154 lines
4.2 KiB
YAML
154 lines
4.2 KiB
YAML
---
|
|
# tasks file for openldap
|
|
- name: Create persistent volume for openldap-config
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: PersistentVolume
|
|
metadata:
|
|
name: "eom-{{ target_namespace }}-openldap-config"
|
|
spec:
|
|
capacity:
|
|
storage: 1024Gi
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
persistentVolumeReclaimPolicy: Retain
|
|
storageClassName: standard
|
|
hostPath:
|
|
path: "/data/store-0/eom-{{ target_namespace }}/openldap-config"
|
|
nodeAffinity:
|
|
required:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/hostname
|
|
operator: In
|
|
values:
|
|
- alpha-worker-0
|
|
|
|
- name: Create a persistent volume claim for openldap-config
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: openldap-config
|
|
namespace: "eom-{{ target_namespace }}"
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 1024Gi
|
|
storageClassName: standard
|
|
volumeName: "eom-{{ target_namespace }}-openldap-config"
|
|
|
|
- name: Create persistent volume for openldap-data
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: PersistentVolume
|
|
metadata:
|
|
name: "eom-{{ target_namespace }}-openldap-data"
|
|
spec:
|
|
capacity:
|
|
storage: 1024Gi
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
persistentVolumeReclaimPolicy: Retain
|
|
storageClassName: standard
|
|
hostPath:
|
|
path: "/data/store-0/eom-{{ target_namespace }}/openldap-data"
|
|
nodeAffinity:
|
|
required:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/hostname
|
|
operator: In
|
|
values:
|
|
- alpha-worker-0
|
|
|
|
- name: Create a persistent volume claim for openldap-data
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: openldap-data
|
|
namespace: "eom-{{ target_namespace }}"
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 1024Gi
|
|
storageClassName: standard
|
|
volumeName: "eom-{{ target_namespace }}-openldap-data"
|
|
|
|
- name: Create a deployment
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: openldap
|
|
namespace: "eom-{{ target_namespace }}"
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: openldap
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: openldap
|
|
spec:
|
|
containers:
|
|
- name: openldap
|
|
image: osixia/openldap
|
|
env:
|
|
- name: LDAP_ORGANISATION
|
|
value: "EOM"
|
|
- name: LDAP_DOMAIN
|
|
value: "eom.dev"
|
|
- name: LDAP_ADMIN_PASSWORD
|
|
value: "{{ ldap_admin_password }}"
|
|
- name: LDAP_READONLY_USER
|
|
value: "true"
|
|
- name: LDAP_READONLY_USER_PASSWORD
|
|
value: "{{ ldap_readonly_password }}"
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /etc/ldap/slapd.d
|
|
- name: data
|
|
mountPath: /var/lib/ldap
|
|
ports:
|
|
- containerPort: 389
|
|
- containerPort: 636
|
|
volumes:
|
|
- name: config
|
|
persistentVolumeClaim:
|
|
claimName: openldap-config
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: openldap-data
|
|
|
|
- name: Expose deployment as a service
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: openldap
|
|
namespace: "eom-{{ target_namespace }}"
|
|
spec:
|
|
selector:
|
|
app: openldap
|
|
ports:
|
|
- port: 389
|
|
name: openldap-389
|
|
type: ClusterIP
|