dirsrv-deployment.yaml
No OneTemporary
Actions

Authored By

Unknown

Size

3 KB

Referenced Files

None

Subscribers

None

dirsrv-deployment.yaml
View Options

	{{- if .Values.ldap.enabled -}}
	kind: Deployment
	apiVersion: apps/v1
	metadata:
	name: dirsrv
	spec:
	selector:
	matchLabels:
	app: dirsrv
	strategy:
	type: Recreate
	replicas: 1
	template:
	metadata:
	labels:
	app: dirsrv
	annotations:
	checksum/config: {{ include (print $.Template.BasePath "/dirsrv-configmap.yaml") . \| sha256sum }}
	spec:
	{{- if .Values.openshift }}
	serviceAccountName: dirsrvserviceaccount
	{{- end }}
	initContainers:
	# Init container is required to change the permissions after a persistent volume is mounted.
	# Otherwise dscontainer will be denied to create subdirectories and will fail to start.
	# FIXME something about this seems wrong
	# Initially I always run into: "AssertionError: Another instance named 'localhost' may already exist"
	# Which can be fixed by creating a debug container (oc debug pod/dirsrv-0), and doing an "rm -Rf /data/*", and then restarting the pod.
	- name: dirsrv-init-container
	image: busybox
	command: ["sh", "-c", "chown -R 389:389 /data"]
	volumeMounts:
	- name: dirsrv-data
	mountPath: /data
	containers:
	- name: dirsrv-container
	image: quay.io/389ds/dirsrv:c9s
	resources:
	{{- toYaml .Values.ldap.resources \| nindent 12 }}
	env:
	# Set `cn=Directory Manager`'s password
	- name: DS_DM_PASSWORD
	valueFrom:
	secretKeyRef:
	key: LDAP_ADMIN_BIND_PW
	name: kolab-admin-secret
	## Use suffix as a basedn in `dsrc` file
	# - name: DS_SUFFIX_NAME
	# value: "dc=example,dc=com"
	## DS_ERRORLOG_LEVEL - set the log level for `ns-slapd`, default is 266354688
	# - name: DS_ERRORLOG_LEVEL
	# value: "8192"
	# DS_MEMORY_PERCENTAGE - set LDBM autotune percentage (`nsslapd-cache-autosize`), default is 0
	- name: DS_MEMORY_PERCENTAGE
	value: "40"
	## DS_REINDEX` - run database reindex task (`db2index`)
	# - name: DS_REINDEX
	# value: "True"
	## DS_STARTUP_TIMEOUT - set container startup timeout in seconds, default is 60 seconds.
	# - name: DS_STARTUP_TIMEOUT
	# value: "120"
	ports:
	- containerPort: 3389
	protocol: TCP
	- containerPort: 3636
	protocol: TCP
	securityContext:
	runAsUser: 389
	# fsGroup: 389
	volumeMounts:
	- name: dirsrv-data
	mountPath: "/data"
	- mountPath: /etc/dirsrv/schema/
	name: dirsrv-config
	- name: dirsrv-tls
	mountPath: '/data/tls/'
	readOnly: true
	- name: dirsrv-tls-ca
	mountPath: '/data/tls/ca'
	readOnly: true
	volumes:
	- name: dirsrv-data
	persistentVolumeClaim:
	claimName: dirsrv-data
	- name: dirsrv-config
	configMap:
	defaultMode: 420
	name: dirsrv-config
	items:
	- key: kolab3.ldif
	path: 99kolab3.ldif
	- name: dirsrv-tls
	secret:
	{{- $secretName := include "kolab.tlsSecretName" . }}
	secretName: {{ default .Values.imap.tlsSecretName $secretName }}
	items:
	- key: tls.key
	path: server.key
	- key: tls.crt
	path: server.crt
	- name: dirsrv-tls-ca
	secret:
	{{- $secretName := include "kolab.tlsSecretName" . }}
	secretName: {{ default .Values.imap.tlsSecretName $secretName }}
	items:
	- key: ca.cert
	path: ca1.crt
	---
	{{- include "kolab.pvc" .Values.ldap.volumes.data }}
	{{- end }}

File Metadata

Mime Type: text/plain
Expires: Sat, Apr 4, 5:52 AM (1 w, 1 d ago)
Storage Engine: local-disk
Storage Format: Raw Data
Storage Handle: ff/51/3331205cd8872cd15f63f423e025
Default Alt Text: dirsrv-deployment.yaml (3 KB)

dirsrv-deployment.yamlNo OneTemporaryActions

dirsrv-deployment.yamlView Options

File Metadata

Event Timeline

dirsrv-deployment.yaml
No OneTemporary
Actions

dirsrv-deployment.yaml
View Options