如何在启动时加载LDAP docker容器数据
我想在docker容器上有一个LDAP服务器,我已经用过了,docker映像和到目前为止的连接和第一个配置都还可以 我的问题是:尽管我安装了容器的/var/lib/ldap&/etc/ldap,但在停止、终止或删除(安全删除,docker rm不带-v)ldap容器之前,始终需要备份,否则会丢失数据。而且它似乎没有遍历所有的配置文件,因为它还需要在开始时导入数据 我想我可能会遇到docker容器和它们的卷装载的一些问题,但其他所有容器装载都是成功的,它似乎只在ldap容器上有问题 有什么解决方案可以让它工作吗?(在启动时通过读取装入的文件夹进行配置,并且不丢失数据?您可以先启动另一个容器来备份文件夹。 假设ldap容器名为如何在启动时加载LDAP docker容器数据,docker,ldap,config,openldap,Docker,Ldap,Config,Openldap,我想在docker容器上有一个LDAP服务器,我已经用过了,docker映像和到目前为止的连接和第一个配置都还可以 我的问题是:尽管我安装了容器的/var/lib/ldap&/etc/ldap,但在停止、终止或删除(安全删除,docker rm不带-v)ldap容器之前,始终需要备份,否则会丢失数据。而且它似乎没有遍历所有的配置文件,因为它还需要在开始时导入数据 我想我可能会遇到docker容器和它们的卷装载的一些问题,但其他所有容器装载都是成功的,它似乎只在ldap容器上有问题 有什么解决方案
ldap/var/lib/ldap&/etc/ldapdocker run --volumes-from ldap -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /var/lib/ldap /etc/ldap
ONBUILD要清除解决方案:
Like Responsed by ldap container有2个卷,当装载到ansible role docker module装载部分的空文件夹时,该卷被删除。
因此,我首先运行一个未装载的ldap容器,并按照建议备份其卷。然后杀死并删除它,并对备份的数据运行一个全新的容器。然后,对于用户数据配置,我运行另一个ldap容器(来自同一个映像),它只需要从配置文件注册用户数据 最终角色代码:
- name: run temporary ldap container
docker:
image: muzili/ldap
name: temporary-ldap
hostname: temporary-ldap
state: restarted
ports: 389:389
env:
SLAPD_PASSWORD: ******
SLAPD_DOMAIN: dev.domain.com
- name: ldap data copy container
docker:
image: ubuntu
name: backup_agent
state: started
volumes:
- /backup
volumes_from:
- temporary-ldap
command: tar cvf /backup/backup.tar /var/lib/ldap /etc/ldap
- name: copy compressed data from backup_agent
command: /usr/bin/docker cp backup_agent:/backup/backup.tar "{{base_dir}}/ldap/import"
- name: extract ldap configuration data
unarchive:
copy: "no"
src: "{{base_dir}}/ldap/import/backup.tar"
dest: "{{base_dir}}/ldap"
- name: kill temporary ldap container
docker:
image: muzili/ldap
name: temporary-ldap
state: absent
- name: run main ldap container
docker:
image: muzili/ldap
name: ldap-server
hostname: ldap-server
state: running
ports: 389:389
env:
SLAPD_PASSWORD: ******
SLAPD_DOMAIN: dev.domain.com
volumes:
- "{{base_dir}}/ldap/etc/ldap:/etc/ldap"
- "{{base_dir}}/ldap/var/lib/ldap:/var/lib/ldap"
- name: wait for container to start
wait_for:
port: 389
delay: 5
- name: copy ldap data configuration file
copy:
src: conf/
dest: "{{base_dir}}/ldap/import/conf"
- name: run ldap-importer container
docker:
image: muzili/ldap
name: ldap-importer
hostname: ldap-importer
state: started
volumes:
- "{{base_dir}}/ldap/import/conf:/etc/ldap/conf"
command: "ldapadd -h ldap-server -c -x -D \"cn=admin,dc=dev,dc=domain,dc=com\" -w ****** -f /etc/ldap/conf/data.ldif"
links:
- "ldap-server"
好消息。Ansible的解决方案看起来很棒。
- name: run temporary ldap container
docker:
image: muzili/ldap
name: temporary-ldap
hostname: temporary-ldap
state: restarted
ports: 389:389
env:
SLAPD_PASSWORD: ******
SLAPD_DOMAIN: dev.domain.com
- name: ldap data copy container
docker:
image: ubuntu
name: backup_agent
state: started
volumes:
- /backup
volumes_from:
- temporary-ldap
command: tar cvf /backup/backup.tar /var/lib/ldap /etc/ldap
- name: copy compressed data from backup_agent
command: /usr/bin/docker cp backup_agent:/backup/backup.tar "{{base_dir}}/ldap/import"
- name: extract ldap configuration data
unarchive:
copy: "no"
src: "{{base_dir}}/ldap/import/backup.tar"
dest: "{{base_dir}}/ldap"
- name: kill temporary ldap container
docker:
image: muzili/ldap
name: temporary-ldap
state: absent
- name: run main ldap container
docker:
image: muzili/ldap
name: ldap-server
hostname: ldap-server
state: running
ports: 389:389
env:
SLAPD_PASSWORD: ******
SLAPD_DOMAIN: dev.domain.com
volumes:
- "{{base_dir}}/ldap/etc/ldap:/etc/ldap"
- "{{base_dir}}/ldap/var/lib/ldap:/var/lib/ldap"
- name: wait for container to start
wait_for:
port: 389
delay: 5
- name: copy ldap data configuration file
copy:
src: conf/
dest: "{{base_dir}}/ldap/import/conf"
- name: run ldap-importer container
docker:
image: muzili/ldap
name: ldap-importer
hostname: ldap-importer
state: started
volumes:
- "{{base_dir}}/ldap/import/conf:/etc/ldap/conf"
command: "ldapadd -h ldap-server -c -x -D \"cn=admin,dc=dev,dc=domain,dc=com\" -w ****** -f /etc/ldap/conf/data.ldif"
links:
- "ldap-server"