首页 > 其他分享 >Kubernetes部署ldap

Kubernetes部署ldap

时间:2022-11-15 22:34:09浏览次数:103  
标签:kubectl Kubernetes 部署 -- openldap ldap release my

目录

doc

https://hub.kubeapps.com/charts/geek-cookbook/openldap

ldap

389 tcp
636 tcp

init pv



kubectl apply -f  /free_cicdfs0/k8s_ymls/app-yml/ldap/ldap-pv.yml

kubectl replace --force -f  /free_cicdfs0/k8s_ymls/app-yml/ldap/ldap-pv.yml

kubectl delete -f  /free_cicdfs0/k8s_ymls/app-yml/ldap/ldap-pv.yml


ldap init


docker pull  osixia/openldap:1.1.10

# change tag and push self hub
docker tag   osixia/openldap:1.1.10     docker-hub.one-k.xyz/osixia/openldap:1.1.10
docker push docker-hub.one-k.xyz/osixia/openldap:1.1.10


helm repo add geek-cookbook https://geek-cookbook.github.io/charts

helm install geek-cookbook/openldap --version 1.2.9 --generate-name

# init
kubectl create namespace openldap
helm install -n openldap  my-release \
    --set  image.repository='docker-hub.one-k.xyz/osixia/openldap'   \
    --set  image.tag='1.1.10'   \
    --set  replicaCount='1'   \
    --set  service.type='LoadBalancer'   \
    --set  service.loadBalancerIP='192.168.99.135'   \
    --set  persistence.enabled='true'   \
    --set  persistence.storageClass='ldap-storage'   \
    --set  persistence.size='50Gi'   \
    --set  persistence.accessMode='ReadWriteMany'  \
    --set  adminPassword='root@free_cicd'   \
    geek-cookbook/openldap

# uninstall
helm uninstall  -n openldap  my-release 

# 检查 服务 是否 正常 分配 了 ip 
kubectl get svc --all-namespaces


use

NAME: my-release
LAST DEPLOYED: Thu Sep  2 10:27:04 2021
NAMESPACE: openldap
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
OpenLDAP has been installed. You can access the server from within the k8s cluster using:

  my-release-openldap.openldap.svc.cluster.local:389


You can access the LDAP adminPassword and configPassword using:

  kubectl get secret --namespace openldap my-release-openldap -o jsonpath="{.data.LDAP_ADMIN_PASSWORD}" | base64 --decode; echo
  kubectl get secret --namespace openldap my-release-openldap -o jsonpath="{.data.LDAP_CONFIG_PASSWORD}" | base64 --decode; echo


You can access the LDAP service, from within the cluster (or with kubectl port-forward) with a command like (replace password and domain):
  ldapsearch -x -H ldap://my-release-openldap.openldap.svc.cluster.local:389 -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w $LDAP_ADMIN_PASSWORD


Test server health using Helm test:
  helm test my-release


You can also consider installing the helm chart for phpldapadmin to manage this instance of OpenLDAP, or install Apache Directory Studio, and connect using kubectl port-forward.


查看状态


kubectl get pod -n openldap
NAME                                   READY   STATUS              RESTARTS   AGE
my-release-openldap-8459c66b7f-582lt   0/1     ContainerCreating   0          6m45s
my-release-openldap-8459c66b7f-jktjs   0/1     ContainerCreating   0          6m45s

# 
kubectl describe -n openldap pod my-release-openldap-8459c66b7f-582lt
#   Warning  FailedMount  51s (x12 over 9m5s)  kubelet            MountVolume.SetUp failed for volume "ldap-pv-2" : hostPath type check failed: /free_cicdfs0/k8s_data/ldap/pv-2 is not a directory
#   Warning  FailedMount  14s (x3 over 7m2s)   kubelet            Unable to attach or mount volumes: unmounted volumes=[data], unattached volumes=[data kube-api-access-qkmj2]: timed out waiting for the condition


ps:欢迎大家进群交流 qq群:3638803451
公主号:
在这里插入图片描述

标签:kubectl,Kubernetes,部署,--,openldap,ldap,release,my
From: https://www.cnblogs.com/ltgybyb/p/16894277.html

相关文章