Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

comanage-registry-docker/docs/openldap-volumes-and-data-persistence.md

Go to file
 
 
Cannot retrieve contributors at this time
76 lines (56 sloc) 2.31 KB
Raw Blame
Open in GitHub Desktop

OpenLDAP slapd for COmanage Registry Volumes and Data Persistence

The OpenLDAP for COmanage Registry image requires two persistent directories into which state files will be written.

The persistent directories must be provided either using Docker volumes or bind mounts.

Note that when the image is only used as an LDAP proxy the persistent directories are not strictly necessary, provided all necessary configuration is injected at run time.

The paths for the directories inside the container that must be mounted are

/var/lib/ldap

and

/etc/ldap/slapd.d

For example to use bind mounts from the local Docker engine host:

sudo mkdir -p /opt/docker/var/lib/ldap
sudo mkdir -p /opt/docker/etc/ldap/slapd.d

and then when instantiating the container

docker run -d \
  --name comanage-registry-ldap \
  -v /opt/docker/var/lib/ldap:/var/lib/ldap \
  -v /opt/docker/etc/ldap/slapd.d:/etc/ldap/slapd.d \
  -p 389:389 \
  -p 636:636 \
  comanage-registry-slapd:2

After the image is instantiated into a container for the first time the entrypoint script will create the necessary base configuration, schema, and LMBD files for storing directory state, and bootstrap the directory using the values for the suffix, root DN, and root DN password injected at runtime using environment variables.

After the first instantiation of the container later restarts will not overwrite the suffix, root DN, and root DN password even if the values for the environment variables change.