Wednesday, March 23, 2022

[389-users] Re: Running 389ds server in Kubernetes: Questions on certificate names and bootstrapping

Cool, so it sounds like you have it all working then?

> On 23 Mar 2022, at 20:23, Johannes Kastl <kastl@b1-systems.de> wrote:
>
> On 23.03.22 at 10:50 Johannes Kastl wrote:
>
>> This approach did work, putting the following into the deployment specification:
>>> - name: 389server-certs
>>> secret:
>>> secretName: my-tls-secret
>>> items:
>>> - key: tls.key
>>> path: /data/tls/server.key
>>> - key: tls.crt
>>> path: /data/tls/server.crt
>
> Copied the wrong (non-working) version of the code... :-)
>
> This one works, even when mounting the secret on top of the volume that is needed to preserve the persistent data:
>
>> volumeMounts:
>> - name: 389server-data
>> mountPath: '/data/'
>> - name: 389server-certs
>> mountPath: '/data/tls/'
>> readOnly: true
> [...]
>> volumes:
>> - name: 389server-data
>> persistentVolumeClaim:
>> claimName: 389server-data
>> - name: 389server-certs
>> secret:
>> secretName: my-tls-secret
>> items:
>> - key: tls.key
>> path: server.key
>> - key: tls.crt
>> path: server.crt
>
>
>
>
> --
> Johannes Kastl
> Linux Consultant & Trainer
> Tel.: +49 (0) 151 2372 5802
> Mail: kastl@b1-systems.de
>
> B1 Systems GmbH
> Osterfeldstraße 7 / 85088 Vohburg
> http://www.b1-systems.de
> GF: Ralph Dehner
> Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
> Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

--
Sincerely,

William Brown

Senior Software Engineer,
Identity and Access Management
SUSE Labs, Australia

_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

No comments:

Post a Comment