Cluster

internalTrafficPolicy: Cluster

ipFamilies:

  • IPv4

ipFamilyPolicy: SingleStack

ports:

  • name: dbz2rn

nodePort: 5080

port: 80

protocol: TCP

targetPort: 80

selector:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

sessionAffinity: None

type: NodePort

然后启动,进入页面。

注意:在phpldapadmin.yml文件里的环境变量PHPLDAPADMIN_LDAP_HOSTS,之前用的是openldap,也就是工作负载的名称,但是页面会出现不能连接ldap服务。改成openldap-svc就可以了,可能是因为工作负载不对外。

相关推荐
小夏卷编程9 小时前
Ubuntu 20.04.4 宝塔 docker showdoc v3.2 更新到v3.7.3
运维·docker·容器
JEECG低代码平台9 小时前
JeecgBoot低代码平台 Docker 部署 OnlyOffice 文档服务完整指南
低代码·docker·容器
生活爱好者!10 小时前
NAS帮我找回童年的快乐!部署 小游戏
运维·服务器·docker·容器·娱乐
自在极意功。11 小时前
nginx和docker面试题
运维·nginx·docker
不做超级小白12 小时前
执行docker命令时自动启动Docker Desktop?一个小工具让开发体验更丝滑
windows·docker
222you12 小时前
Ubuntu当中的Docker安装和镜像管理
ubuntu·spring cloud·docker
心易行者13 小时前
别再说“在我的机器上能跑”了!Docker 入门指南,专治各种环境不服
运维·人工智能·docker·容器
zhim0013 小时前
【保姆级教程】使用 Docker 部署 PostgreSQL + pgvector(含踩坑指南)
linux·docker
进击切图仔15 小时前
ROS 跨机通信与 Docker 多机环境搭建
运维·docker·容器
切糕师学AI15 小时前
Kubernetes 中的 Informer 机制
云原生·容器·kubernetes·informer
热门推荐
01GitHub 镜像站点02OpenClaw 使用和管理 MCP 完全指南03本地部署 OpenClaw + DeepSeek-R1 完全指南04Qwen3.5 开源全解析:从 0.8B 到 397B,代际升级 + 全场景选型指南05OpenClaw 飞书机器人不回复消息?3 小时踩坑总结06OpenClaw macOS 完整安装与本地模型配置教程(实战版)07得物前端部门,没了08OpenClaw 连接飞书完整指南:插件安装、配置与踩坑记录09Window 10部署openclaw报错node.exe : npm error code 12810OpenClaw 接入 QQ Bot 完整实践指南