--- # tasks file for openldap - name: Create persistent volume for openldap-config k8s: state: present definition: apiVersion: v1 kind: PersistentVolume metadata: name: "eom-{{ target_namespace }}-openldap-config" spec: capacity: storage: 1024Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain storageClassName: standard hostPath: path: "/data/store-0/eom-{{ target_namespace }}/openldap-config" nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - alpha-worker-0 - name: Create a persistent volume claim for openldap-config k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: openldap-config namespace: "eom-{{ target_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: 1024Gi storageClassName: standard volumeName: "eom-{{ target_namespace }}-openldap-config" - name: Create persistent volume for openldap-data k8s: state: present definition: apiVersion: v1 kind: PersistentVolume metadata: name: "eom-{{ target_namespace }}-openldap-data" spec: capacity: storage: 1024Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain storageClassName: standard hostPath: path: "/data/store-0/eom-{{ target_namespace }}/openldap-data" nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - alpha-worker-0 - name: Create a persistent volume claim for openldap-data k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: openldap-data namespace: "eom-{{ target_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: 1024Gi storageClassName: standard volumeName: "eom-{{ target_namespace }}-openldap-data" - name: Create a deployment k8s: definition: apiVersion: v1 kind: Deployment metadata: name: openldap namespace: "eom-{{ target_namespace }}" spec: replicas: 1 selector: matchLabels: app: openldap template: metadata: labels: app: openldap spec: containers: - name: openldap image: osixia/openldap env: - name: LDAP_ORGANISATION value: "EOM" - name: LDAP_DOMAIN value: "eom.dev" - name: LDAP_ADMIN_PASSWORD value: "{{ ldap_admin_password }}" - name: LDAP_READONLY_USER value: "true" - name: LDAP_READONLY_USER_PASSWORD value: "{{ ldap_readonly_password }}" volumeMounts: - name: config mountPath: /etc/ldap/slapd.d - name: data mountPath: /var/lib/ldap ports: - containerPort: 389 - containerPort: 636 volumes: - name: config persistentVolumeClaim: claimName: openldap-config - name: data persistentVolumeClaim: claimName: openldap-data - name: Expose deployment as a service k8s: definition: apiVersion: v1 kind: Service metadata: name: openldap namespace: "eom-{{ target_namespace }}" spec: selector: app: openldap ports: - port: 389 name: openldap-389 type: ClusterIP