docker-openldap icon indicating copy to clipboard operation
docker-openldap copied to clipboard
verified publisher icon osixia

Unable to build multi-process image using docker-openldap image.

Open rohan-97 opened this issue 3 years ago • 1 comments

Hello,

I have a requirement to create an OpenLDAP container and host user management related REST APIs within same container.
after going through the docs, I realized that docker-openldap image is based on docker-light-base image

I am trying to extend docker-openldap image and create a new docker image which has 2 services

  • ldap_api(Flask based server)
  • slapd

In order to run flask server along with slapd, I added an additional directory under /container/service/ which has following scripts

  • finish.sh
  • install.sh
  • process.sh
  • startup.sh

The problem I am facing is that after this change only flask server is running within docker image whereas ldap server is not running

Docker file being used

FROM osixia/openldap:1.5.0

RUN apt-get -y update
RUN apt-get install runit python3-pip -y
RUN apt-get install vim net-tools -y # Debugging purpose
RUN pip3 install flask

ADD bootstrap /container/service/slapd/assets/config/bootstrap # ldif files
ADD service/ldap_api /container/service/test_ldap_api # flask server

ADD environment /container/environment/01-custom

following is the project directory structure

.
├── Dockerfile
├── Makefile
├── README.md
├── bootstrap
│   ├── ldif
│   │   ├── 10_usertest_OU.ldif
│   │   └── 20_default_users.ldif
│   └── schema
│       ├── permissions.schema
│       └── roles.schema
├── environment
│   ├── my-env-startup.yaml
│   └── my-env.yaml
└── service
    └── ldap_api
        ├── finish.sh
        ├── install.sh
        ├── process.sh
        ├── run.py
        └── startup.sh

Please let me know if any step is missing or what I am trying is possible or not.

Thanks in advance

rohan-97 avatar Aug 01 '22 17:08 rohan-97

Following are the logs generated by docker container on startup

***  INFO   | 2022-08-01 17:24:13 | CONTAINER_LOG_LEVEL = 3 (info)
***  INFO   | 2022-08-01 17:24:13 | Search service in CONTAINER_SERVICE_DIR = /container/service :
***  INFO   | 2022-08-01 17:24:13 | link /container/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools
***  INFO   | 2022-08-01 17:24:13 | link /container/service/slapd/startup.sh to /container/run/startup/slapd
***  INFO   | 2022-08-01 17:24:13 | link /container/service/slapd/process.sh to /container/run/process/slapd/run
***  INFO   | 2022-08-01 17:24:13 | link /container/service/test_ldap_api/startup.sh to /container/run/startup/test_ldap_api
***  INFO   | 2022-08-01 17:24:13 | link /container/service/test_ldap_api/process.sh to /container/run/process/test_ldap_api/run
***  INFO   | 2022-08-01 17:24:13 | link /container/service/test_ldap_api/finish.sh to /container/run/process/test_ldap_api/finish
***  INFO   | 2022-08-01 17:24:13 | Environment files will be proccessed in this order : 
Caution: previously defined variables will not be overriden.
/container/environment/01-custom/my-env.yaml
/container/environment/01-custom/my-env-startup.yaml
/container/environment/99-default/default.startup.yaml
/container/environment/99-default/default.yaml

To see how this files are processed and environment variables values,
run this container with '--loglevel debug'
***  INFO   | 2022-08-01 17:24:13 | Running /container/run/startup/:ssl-tools...
***  INFO   | 2022-08-01 17:24:13 | Running /container/run/startup/slapd...
***  INFO   | 2022-08-01 17:24:13 | openldap user and group adjustments
***  INFO   | 2022-08-01 17:24:13 | get current openldap uid/gid info inside container
***  INFO   | 2022-08-01 17:24:13 | -------------------------------------
***  INFO   | 2022-08-01 17:24:13 | openldap GID/UID
***  INFO   | 2022-08-01 17:24:13 | -------------------------------------
***  INFO   | 2022-08-01 17:24:13 | User uid: 911
***  INFO   | 2022-08-01 17:24:13 | User gid: 911
***  INFO   | 2022-08-01 17:24:13 | uid/gid changed: false
***  INFO   | 2022-08-01 17:24:13 | -------------------------------------
***  INFO   | 2022-08-01 17:24:13 | updating file uid/gid ownership
***  INFO   | 2022-08-01 17:24:13 | Database and config directory are empty...
***  INFO   | 2022-08-01 17:24:13 | Init new ldap server...
  Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.57+dfsg-3+deb11u1~bpo10+1... done.
  Creating initial configuration... done.
  Creating LDAP directory... done.
invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of restart.
***  INFO   | 2022-08-01 17:24:14 | Start OpenLDAP...
***  INFO   | 2022-08-01 17:24:14 | Waiting for OpenLDAP to start...
***  INFO   | 2022-08-01 17:24:14 | Add bootstrap schemas...
config file testing succeeded
***  INFO   | 2022-08-01 17:24:14 | Add image bootstrap ldif...
***  INFO   | 2022-08-01 17:24:15 | Add read only user...
***  INFO   | 2022-08-01 17:24:15 | Add custom bootstrap ldif...
***  INFO   | 2022-08-01 17:24:15 | Add TLS config...
***  INFO   | 2022-08-01 17:24:15 | No certificate file and certificate key provided, generate:
***  INFO   | 2022-08-01 17:24:15 | /container/service/slapd/assets/certs/cert.crt and /container/service/slapd/assets/certs/cert.key
2022/08/01 17:24:15 [INFO] generate received request
2022/08/01 17:24:15 [INFO] received CSR
2022/08/01 17:24:15 [INFO] generating key: ecdsa-384
2022/08/01 17:24:15 [INFO] encoded CSR
2022/08/01 17:24:15 [INFO] signed certificate with serial number 375366236167768851984791164980104592446197562840
***  INFO   | 2022-08-01 17:24:15 | Link /container/service/:ssl-tools/assets/default-ca/default-ca.pem to /container/service/slapd/assets/certs/ca_chain.crt
***  INFO   | 2022-08-01 17:24:15 | Add enforce TLS...
***  INFO   | 2022-08-01 17:24:15 | Disable replication config...
***  INFO   | 2022-08-01 17:24:15 | Stop OpenLDAP...
***  INFO   | 2022-08-01 17:24:15 | Configure ldap client TLS configuration...
***  INFO   | 2022-08-01 17:24:15 | Remove config files...
***  INFO   | 2022-08-01 17:24:15 | First start is done...
***  INFO   | 2022-08-01 17:24:15 | Running /container/run/startup/test_ldap_api...
 * Serving Flask app 'test_ldap_api' (lazy loading)
 * Environment: production
   WARNING: This is a development server. Do not use it in a production deployment.
   Use a production WSGI server instead.
 * Debug mode: on
 * Running on http://127.0.0.1:5000 (Press CTRL+C to quit)
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 746-788-479

rohan-97 avatar Aug 01 '22 17:08 rohan-97

Closing this issue as the rprocess.sh script had invalid permission.

After fixing the permission file, the server ran perfectly find :)

rohan-97 avatar Aug 29 '22 13:08 rohan-97