[openldap] creates and uses PVC as storage ignoring the app storage configuration

[miguelangel-nubla]

App Name

openldap

SCALE Version

22.02.3 22.12.0

App Version

1.5.0_9.0.7

Application Events

Application Logs

2023-02-05 11:02:16.932046+00:00***  INFO   | 2023-02-05 12:02:16 | CONTAINER_LOG_LEVEL = 3 (info)
2023-02-05 11:02:16.933758+00:00***  INFO   | 2023-02-05 12:02:16 | Search service in CONTAINER_SERVICE_DIR = /container/service :
2023-02-05 11:02:16.933984+00:00***  INFO   | 2023-02-05 12:02:16 | link /container/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools
2023-02-05 11:02:16.934196+00:00***  INFO   | 2023-02-05 12:02:16 | link /container/service/slapd/startup.sh to /container/run/startup/slapd
2023-02-05 11:02:16.934284+00:00***  INFO   | 2023-02-05 12:02:16 | link /container/service/slapd/process.sh to /container/run/process/slapd/run
2023-02-05 11:02:16.936578+00:00***  INFO   | 2023-02-05 12:02:16 | Environment files will be proccessed in this order : 
2023-02-05 11:02:16.936608+00:00Caution: previously defined variables will not be overriden.
2023-02-05 11:02:16.936631+00:00/container/environment/99-default/default.startup.yaml
2023-02-05 11:02:16.936642+00:00/container/environment/99-default/default.yaml
2023-02-05 11:02:16.936652+00:002023-02-05T11:02:16.936652367Z
2023-02-05 11:02:16.936662+00:00To see how this files are processed and environment variables values,
2023-02-05 11:02:16.936680+00:00run this container with '--loglevel debug'
2023-02-05 11:02:16.963156+00:00***  INFO   | 2023-02-05 12:02:16 | Running /container/run/startup/:ssl-tools...
2023-02-05 11:02:17.973950+00:00***  INFO   | 2023-02-05 12:02:17 | Running /container/run/startup/slapd...
2023-02-05 11:02:17.993882+00:00***  INFO   | 2023-02-05 12:02:17 | openldap user and group adjustments
2023-02-05 11:02:18.000639+00:00***  INFO   | 2023-02-05 12:02:17 | get current openldap uid/gid info inside container
2023-02-05 11:02:18.014627+00:00***  INFO   | 2023-02-05 12:02:18 | -------------------------------------
2023-02-05 11:02:18.020209+00:00***  INFO   | 2023-02-05 12:02:18 | openldap GID/UID
2023-02-05 11:02:18.025850+00:00***  INFO   | 2023-02-05 12:02:18 | -------------------------------------
2023-02-05 11:02:18.033700+00:00***  INFO   | 2023-02-05 12:02:18 | User uid: 911
2023-02-05 11:02:18.041425+00:00***  INFO   | 2023-02-05 12:02:18 | User gid: 911
2023-02-05 11:02:18.047639+00:00***  INFO   | 2023-02-05 12:02:18 | uid/gid changed: false
2023-02-05 11:02:18.053328+00:00***  INFO   | 2023-02-05 12:02:18 | -------------------------------------
2023-02-05 11:02:18.061373+00:00***  INFO   | 2023-02-05 12:02:18 | updating file uid/gid ownership
2023-02-05 11:02:24.991899+00:00***  INFO   | 2023-02-05 12:02:24 | Database and config directory are empty...
2023-02-05 11:02:24.999755+00:00***  INFO   | 2023-02-05 12:02:24 | Init new ldap server...
2023-02-05 11:02:25.700750+00:00Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.57+dfsg-1~bpo10+1... done.
2023-02-05 11:02:25.769417+00:00Creating initial configuration... done.
2023-02-05 11:02:25.907109+00:00Creating LDAP directory... done.
2023-02-05 11:02:25.926517+00:00invoke-rc.d: could not determine current runlevel
2023-02-05 11:02:25.930458+00:00invoke-rc.d: policy-rc.d denied execution of restart.
2023-02-05 11:02:26.010504+00:00***  INFO   | 2023-02-05 12:02:26 | Start OpenLDAP...
2023-02-05 11:02:26.070113+00:00***  INFO   | 2023-02-05 12:02:26 | Waiting for OpenLDAP to start...
2023-02-05 11:02:26.077044+00:00***  INFO   | 2023-02-05 12:02:26 | Add bootstrap schemas...
2023-02-05 11:02:26.129438+00:00config file testing succeeded
2023-02-05 11:02:26.603573+00:00***  INFO   | 2023-02-05 12:02:26 | Add image bootstrap ldif...
2023-02-05 11:02:26.802681+00:00***  INFO   | 2023-02-05 12:02:26 | Add custom bootstrap ldif...
2023-02-05 11:02:26.811785+00:00***  INFO   | 2023-02-05 12:02:26 | Add TLS config...
2023-02-05 11:02:26.839217+00:00***  INFO   | 2023-02-05 12:02:26 | No certificate file and certificate key provided, generate:
2023-02-05 11:02:26.845253+00:00***  INFO   | 2023-02-05 12:02:26 | /container/service/slapd/assets/certs/tls.crt and /container/service/slapd/assets/certs/tls.key
2023-02-05 11:02:26.901520+00:002023/02/05 12:02:26 [INFO] generate received request
2023-02-05 11:02:26.901610+00:002023/02/05 12:02:26 [INFO] received CSR
2023-02-05 11:02:26.901623+00:002023/02/05 12:02:26 [INFO] generating key: ecdsa-384
2023-02-05 11:02:26.923194+00:002023/02/05 12:02:26 [INFO] encoded CSR
2023-02-05 11:02:26.957263+00:002023/02/05 12:02:26 [INFO] signed certificate with serial number 33066843316124867292386748649315824136046747731
2023-02-05 11:02:26.978022+00:00***  INFO   | 2023-02-05 12:02:26 | Link /container/service/:ssl-tools/assets/default-ca/default-ca.pem to /container/service/slapd/assets/certs/ca.crt
2023-02-05 11:02:27.039112+00:00***  INFO   | 2023-02-05 12:02:27 | Disable replication config...
2023-02-05 11:02:27.065069+00:00***  INFO   | 2023-02-05 12:02:27 | Stop OpenLDAP...
2023-02-05 11:02:27.177347+00:00***  INFO   | 2023-02-05 12:02:27 | Configure ldap client TLS configuration...
2023-02-05 11:02:27.193937+00:00***  INFO   | 2023-02-05 12:02:27 | Remove config files...
2023-02-05 11:02:27.212764+00:00***  INFO   | 2023-02-05 12:02:27 | First start is done...
2023-02-05 11:02:27.233750+00:00***  INFO   | 2023-02-05 12:02:27 | Remove file /container/environment/99-default/default.startup.yaml
2023-02-05 11:02:27.240563+00:00***  INFO   | 2023-02-05 12:02:27 | Environment files will be proccessed in this order : 
2023-02-05 11:02:27.240598+00:00Caution: previously defined variables will not be overriden.
2023-02-05 11:02:27.240611+00:00/container/environment/99-default/default.yaml
2023-02-05 11:02:27.240622+00:002023-02-05T11:02:27.240622285Z
2023-02-05 11:02:27.240647+00:00To see how this files are processed and environment variables values,
2023-02-05 11:02:27.240659+00:00run this container with '--loglevel debug'
2023-02-05 11:02:27.253938+00:00***  INFO   | 2023-02-05 12:02:27 | Running /container/run/process/slapd/run...
2023-02-05 11:02:27.276884+00:0063df8cc3 @(#) $OpenLDAP: slapd 2.4.57+dfsg-1~bpo10+1 (Jan 30 2021 06:59:51) $
2023-02-05 11:02:27.276974+00:00Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
2023-02-05 11:02:27.289466+00:0063df8cc3 slapd starting
2023-02-05 11:02:30.138504+00:0063df8cc6 conn=1000 fd=12 ACCEPT from IP=172.16.0.1:33054 (IP=0.0.0.0:389)
2023-02-05 11:02:30.138911+00:0063df8cc6 conn=1000 fd=12 closed (connection lost)
2023-02-05 11:02:30.139114+00:0063df8cc6 conn=1001 fd=13 ACCEPT from IP=172.16.0.1:33064 (IP=0.0.0.0:389)
2023-02-05 11:02:30.139378+00:0063df8cc6 conn=1001 fd=13 closed (connection lost)
2023-02-05 11:02:35.137642+00:0063df8ccb conn=1002 fd=12 ACCEPT from IP=172.16.0.1:40610 (IP=0.0.0.0:389)
2023-02-05 11:02:35.137842+00:0063df8ccb conn=1002 fd=12 closed (connection lost)

Application Configuration

Changes:

And also set:

LDAP_DOMAIN=test.domain.com
LDAP_BASE_DN=dc=test,dc=domain,dc=com`

so the container boots correctly.

Describe the bug

openldap creates and uses PVC as storage ignoring the app storage configuration

To Reproduce

Create app with hostpath as storage for both app config and slapd. Fill

LDAP_DOMAIN=test.domain.com
LDAP_BASE_DN=dc=test,dc=domain,dc=com

so the container won't make noise, and create. Then check:

root@truenas[/]# k3s kubectl get pvc --all-namespaces | grep openldap
ix-openldap-test   data-openldap-test-0                           Bound    pvc-6144ecf7-b621-4662-bb83-455711b4926a   999Gi      RWO            ix-storage-class-openldap-test   13m
ix-openldap-test   slapd-openldap-test-0                          Bound    pvc-e960c24f-865d-47f6-abed-1238709cdfa7   999Gi      RWO            ix-storage-class-openldap-test   13m

Expected Behavior

Honor storage configuration with the hostpath.

Screenshots

.

Additional Context

.

I've read and agree with the following

• [X] I've checked all open and closed issues and my issue is not there.

[xstar97]

we dont take bug reports for older versions of the OS and for app config data, we only support PVC.

[miguelangel-nubla]

You only support PVC, as soon as I use something else, I am on my own, I understand and I am fine with that.

But this is not an issue resulting from the use of an unsupported configuration, this is an issue that prevents me from choosing to go down that path.

This works fine in other apps, should I expect the "Integrated Persistent Storage" section of all the other apps become non-functional? Then why not just hide the section altogether?

I am just trying to understand the policy here.

[xstar97]

File a support ticket first in our discord if you are running bluefin(22.12.XX) or create a thread in our channel #📚・tc-scale-apps .

some apps might not work at all if setting them without PVC.

if you want to go this route -> #🎓・unsupported-setups

[miguelangel-nubla]

Ticket created ticket-661220301471875100 It is indeed bluefin(22.12.0), my bad, got too surprised about the PVC support part and missed the hint.

[truecharts-admin]

This issue is locked to prevent necro-posting on closed issues. Please create a new issue or contact staff on discord of the problem persists