Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-04 06:47:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/mariadb-galera] Update LDAP configuration

Browse Source 
Signed-off-by: Andrés Bono <andresbono@vmware.com>
This commit is contained in:
Andrés Bono
2019-08-12 16:38:02 +02:00
committed by juan131
parent ceb85e662b
commit 46cb01fe09
4 changed files with 31 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
bitnami/mariadb-galera/README.md
View File

@@ -101,6 +101,9 @@ The following table lists the configurable parameters of the MariaDB Galera char
| `ldap.binddn` | LDAP bind DN | `nil` |
| `ldap.bindpw` | LDAP bind password | `nil` |
| `ldap.bslookup` | LDAP base lookup | `nil` |
| `ldap.nss_initgroups_ignoreusers` | LDAP ignored users | `root,nslcd` |
| `ldap.scope` | LDAP search scope | `nil` |
| `ldap.tls_reqcert` | LDAP TLS check on server certificates | `nil` |
| `mariadbConfiguration` | Configuration for the MariaDB server | `_default values in the values.yaml file_` |
| `configurationConfigMap` | ConfigMap with the MariaDB configuration files (Note: Overrides `mariadbConfiguration`). The value is evaluated as a template. | `nil` |
| `initdbScripts` | Dictionary of initdb scripts | `nil` |
@@ -183,17 +186,23 @@ LDAP support can be enabled in the chart by specifying the `ldap.` parameters wh
- `ldap.binddn`: LDAP bind DN. No defaults.
- `ldap.bindpw`: LDAP bind password. No defaults.
- `ldap.bslookup`: LDAP base lookup. No defaults.
- `ldap.nss_initgroups_ignoreusers`: LDAP ignored users. `root,nslcd`.
- `ldap.scope`: LDAP search scope. No defaults.
- `ldap.tls_reqcert`: LDAP TLS check on server certificates. No defaults.
For example:
```bash
$ helm install --name my-release bitnami/mariadb-galera \
--set ldap.enabled="true" \
--set ldap.url="ldap://my_ldap_server" \
--set ldap.base="dc=example,dc=org" \
--set ldap.binddn="cn=admin,dc=example,dc=org" \
--set ldap.uri="ldap://my_ldap_server" \
--set ldap.base="dc=example\,dc=org" \
--set ldap.binddn="cn=admin\,dc=example\,dc=org" \
--set ldap.bindpw="admin" \
--set ldap.bslookup="ou=group-ok,dc=example,dc=org"
--set ldap.bslookup="ou=group-ok\,dc=example\,dc=org" \
--set ldap.nss_initgroups_ignoreusers="root\,nslcd" \
--set ldap.scope="sub" \
--set ldap.tls_reqcert="demand"
```
Next, login to the MariaDB server using the `mysql` client and add the PAM authenticated LDAP users.

12
bitnami/mariadb-galera/templates/statefulset.yaml
View File

@@ -154,9 +154,21 @@ spec:
name: {{ template "mariadb-galera.fullname" . }}
{{- end }}
key: ldap-bindpw
- name: MARIADB_LDAP_NSS_INITGROUPS_IGNOREUSERS
value: {{ .Values.ldap.nss_initgroups_ignoreusers | default "root,nslcd" | quote }}
{{- if .Values.ldap.bslookup }}
- name: MARIADB_LDAP_BASE_LOOKUP
value: {{ .Values.ldap.bslookup }}
{{- end }}
{{- if .Values.ldap.scope }}
- name: MARIADB_LDAP_SCOPE
value: {{ .Values.ldap.scope }}
{{- end }}
{{- if .Values.ldap.tls_reqcert }}
- name: MARIADB_LDAP_TLS_REQCERT
value: {{ .Values.ldap.tls_reqcert }}
{{- end }}
{{- end }}
{{- if .Values.extraFlags }}
- name: MARIADB_EXTRA_FLAGS
value: {{ .Values.extraFlags | quote }}

3
bitnami/mariadb-galera/values-production.yaml
View File

@@ -163,6 +163,9 @@ ldap:
# binddn:
# bindpw:
# bslookup:
# nss_initgroups_ignoreusers: root,nslcd
# scope:
# tls_reqcert:
## Configure MariaDB with a custom my.cnf file
## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file

3
bitnami/mariadb-galera/values.yaml
View File

@@ -163,6 +163,9 @@ ldap:
# binddn:
# bindpw:
# bslookup:
# nss_initgroups_ignoreusers: root,nslcd
# scope:
# tls_reqcert:
## Configure MariaDB with a custom my.cnf file
## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file