openldap docker k8s部署

IamstudyingJava2023-07-21 19:47

1、docker部署

首先编写docker-compose.yml文件:

version: '2'

services:

openldap:

image: osixia/openldap:1.5.0

container_name: openldap

restart: always

environment:

LDAP_ORGANISATION: "gavin"

LDAP_DOMAIN: "auth.gavin.cn"

LDAP_BASE_DN: "dc=auth,dc=gavin,dc=cn"

LDAP_ADMIN_PASSWORD: "123456"

LDAP_CONFIG_PASSWORD: "123456"

volumes:

- /opt/openldap/ldap:/var/lib/ldap

- /opt/openldap/slapd.d:/etc/ldap/slapd.d

ports:

  • "389:389"

  • "636:636"

phpldapadmin:

image: osixia/phpldapadmin:latest

container_name: phpldapadmin

restart: always

environment:

PHPLDAPADMIN_LDAP_HOSTS: "openldap"

PHPLDAPADMIN_HTTPS: "false"

ports:

  • "50081:80"

depends_on:

  • openldap

然后通过docker-compose up启动成功。http://localhost:50081/.

用户名为cn=admin,dc=auth,dc=gavin,dc=cn, 密码为123456

2、k8s部署,

首先通过docker命令把镜像推送到harbor

编写openldap.yml,

apiVersion: apps/v1

kind: Deployment

metadata:

annotations: {}

labels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

name: openldap

namespace: base-component

resourceVersion: '43043689'

spec:

progressDeadlineSeconds: 600

replicas: 1

revisionHistoryLimit: 10

selector:

matchLabels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

strategy:

rollingUpdate:

maxSurge: 25%

maxUnavailable: 25%

type: RollingUpdate

template:

metadata:

creationTimestamp: null

labels:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

spec:

containers:

  • env:

  • name: LDAP_ORGANISATION

value: gavin

  • name: LDAP_DOMAIN

value: auth.gavin.cn

  • name: LDAP_BASE_DN

value: 'dc=auth,dc=gavin,dc=cn'

  • name: LDAP_ADMIN_PASSWORD

value: 123456

  • name: LDAP_CONFIG_PASSWORD

value: 123456

image: '192.168.20.4:8930/base-component/osixia/openldap:1.0.0'

imagePullPolicy: IfNotPresent

name: openldap

resources: {}

terminationMessagePath: /dev/termination-log

terminationMessagePolicy: File

volumeMounts:

  • mountPath: '/opt/openldap/ldap:/var/lib/ldap'

name: volume-hznp6

  • mountPath: '/opt/openldap/slapd.d:/etc/ldap/slapd.d'

name: volume-hznp6

dnsPolicy: ClusterFirst

restartPolicy: Always

schedulerName: default-scheduler

securityContext: {}

terminationGracePeriodSeconds: 30

volumes:

  • name: volume-hznp6

persistentVolumeClaim:

claimName: openldap

编写phpldapadmin.yml

apiVersion: apps/v1

kind: Deployment

metadata:

annotations: {}

labels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

name: phpldapadmin

namespace: base-component

resourceVersion: '43046631'

spec:

progressDeadlineSeconds: 600

replicas: 1

revisionHistoryLimit: 10

selector:

matchLabels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

strategy:

rollingUpdate:

maxSurge: 25%

maxUnavailable: 25%

type: RollingUpdate

template:

metadata:

creationTimestamp: null

labels:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

spec:

containers:

  • env:

  • name: PHPLDAPADMIN_LDAP_HOSTS

value: openldap-svc

  • name: PHPLDAPADMIN_HTTPS

value: 'false'

image: '192.168.20.4:8930/base-component/osixia/phpldapadmin:1.0.0'

imagePullPolicy: IfNotPresent

name: phpldapadmin

resources: {}

terminationMessagePath: /dev/termination-log

terminationMessagePolicy: File

dnsPolicy: ClusterFirst

restartPolicy: Always

schedulerName: default-scheduler

securityContext: {}

terminationGracePeriodSeconds: 30

status:

availableReplicas: 1

conditions:

  • lastTransitionTime: '2023-07-13T06:19:54Z'

lastUpdateTime: '2023-07-13T06:19:54Z'

message: Deployment has minimum availability.

reason: MinimumReplicasAvailable

status: 'True'

type: Available

  • lastTransitionTime: '2023-07-13T06:19:49Z'

lastUpdateTime: '2023-07-13T06:45:55Z'

message: ReplicaSet "phpldapadmin-7bf9f9957c" is progressing.

reason: ReplicaSetUpdated

status: 'True'

type: Progressing

observedGeneration: 6

readyReplicas: 1

replicas: 1

unavailableReplicas: 1

updatedReplicas: 1

编写服务openldap-svc.yml

apiVersion: v1

kind: Service

metadata:

name: openldap-svc

namespace: base-component

resourceVersion: '43043585'

spec:

clusterIP: 10.233.170.152

clusterIPs:

  • 10.233.170.152

externalTrafficPolicy: Cluster

internalTrafficPolicy: Cluster

ipFamilies:

  • IPv4

ipFamilyPolicy: SingleStack

ports:

  • name: r6pkcf

nodePort: 389

port: 389

protocol: TCP

targetPort: 389

  • name: fw8jjr

nodePort: 636

port: 636

protocol: TCP

targetPort: 636

selector:

k8s.kuboard.cn/layer: db

k8s.kuboard.cn/name: openldap

sessionAffinity: None

type: NodePort

编写 phpldapadmin-svc.yml

apiVersion: v1

kind: Service

metadata:

name: phpldapadmin-svc

namespace: base-component

resourceVersion: '43042798'

spec:

clusterIP: 10.233.214.176

clusterIPs:

  • 10.233.214.176

externalTrafficPolicy: Cluster

internalTrafficPolicy: Cluster

ipFamilies:

  • IPv4

ipFamilyPolicy: SingleStack

ports:

  • name: dbz2rn

nodePort: 5080

port: 80

protocol: TCP

targetPort: 80

selector:

k8s.kuboard.cn/layer: web

k8s.kuboard.cn/name: phpldapadmin

sessionAffinity: None

type: NodePort

然后启动,进入页面。

注意:在phpldapadmin.yml文件里的环境变量PHPLDAPADMIN_LDAP_HOSTS,之前用的是openldap,也就是工作负载的名称,但是页面会出现不能连接ldap服务。改成openldap-svc就可以了,可能是因为工作负载不对外。

相关推荐
乌托邦的逃亡者43 分钟前
Docker的/var/lib/docker/目录占用100%的处理方法
运维·docker·容器
OKUNP5 小时前
Docker高级管理--容器通信技术与数据持久化
docker·容器·php
用户6855449692738 小时前
第一周作业
docker
星辰云-12 小时前
【超详细】CentOS系统Docker安装与配置一键脚本(附镜像加速配置)
linux·docker·centos
果子⌂14 小时前
Docker-构建镜像并实现LNMP架构
mysql·nginx·docker·容器·架构·php
无敌糖果14 小时前
K8S数据流核心底层逻辑剖析
docker·容器·kubernetes·k8s架构·底层逻辑·k8s数据流
亲爱的非洲野猪16 小时前
关于k8s Kubernetes的10个面试题
云原生·容器·kubernetes
西京刀客16 小时前
k8s之configmap
云原生·容器·kubernetes
极限实验室18 小时前
一键启动:使用 start-local 脚本轻松管理 INFINI Console 与 Easysearch 本地环境
数据库·docker
❀͜͡傀儡师18 小时前
docker 安装数据集成平台 Apache SeaTunnel 服务
docker·容器
热门推荐
01【无标题】02集群聊天服务器---MySQL数据库的建立03Coze扣子平台完整体验和实践(附国内和国际版对比)04深度神经网络训练过程与常见概念05KGG转MP3工具|非KGM文件|解密音频06扣子(coze)实战|我用扣子搭建了一个自动分析小红薯笔记内容的AI应用|详细步骤拆解07Java类变量(静态变量)08使用Ruby接入实时行情API教程09DeepSeek各版本说明与优缺点分析10LOT: 通过逻辑增强大型语言模型的零样本Chain-of-Thought推理能力