Closed fkalinowski closed 2 years ago
Hi @fkalinowski , I’m currently refractoring the chart using Bitnami standards 😉 You can track progress here https://github.com/jp-gouin/helm-openldap/tree/refractor-chart
Hi @jp-gouin,
Thanks for your feedback.
In the same order, to align with bitnami best practices, I would also opt for SOFT vs HARD anti-affinity presets as explained in https://docs.bitnami.com/tutorials/assign-pod-nodes-helm-affinity-rules/ wich allow to respectively switch between preferedDuringSchedulingIgnoredDuringExecution
vs requiredDuringSchedulingIgnoredDuringExecution
see https://github.com/bitnami/charts/blob/66edf04e3e244c343a845f9c684edf4c8ea04406/bitnami/common/templates/_affinities.tpl.
Indeed for testing purpose (with single node cluster) it can be useful to have 3 openLDAP instances collocated on the same node.
Please see the new version of the chart and the refractoring
Hi,
Problem description
I've configured the OpenLDAP overlay Audit Logging see [OpenLDAP Software 2.4 Administrator's Guide
Moreover, since the main slapd process is launched with a non root user (which is fine) the process has no permission to write into the /var/log folder.
Expected solution
It would be very convenient if I could add some extra containers to the Pod template of the StatefulSet. For example, Helm Charts provided by Bitnami always have the ability to declare some (extra) sidecars and initContainers next to the default ones.
With such a feature I could declare an initContainer to set the right permissions to write the auditlog file and also a sidecar to run the necessary logic to export its content at a remote destination.