openldap docker k8s部署

IamstudyingJava2023-07-21 19:47

1、docker部署

首先编写docker-compose.yml文件:

version: '2'

services:

openldap:

image: osixia/openldap:1.5.0

container_name: openldap

restart: always

environment:

LDAP_ORGANISATION: "gavin"

LDAP_DOMAIN: "auth.gavin.cn"

LDAP_BASE_DN: "dc=auth,dc=gavin,dc=cn"

LDAP_ADMIN_PASSWORD: "123456"

LDAP_CONFIG_PASSWORD: "123456"

volumes:

- /opt/openldap/ldap:/var/lib/ldap

- /opt/openldap/slapd.d:/etc/ldap/slapd.d

ports:

  • "389:389"

  • "636:636"

phpldapadmin:

image: osixia/phpldapadmin:latest

container_name: phpldapadmin

restart: always

environment:

PHPLDAPADMIN_LDAP_HOSTS: "openldap"

PHPLDAPADMIN_HTTPS: "false"

ports:

  • "50081:80"

depends_on:

  • openldap

然后通过docker-compose up启动成功。http://localhost:50081/.

用户名为cn=admin,dc=auth,dc=gavin,dc=cn, 密码为123456

2、k8s部署,

首先通过docker命令把镜像推送到harbor

编写openldap.yml,

apiVersion: apps/v1

kind: Deployment

metadata:

annotations: {}

labels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

name: openldap

namespace: base-component

resourceVersion: '43043689'

spec:

progressDeadlineSeconds: 600

replicas: 1

revisionHistoryLimit: 10

selector:

matchLabels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

strategy:

rollingUpdate:

maxSurge: 25%

maxUnavailable: 25%

type: RollingUpdate

template:

metadata:

creationTimestamp: null

labels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

spec:

containers:

  • env:

  • name: LDAP_ORGANISATION

value: gavin

  • name: LDAP_DOMAIN

value: auth.gavin.cn

  • name: LDAP_BASE_DN

value: 'dc=auth,dc=gavin,dc=cn'

  • name: LDAP_ADMIN_PASSWORD

value: 123456

  • name: LDAP_CONFIG_PASSWORD

value: 123456

image: '192.168.20.4:8930/base-component/osixia/openldap:1.0.0'

imagePullPolicy: IfNotPresent

name: openldap

resources: {}

terminationMessagePath: /dev/termination-log

terminationMessagePolicy: File

volumeMounts:

  • mountPath: '/opt/openldap/ldap:/var/lib/ldap'

name: volume-hznp6

  • mountPath: '/opt/openldap/slapd.d:/etc/ldap/slapd.d'

name: volume-hznp6

dnsPolicy: ClusterFirst

restartPolicy: Always

schedulerName: default-scheduler

securityContext: {}

terminationGracePeriodSeconds: 30

volumes:

  • name: volume-hznp6

persistentVolumeClaim:

claimName: openldap

编写phpldapadmin.yml

apiVersion: apps/v1

kind: Deployment

metadata:

annotations: {}

labels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

name: phpldapadmin

namespace: base-component

resourceVersion: '43046631'

spec:

progressDeadlineSeconds: 600

replicas: 1

revisionHistoryLimit: 10

selector:

matchLabels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

strategy:

rollingUpdate:

maxSurge: 25%

maxUnavailable: 25%

type: RollingUpdate

template:

metadata:

creationTimestamp: null

labels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

spec:

containers:

  • env:

  • name: PHPLDAPADMIN_LDAP_HOSTS

value: openldap-svc

  • name: PHPLDAPADMIN_HTTPS

value: 'false'

image: '192.168.20.4:8930/base-component/osixia/phpldapadmin:1.0.0'

imagePullPolicy: IfNotPresent

name: phpldapadmin

resources: {}

terminationMessagePath: /dev/termination-log

terminationMessagePolicy: File

dnsPolicy: ClusterFirst

restartPolicy: Always

schedulerName: default-scheduler

securityContext: {}

terminationGracePeriodSeconds: 30

status:

availableReplicas: 1

conditions:

  • lastTransitionTime: '2023-07-13T06:19:54Z'

lastUpdateTime: '2023-07-13T06:19:54Z'

message: Deployment has minimum availability.

reason: MinimumReplicasAvailable

status: 'True'

type: Available

  • lastTransitionTime: '2023-07-13T06:19:49Z'

lastUpdateTime: '2023-07-13T06:45:55Z'

message: ReplicaSet "phpldapadmin-7bf9f9957c" is progressing.

reason: ReplicaSetUpdated

status: 'True'

type: Progressing

observedGeneration: 6

readyReplicas: 1

replicas: 1

unavailableReplicas: 1

updatedReplicas: 1

编写服务openldap-svc.yml

apiVersion: v1

kind: Service

metadata:

name: openldap-svc

namespace: base-component

resourceVersion: '43043585'

spec:

clusterIP: 10.233.170.152

clusterIPs:

  • 10.233.170.152

externalTrafficPolicy: Cluster

internalTrafficPolicy: Cluster

ipFamilies:

  • IPv4

ipFamilyPolicy: SingleStack

ports:

  • name: r6pkcf

nodePort: 389

port: 389

protocol: TCP

targetPort: 389

  • name: fw8jjr

nodePort: 636

port: 636

protocol: TCP

targetPort: 636

selector:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

sessionAffinity: None

type: NodePort

编写 phpldapadmin-svc.yml

apiVersion: v1

kind: Service

metadata:

name: phpldapadmin-svc

namespace: base-component

resourceVersion: '43042798'

spec:

clusterIP: 10.233.214.176

clusterIPs:

  • 10.233.214.176

externalTrafficPolicy: Cluster

internalTrafficPolicy: Cluster

ipFamilies:

  • IPv4

ipFamilyPolicy: SingleStack

ports:

  • name: dbz2rn

nodePort: 5080

port: 80

protocol: TCP

targetPort: 80

selector:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

sessionAffinity: None

type: NodePort

然后启动,进入页面。

注意:在phpldapadmin.yml文件里的环境变量PHPLDAPADMIN_LDAP_HOSTS,之前用的是openldap,也就是工作负载的名称,但是页面会出现不能连接ldap服务。改成openldap-svc就可以了,可能是因为工作负载不对外。

相关推荐
en-route1 小时前
Kubernetes Ingress:使用 Apache APISIX 进行外部流量路由
容器·kubernetes
DogDaoDao10 小时前
Docker全解析:从核心概念到2025年AI集成新特性
人工智能·docker·eureka·程序员
程序员在线炒粉8元1份顺丰包邮送可乐10 小时前
Docker 部署生产环境可用的 MySQL 主从架构
mysql·docker·架构
m0_7415747510 小时前
k8s的service
云原生·容器·kubernetes
鼠鼠我捏,要死了捏12 小时前
蓝绿发布与滚动更新:基于Kubernetes的微服务零停机切换实战指南
微服务·kubernetes·blue-green
liliangcsdn12 小时前
Mac本地docker安装Kibana+ElasticSearch
elasticsearch·macos·docker
xiao-xiang13 小时前
k8s下的发布策略详解
云原生·容器·kubernetes·部署·cicd·发布
优秀的老黄13 小时前
Docker部署RabbitMQ
linux·运维·docker·中间件·容器·centos·rabbitmq
Lin_Aries_042113 小时前
容器使用卷
linux·运维·docker·云原生·容器·eureka
寒士obj14 小时前
Docker的使用及核心命令
运维·docker·容器
热门推荐
01UV安装并设置国内源02GitHub 镜像站点03conda中设置镜像地址(附所有可换的地址)04KGG转MP3工具|非KGM文件|解密音频05A股预测还能更准?开源大模型Kronos带你跑通预测+回测全流程06UV 工具安装与国内镜像源配置指南0746个Nano-banana 精选提示词,持续更新中08突破百度网盘的下载限速,两种方法教会你【超详细】09Spec-Kit 使用指南10保姆级教程:手把手教你用Dify实现完美多轮对话(附Chatflow和提示词)