How to load LDAP docker container data on startup
I want to have a LDAP server on a docker container, I already used dinkel/openldap, osixia/openldap and muzili/ldap docker images and so far connection and first configuration is ok.
My problem is: although I mounted container's /var/lib/ldap & /etc/ldap, there is always a backup needed before stoping, killing or removing(safe removing, docker rm without -v) the ldap container or there would be data loss. And it doesn't seem to go through all config files because it also need a data import at start.
I think I may going through some problem with docker container and their volume mounting but every else container mounting is a success and it only seem to have a problem with ldap containers.
Is there any solution to make it work?(config at startup by reading from mounted folders and not losing data?)
Answer
(Solved!)
To clear the solution:
Like answered by BMW ldap container has 2 volumes, which was removed when mounted to empty folder in mounting section of ansible role docker module.
So I first run a non-mounted ldap container and backup it's volumes as suggested by BMW. Then kill and remove it and run a whole new container on backed up data. Then for user data configuration I run another ldap container(from same image) which only has to register users' data from a config file.
Final Ansible role code:
- name: run temporary ldap container
docker:
image: muzili/ldap
name: temporary-ldap
hostname: temporary-ldap
state: restarted
ports: 389:389
env:
SLAPD_PASSWORD: ******
SLAPD_DOMAIN: dev.domain.com
- name: ldap data copy container
docker:
image: ubuntu
name: backup_agent
state: started
volumes:
- /backup
volumes_from:
- temporary-ldap
command: tar cvf /backup/backup.tar /var/lib/ldap /etc/ldap
- name: copy compressed data from backup_agent
command: /usr/bin/docker cp backup_agent:/backup/backup.tar "{{base_dir}}/ldap/import"
- name: extract ldap configuration data
unarchive:
copy: "no"
src: "{{base_dir}}/ldap/import/backup.tar"
dest: "{{base_dir}}/ldap"
- name: kill temporary ldap container
docker:
image: muzili/ldap
name: temporary-ldap
state: absent
- name: run main ldap container
docker:
image: muzili/ldap
name: ldap-server
hostname: ldap-server
state: running
ports: 389:389
env:
SLAPD_PASSWORD: ******
SLAPD_DOMAIN: dev.domain.com
volumes:
- "{{base_dir}}/ldap/etc/ldap:/etc/ldap"
- "{{base_dir}}/ldap/var/lib/ldap:/var/lib/ldap"
- name: wait for container to start
wait_for:
port: 389
delay: 5
- name: copy ldap data configuration file
copy:
src: conf/
dest: "{{base_dir}}/ldap/import/conf"
- name: run ldap-importer container
docker:
image: muzili/ldap
name: ldap-importer
hostname: ldap-importer
state: started
volumes:
- "{{base_dir}}/ldap/import/conf:/etc/ldap/conf"
command: "ldapadd -h ldap-server -c -x -D \"cn=admin,dc=dev,dc=domain,dc=com\" -w ****** -f /etc/ldap/conf/data.ldif"
links:
- "ldap-server"