search

osixia / docker-openldap

OpenLDAP container image 🐳🌴
MIT License
4.06k stars 978 forks source link

Image: v1.4.0 slapd fails with status 50 #451

Open Abhishek-Srivastava opened 4 years ago

Abhishek-Srivastava commented 4 years ago

The only image which works for me is v1.2.2. I am deploying this image in kubernetes with the charts published here: https://github.com/helm/charts/tree/master/stable/openldap

What am I missing?

*** CONTAINER_LOG_LEVEL = 3 (info)
*** Copy /container/service to /container/run/service
*** Search service in CONTAINER_SERVICE_DIR = /container/run/service :
*** link /container/run/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools
*** link /container/run/service/slapd/startup.sh to /container/run/startup/slapd
*** link /container/run/service/slapd/process.sh to /container/run/process/slapd/run
*** Set environment for startup files
*** Environment files will be proccessed in this order :
Caution: previously defined variables will not be overriden.
/container/environment/99-default/default.startup.yaml
/container/environment/99-default/default.yaml

To see how this files are processed and environment variables values,
run this container with '--loglevel debug'
*** Running /container/run/startup/:ssl-tools...
*** Running /container/run/startup/slapd...
openldap user and group adjustments
get current openldap uid/gid info inside container
-------------------------------------
openldap GID/UID
-------------------------------------
User uid: 911
User gid: 911
uid/gid changed: false
-------------------------------------
updating file uid/gid ownership
No certificate file and certificate key provided, generate:
/container/run/service/slapd/assets/certs/ldap.crt and /container/run/service/slapd/assets/certs/ldap.key
2020/07/23 05:27:51 [INFO] generate received request
2020/07/23 05:27:51 [INFO] received CSR
2020/07/23 05:27:51 [INFO] generating key: ecdsa-384
2020/07/23 05:27:51 [INFO] encoded CSR
2020/07/23 05:27:51 [INFO] signed certificate with serial number 90940530705076461270950405023780818616611041871
Link /container/run/service/:ssl-tools/assets/default-ca/default-ca.pem to /container/run/service/slapd/assets/certs/ca.crt
Start OpenLDAP...
Waiting for OpenLDAP to start...
Add TLS config...
Disable replication config...
*** /container/run/startup/slapd failed with status 50

*** Killing all processes...
Abhishek-Srivastava commented 4 years ago

Update: Deleting the pvc (which uses local-path) and mounting the new one on the crashing pod makes the pod start. My PVC.yaml

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: openldap2
  namespace: dev
  labels:
    app: openldap
    chart: openldap-v0.0.6
    release: openldap
spec:
  accessModes:
    - "ReadWriteOnce"
  resources:
    requests:
      storage: "16Gi"
MadD0c commented 4 years ago

I was having a similar issue. What I tracked it down to was the helm chart was defaulting to hdb where as this image now defaults to mdb. When I did a trace log I found that the start up script was trying to add RootPW to the hdb file which didn't exist. When I changed the LDAP_BACKEND to mdb in my values.yml the issue dissapeared.