--- # Tasks file for OpenLDAP - name: Create OpenLDAP namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: name: openldap - name: Create PVC for OpenLDAP data k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: data namespace: openldap spec: accessModes: - ReadWriteOnce resources: requests: storage: 128Gi - name: Create PVC for OpenLDAP configuration k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: config namespace: openldap spec: accessModes: - ReadWriteOnce resources: requests: storage: 32Gi - name: Create Deployment for OpenLDAP k8s: definition: apiVersion: v1 kind: Deployment metadata: name: openldap namespace: openldap spec: replicas: 1 selector: matchLabels: app: openldap template: metadata: labels: app: openldap spec: containers: - name: openldap image: osixia/openldap env: - name: LDAP_ORGANISATION value: "EOM" - name: LDAP_DOMAIN value: "eom.dev" - name: LDAP_ADMIN_PASSWORD value: "{{ openldap_admin_password }}" - name: LDAP_READONLY_USER value: "true" - name: LDAP_READONLY_USER_PASSWORD value: "{{ openldap_readonly_password }}" - name: LDAP_TLS_VERIFY_CLIENT value: never volumeMounts: - name: config mountPath: /etc/ldap/slapd.d - name: data mountPath: /var/lib/ldap ports: - containerPort: 389 - containerPort: 636 volumes: - name: data persistentVolumeClaim: claimName: data - name: config persistentVolumeClaim: claimName: config - name: Create Service for OpenLDAP k8s: definition: apiVersion: v1 kind: Service metadata: name: openldap namespace: openldap spec: selector: app: openldap ports: - port: 389 name: ldap - port: 636 name: ldaps type: ClusterIP