Skip to content
This repository has been archived by the owner on Feb 8, 2024. It is now read-only.

OpenLDAP Setup

Jump to bottom
shalakadharap edited this page Sep 27, 2021 · 83 revisions

Install cortx-utils rpm

Follow installation steps till installation of cortx-py-utils from utils-build-guide

Pre-Requisites:

Install third-party packages curl -s http://cortx-storage.colo.seagate.com/releases/cortx/third-party-deps/rpm/install-cortx-prereq.sh | bash

Start slapd services :

/usr/sbin/slapd -F /etc/openldap/slapd.d -u ldap -h 'ldapi:/// ldap:///'

Note : logs are dumped at - /var/log/cortx/utils/openldap/OpenldapProvisioning.log

Below phases are involved in OpenLDAP Provisioning :

Post Install

Run this cmd individually on all 3 nodes. To run, execute /opt/seagate/cortx/utils/bin/openldap_setup post_install --config "yaml:///opt/seagate/cortx/utils/conf/openldap.post_install.tmpl"

Prepare

Run this cmd individually on all 3 nodes. To run, execute /opt/seagate/cortx/utils/bin/openldap_setup prepare --config "yaml:///opt/seagate/cortx/utils/conf/openldap.prepare.tmpl"

Config

Below is Sample template file format for single node -

server_node:
  0449364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3780.colo.seagate.com"
cortx:
  software:
    openldap:
      base_dn: "dc=seagate,dc=com"
      install_dir: "/etc"
      data_dir: "/var/lib/ldap"
      root:
        user: "admin"
        secret: "gAAAAABgiBKtyL7Y0QUvbsNeaJRvh7ihTq9EQDCiZlGkO2k2doSEepB0-dYFPM3V12NyjagS3oCU5YcO6JPBTe5pEMaTKbVPDg=="

cluster:
  3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6:
    site:
      storage_set_count: "1"
    storage_set:
    - server_nodes: "['0449364d92b2ba3915fcd8416014cff7']"

To run, execute /opt/seagate/cortx/utils/bin/openldap_setup config --config "yaml:///opt/seagate/cortx/utils/conf/openldap.config.tmpl.1-node"

Below is Sample template file format for 3 node -

server_node:
  0449364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3780.colo.seagate.com"
  1119364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3781.colo.seagate.com"
  2229364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3782.colo.seagate.com"
cortx:
  software:
    openldap:
      base_dn: "dc=seagate,dc=com"
      install_dir: "/etc"
      data_dir: "/var/lib/ldap"
      root:
        user: "admin"
        secret: "gAAAAABgiBKtyL7Y0QUvbsNeaJRvh7ihTq9EQDCiZlGkO2k2doSEepB0-dYFPM3V12NyjagS3oCU5YcO6JPBTe5pEMaTKbVPDg=="

cluster:
  3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6:
    site:
      storage_set_count: "1"
    storage_set:
    - server_nodes: "['0449364d92b2ba3915fcd8416014cff7','1119364d92b2ba3915fcd8416014cff7','2229364d92b2ba3915fcd8416014cff7']"

To run, execute /opt/seagate/cortx/utils/bin/openldap_setup config --config "yaml:///opt/seagate/cortx/utils/conf/openldap.config.tmpl.3-node"

Init

Get the hostname by running :

$hostname

Get the machine-id from here :

$cat /etc/machine-id

Edit the /opt/seagate/cortx/utils/conf/openldap.init.tmpl.1-node file with below substitutions :

TMPL_MACHINE_ID - Machine ID from above

TMPL_CLUSTER_ID - Config input

TMPL_HOSTNAME - Host name from above

TMPL_BASE_DN - dc=seagate,dc=com

TMPL_BIND_BASE_DN - cn=admin,dc=seagate,dc=com

TMPL_ROOT_USER - admin

TMPL_ROOT_SECRET_KEY - gAAAAABgiBKtyL7Y0QUvbsNeaJRvh7ihTq9EQDCiZlGkO2k2doSEepB0-dYFPM3V12NyjagS3oCU5YcO6JPBTe5pEMaTKbVPDg==

TMPL_STORAGE_SET_COUNT - 1

Below is a sample template file format for init single node-

server_node:
  0449364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3780.colo.seagate.com"
cortx:
  software:
    openldap:
      base_dn: "dc=seagate,dc=com"
      install_dir: "/etc"
      data_dir: "/var/lib/ldap"
      root:
        user: "admin"
        secret: "gAAAAABgiBKtyL7Y0QUvbsNeaJRvh7ihTq9EQDCiZlGkO2k2doSEepB0-dYFPM3V12NyjagS3oCU5YcO6JPBTe5pEMaTKbVPDg=="

cluster:
  3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6:
    site:
      storage_set_count: "1"
    storage_set:
    - server_nodes: "['0449364d92b2ba3915fcd8416014cff7']"

To run, execute /opt/seagate/cortx/utils/bin/openldap_setup init --config "yaml:///opt/seagate/cortx/utils/conf/openldap.init.tmpl.1-node"

Below is Sample template file format for 3 node -

server_node:
  0449364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3780.colo.seagate.com"
  1119364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3781.colo.seagate.com"
  2229364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3782.colo.seagate.com"
cortx:
  software:
    openldap:
      base_dn: "dc=seagate,dc=com"
      install_dir: "/etc"
      data_dir: "/var/lib/ldap"
      root:
        user: "admin"
        secret: "gAAAAABgiBKtyL7Y0QUvbsNeaJRvh7ihTq9EQDCiZlGkO2k2doSEepB0-dYFPM3V12NyjagS3oCU5YcO6JPBTe5pEMaTKbVPDg=="

cluster:
  3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6:
    site:
      storage_set_count: "1"
    storage_set:
    - server_nodes: "['0449364d92b2ba3915fcd8416014cff7','1119364d92b2ba3915fcd8416014cff7','2229364d92b2ba3915fcd8416014cff7']"

To run, execute /opt/seagate/cortx/utils/bin/openldap_setup init --config "yaml:///opt/seagate/cortx/utils/conf/openldap.init.tmpl.3-node"

Apart from these, we can have other phases like below :

Test

Below is Sample template file format for single node -

server_node:
  0449364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3780.colo.seagate.com"
cortx:
  software:
    openldap:
      base_dn: "dc=seagate,dc=com"
      install_dir: "/etc"
      data_dir: "/var/lib/ldap"
      root:
        user: "admin"
        secret: "gAAAAABgiBKtyL7Y0QUvbsNeaJRvh7ihTq9EQDCiZlGkO2k2doSEepB0-dYFPM3V12NyjagS3oCU5YcO6JPBTe5pEMaTKbVPDg=="

cluster:
  3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6:
    site:
      storage_set_count: "1"
    storage_set:
    - server_nodes: "['0449364d92b2ba3915fcd8416014cff7']"

To run, execute /opt/seagate/cortx/utils/bin/openldap_setup test --config "yaml:///opt/seagate/cortx/utils/conf/openldap.test.tmpl.1-node"

Below is Sample template file format for 3 node -

server_node:
  0449364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3780.colo.seagate.com"
  1119364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3781.colo.seagate.com"
  2229364d92b2ba3915fcd8416014cff7:
    cluster_id: "3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6"
    hostname: "ssc-vm-3782.colo.seagate.com"
cortx:
  software:
    openldap:
      base_dn: "dc=seagate,dc=com"
      install_dir: "/etc"
      data_dir: "/var/lib/ldap"
      root:
        user: "admin"
        secret: "gAAAAABgiBKtyL7Y0QUvbsNeaJRvh7ihTq9EQDCiZlGkO2k2doSEepB0-dYFPM3V12NyjagS3oCU5YcO6JPBTe5pEMaTKbVPDg=="

cluster:
  3f670dd0-17cf-4ef3-9d8b-e1fb6a14c0f6:
    site:
      storage_set_count: "1"
    storage_set:
    - server_nodes: "['0449364d92b2ba3915fcd8416014cff7','1119364d92b2ba3915fcd8416014cff7','2229364d92b2ba3915fcd8416014cff7']"

To run, execute /opt/seagate/cortx/utils/bin/openldap_setup test --config "yaml:///opt/seagate/cortx/utils/conf/openldap.test.tmpl.3-node"

Reset

Run this cmd individually on all 3 nodes. To run, execute /opt/seagate/cortx/utils/bin/openldap_setup reset --config "yaml:///opt/seagate/cortx/utils/conf/openldap.reset.tmpl"

Cleanup

Below is Sample template file format

cortx:
  software:
    openldap:
      install_dir: "/etc"
      data_dir: "/var/lib/ldap"

Run this cmd individually on all 3 nodes. To run, execute /opt/seagate/cortx/utils/bin/openldap_setup cleanup --config "yaml:///opt/seagate/cortx/utils/conf/openldap.cleanup.tmpl"

Upgrade Steps:

Pre-Upgrade

To run, execute /opt/seagate/cortx/utils/bin/openldap_setup preupgrade

RPM Upgrade

To run, execute yum upgrade cortx-py-utils-2.0.0-XXX.noarch.rpm -y

Note: All mini-provisioner template files will be overwritten.

Post-Upgrade

To run, execute /opt/seagate/cortx/utils/bin/openldap_setup postupgrade

Clone this wiki locally