Home Explore Help
Register Sign In
Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Ticket 49207 - Supply docker POC build for DS.

Fix Description:  Supply a proof of concept docker build file for
389 Directory Server. This container will contain a single instance
of directory server with no backends. It should be administered
with dsconf / ldif.

https://pagure.io/389-ds-base/issue/49207

Author: wibrown

Review by: nhosoi, lslebodn (thanks!)
William Brown 8 years ago
parent
1b5a578b4d
commit
01561a10cf
2 changed files with 111 additions and 0 deletions
Split View Show Diff Stats
  1. 50 0
      docker/389ds_poc/Dockerfile
  2. 61 0
      docker/README.md

+ 50 - 0
docker/389ds_poc/Dockerfile
View File 

@@ -0,0 +1,50 @@
 
+# --- BEGIN COPYRIGHT BLOCK ---
 
+# Copyright (C) 2017 Red Hat, Inc.
 
+# All rights reserved.
 
+#
 
+# License: GPL (version 3 or any later version).
 
+# See LICENSE for details.
 
+# --- END COPYRIGHT BLOCK ---
 
+
 
+FROM centos:7
 
+MAINTAINER [email protected]
 
+EXPOSE 389 636
 
+ENV container docker
 
+ARG lib389repository=https://pagure.io/lib389.git
 
+ARG dsrepository=https://pagure.io/389-ds-base.git
 
+ARG lib389branch=master
 
+ARG dsbranch=master
 
+
 
+RUN mkdir -p /usr/local/src
 
+WORKDIR /usr/local/src
 
+
 
+RUN yum upgrade -y && \
 
+    yum install -y @buildsys-build rpm-build make epel-release bzip2 git && \
 
+    yum clean all
 
+
 
+RUN git clone --depth=1 --branch=$lib389branch $lib389repository lib389 && \
 
+    git clone --depth=1 --branch=$dsbranch $dsrepository 389-ds-base
 
+
 
+RUN yum install -y --skip-broken `grep -E "^(Build)?Requires" 389-ds-base/rpm/389-ds-base.spec.in lib389/python-lib389.spec | grep -v -E '(name|MODULE)' | awk '{ print $2 }' | grep -v "^/" | grep -v pkgversion | sort | uniq|  tr '\n' ' '` && \
 
+    yum clean all
 
+
 
+RUN make -C lib389/ rpm
 
+
 
+RUN cd 389-ds-base && make -f rpm.mk rpms
 
+
 
+RUN yum install -y 389-ds-base/dist/rpms/389*.rpm lib389/rpmbuild/RPMS/noarch/*lib389* && \
 
+    yum clean all
 
+
 
+# Create the example setup inf. It's valid for containers!
 
+# Build the instance from the new installer tools.
 
+RUN /usr/sbin/dscreate example > /root/ds-setup.inf && /usr/sbin/dscreate -v fromfile /root/ds-setup.inf --IsolemnlyswearthatIamuptonogood --containerised
 
+
 
+# Finally add the volumes, they will inherit the contents of these directories.
 
+VOLUME /etc/dirsrv
 
+VOLUME /var/log/dirsrv
 
+VOLUME /var/lib/dirsrv
 
+
 
+# Or, run them as dirsrv
 
+USER dirsrv
 
+CMD ["/usr/sbin/ns-slapd", "-d", "0", "-D", "/etc/dirsrv/slapd-localhost", "-i", "/var/run/dirsrv/slapd-localhost.pid"]
 
+

+ 61 - 0
docker/README.md
View File 

@@ -0,0 +1,61 @@
 
+
 
+#### Issue Description
 
+This folder contains proof of concept dockerfiles for 389 Directory Server. This utilises many of our latest
 
+developments for installing instances and configuring them. We have developed native, clean, and powerful container
 
+integration. This container image is usable on CentOS / RHEL / Fedora atomic host, and pure docker implementations.
 
+Please note this image will not currently work in openshift due to a reliance on volume features that openshift does
 
+not support, but we will correct this.
 
+
 
+
 
+#### Using the files
 
+These docker files are designed to be build from docker hub as the will do a remote git fetch during the build process.
 
+They are not currently designed to operate on a local source tree (we may add this later).
 
+
 
+```
 
+cd docker/389ds_poc;
 
+docker build -t 389ds_poc:latest .
 
+```
 
+
 
+#### Deploying and using the final product
 
+
 
+```
 
+docker create -h ldap.example.com 389ds_poc:latest
 
+docker start <name>
 
+docker inspect <name> | grep IPAddress
 
+ldapsearch -H ldap://<address> -b '' -s base -x +
 
+....
 
+supportedLDAPVersion: 3
 
+vendorName: 389 Project
 
+vendorVersion: 389-Directory/1.3.6.3 B2017.093.354
 
+
 
+```
 
+
 
+To expose the ports you may consider adding:
 
+
 
+```
 
+-P
 
+OR
 
+-p 127.0.0.1:$HOSTPORT:$CONTAINERPORT
 
+```
 
+
 
+You can not currently use a persistent volume with the 389ds_poc image due to an issue with docker volumes. This will be
 
+corrected by https://pagure.io/389-ds-base/issue/49213
 
+
 
+#### Warnings
 
+
 
+The 389ds_poc container is supplied with a static Directory Manager password. This is HIGHLY INSECURE and should not be
 
+used in production. The password is "directory manager password".
 
+
 
+The 389ds_poc container has some issues with volume over-rides due to our use of a pre-built instance. We are working to
 
+resolve this, but until a solution is derived, you can not override the datavolumes.
 
+
 
+#### Other ideas
 
+
 
+* We could develop a dockerfile that builds and runs DS tests in an isolated environment.
 
+* Make a container image that allows mounting an arbitrary 389-ds repo into it for simple development purposes. 
+
 
+#### NOTE of 389 DS project support
 
+
 
+This is not a "supported" method of deployment to a production system and may result in data loss. This should be
 
+considered an experimental deployment method until otherwise announced.
 
+