apiVersion: v1 kind: PersistentVolumeClaim metadata: name: openldap-db namespace: kube-system spec: accessModes: - ReadWriteMany resources: requests: storage: 30Gi storageClassName: nfs-storage-2 --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: openldap-conf namespace: kube-system spec: accessModes: - ReadWriteMany resources: requests: storage: 3Gi storageClassName: nfs-storage-2 --- apiVersion: apps/v1 kind: Deployment metadata: name: openldap labels: app: openldap namespace: kube-system spec: replicas: 1 selector: matchLabels: app: openldap template: metadata: labels: app: openldap spec: containers: - name: openldap # image: osixia/openldap image: harbor.uenpay.com/base/openldap:latest env: - name: LDAP_LOG_LEVEL value: "256" - name: LDAP_ORGANISATION value: "uenpay" - name: LDAP_DOMAIN value: "uenpay.com" - name: LDAP_BASE_DN value: "dc=uenpay,dc=com" - name: LDAP_ADMIN_PASSWORD value: "Uenpay@2019" - name: LDAP_CONFIG_PASSWORD value: "Uenpay@2019" - name: LDAP_READONLY_USER value: "false" # - name: LDAP_READONLY_USER_USERNAME # value: "readonly" # - name: LDAP_READONLY_USER_PASSWORD # value: "readonly" - name: LDAP_RFC2307BIS_SCHEMA value: "false" - name: LDAP_BACKEND value: "mdb" - name: LDAP_REPLICATION value: "false" - name: KEEP_EXISTING_CONFIG value: "false" - name: LDAP_REMOVE_CONFIG_AFTER_SETUP value: "true" ports: - containerPort: 389 - containerPort: 636 volumeMounts: - name: openldap-db mountPath: /var/lib/ldap - name: openldap-conf mountPath: /etc/ldap/slapd.d - name: local-time mountPath: /etc/localtime volumes: - name: openldap-db persistentVolumeClaim: claimName: openldap-db - name: openldap-conf persistentVolumeClaim: claimName: openldap-conf - name: local-time hostPath: path: /usr/share/zoneinfo/Asia/Shanghai --- apiVersion: v1 kind: Service metadata: name: openldap namespace: kube-system spec: selector: app: openldap type: NodePort ports: - name: ldap port: 389 targetPort: 389 nodePort: 30089 - name: ldaps port: 636 targetPort: 636 nodePort: 30036