Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to run multiple bitnami openldap containers with common shared volume #73246

Open
rohan-97 opened this issue Oct 16, 2024 · 2 comments
Open

Unable to run multiple bitnami openldap containers with common shared volume #73246

rohan-97 opened this issue Oct 16, 2024 · 2 comments
Assignees
@carrodher
Labels
openldap tech-issues The user has a technical issue about an application triage Triage is needed

Comments

@rohan-97
Copy link

rohan-97 commented Oct 16, 2024
edited by carrodher
Loading

Name and Version

bitnami/openldap2.6

What architecture are you using?

amd64

What steps will reproduce the bug?

  1. Add custom ldif files under the /ldifs directory and create another container image named localhost:32000/custom-openldap
  2. create a common directory that will be mounted to all the ldap containers (/root/openldap)
  3. Create multiple container images which are mounted to the same directory (/root/openldap) using the following command
docker run -d -e BITNAMI_DEBUG="true" -e LDAP_ADMIN_USERNAME="superuser" -e LDAP_BINDDN="cn=ldap_bind_user,ou=people,dc=example,dc=com" -e LDAP_ENABLE_TLS="no" -e LDAP_EXTRA_SCHEMAS="cosine,general-acl,my-permissions,my-roles,ppolicy,nis,inetorgperson" -e LDAP_ROOT="dc=example,dc=com" -e LDAP_SKIP_DEFAULT_TREE="yes" -e LDAP_URI="ldap://ldap-server-service.my-namespace.svc.cluster.local" -e USER_DESCRIPTION_MAX_LEN="100" -e USER_FIRST_AND_LAST_NAME_MAX_LEN="100" -e USER_NAME_MAX_LEN="100" -e LDAP_ADMIN_PASSWORD="admin123" -e LDAP_READONLY_USER_PASSWORD="admin123" -e proxyBindPassword="" -v /root/openldap:/bitnami/openldap localhost:32000/custom-openldap
  1. List container images using the docker ps command
$ docker ps
CONTAINER ID   IMAGE                          COMMAND                  CREATED          STATUS                 PORTS                                               NAMES
f77ef5455f5f   localhost:32000/custom-openldap   "/opt/bitnami/script…"   2 minutes ago    Up 2 minutes           1389/tcp, 1636/tcp                                  upbeat_raman
9cccd41f02d2   localhost:32000/custom-openldap   "/opt/bitnami/script…"   17 minutes ago   Up 17 minutes          1389/tcp, 1636/tcp                                  nostalgic_antonelli
5434761c9281   localhost:32000/custom-openldap   "/opt/bitnami/script…"   23 minutes ago   Up 23 minutes          1389/tcp, 1636/tcp                                  objective_mayer
ca40ef1a68a2   localhost:32000/custom-openldap   "/opt/bitnami/script…"   26 minutes ago   Up 26 minutes          1389/tcp, 1636/tcp                                  angry_margulis
  1. Execute the following ldapsearch command in all the containers
ldapsearch  -H ldap://localhost:1389 -b "dc=example, dc=com" -D "cn=superuser,dc=example,dc=com" -w admin123

What is the expected behavior?

The expected behaviour is that ldapsearch should work on all the pods correctly

What do you see instead?

Ldapsearch is working on one container image whereas on other container images, we see the following error

$ ldapsearch  -H ldap://localhost:1389 -b "dc=example, dc=com" -D "cn=superuser,dc=example,dc=com" -w admin123
# extended LDIF
#
# LDAPv3
# base <dc=example, dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 80 Other (e.g., implementation specific) error
text: internal error

# numResponses: 1

I wanted to know whether it is feasible/possible to use the same mount point for multiple bitnami containers.

Additional information

Following is the list of container images

$ docker ps
CONTAINER ID   IMAGE                          COMMAND                  CREATED          STATUS                 PORTS                                               NAMES
f77ef5455f5f   localhost:32000/custom-openldap   "/opt/bitnami/script…"   2 minutes ago    Up 2 minutes           1389/tcp, 1636/tcp                                  upbeat_raman
9cccd41f02d2   localhost:32000/custom-openldap   "/opt/bitnami/script…"   17 minutes ago   Up 17 minutes          1389/tcp, 1636/tcp                                  nostalgic_antonelli
5434761c9281   localhost:32000/custom-openldap   "/opt/bitnami/script…"   23 minutes ago   Up 23 minutes          1389/tcp, 1636/tcp                                  objective_mayer
ca40ef1a68a2   localhost:32000/custom-openldap   "/opt/bitnami/script…"   26 minutes ago   Up 26 minutes          1389/tcp, 1636/tcp                                  angry_margulis

And following is the ldapsearch output on all the containers:

  1. f77ef5455f5f
$ docker exec -it f77ef5455f5f bash
$ ldapsearch  -H ldap://localhost:1389 -b "dc=example, dc=com" -D "cn=superuser,dc=example,dc=com" -w admin123
# extended LDIF
#
# LDAPv3
# base <dc=example, dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 80 Other (e.g., implementation specific) error
text: internal error

# numResponses: 1
  1. 9cccd41f02d2
$ ldapsearch  -H ldap://localhost:1389 -b "dc=example, dc=com" -D "cn=superuser,dc=example,dc=com" -w admin123
# extended LDIF
#
# LDAPv3
# base <dc=example, dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 80 Other (e.g., implementation specific) error
text: internal error

# numResponses: 1
  1. 5434761c9281
$ ldapsearch  -H ldap://localhost:1389 -b "dc=example, dc=com" -D "cn=superuser,dc=example,dc=com" -w admin123                                                               # extended LDIF
#
# LDAPv3
# base <dc=example, dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# example.com
dn: dc=example,dc=com
objectClass: top
objectClass: domain
dc: example

# groups, example.com
dn: ou=groups,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
ou: groups
.
.
.
  1. ca40ef1a68a2 (Somehow LDAP bind failed on this container, there seems to be some environmental issue)
$ ldapsearch  -H ldap://localhost:1389 -b "dc=example, dc=com" -D "cn=superuser,dc=example,dc=com" -w admin123
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
@rohan-97 rohan-97 added the tech-issues The user has a technical issue about an application label Oct 16, 2024
@github-actions github-actions bot added the triage Triage is needed label Oct 16, 2024
@carrodher
Copy link
Member

Hi, the issue may not be directly related to the Bitnami container image/Helm chart, but rather to how the application is being utilized, configured in your specific environment, or tied to a particular scenario that is not easy to reproduce on our side.

If you think that's not the case and want to contribute a solution, we welcome you to create a pull request. The Bitnami team is excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Feel free to reach out if you have any questions or need assistance.

Suppose you have any questions about the application, customizing its content, or technology and infrastructure usage. In that case, we highly recommend that you refer to the forums and user guides provided by the project responsible for the application or technology.

With that said, we'll keep this ticket open until the stale bot automatically closes it, in case someone from the community contributes valuable insights.

@vishwanathjadhav
Copy link

Hi @carrodher - Can u please point me to the openldap doc link, which will help me to create the clustering with the common shared volume ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carrodher carrodher

Labels
openldap tech-issues The user has a technical issue about an application triage Triage is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@carrodher @rohan-97 @vishwanathjadhav