Ldap stand-alone container

jupyterhub/docker-compose.yml

@@ -13,26 +13,8 @@ services:
         POSTGRES_USER: jupyterhub
     #volumes:
     #    - postgres:/var/lib/postgresql/data
-    # networks:
-    #     - back
-
-  ldap:
-    image: osixia/openldap
-    ports:
-      - "389:389"
-      - "636:636"
-
-  phpldapadmin:
-    image: osixia/phpldapadmin
-    ports:
-      - "80:80"
-    environment:
-      - PHPLDAPADMIN_HTTPS="false"
-      - PHPLDAPADMIN_LDAP_HOSTS=ldap
-    links:
-      - ldap
-    depends_on:
-      - ldap
+    #networks:
+    #    - back
 
   jupyterhub:
     build: ./jupyterhub
@@ -43,7 +25,7 @@ services:
       livy.default.svc.cluster.local: 192.168.0.27
     links:
       - postgresjupyterhub
-      - ldap
+      #- ldap
     environment:
         POSTGRES_HOST: postgresjupyterhub
         POSTGRES_DB: "jupyterhub"
@@ -57,9 +39,11 @@ services:
       - postgresjupyterhub
     volumes:
        - ./jupyterhubconfig:/srv/jupyterhub
-    # networks:
-    #     - back
-# networks:
-#     back:
+    #networks:
+    #    - back
+networks:
+    default:
+        external:
+             name: ldap_back
 #         # use the bridge driver, but enable IPv6
-#         driver: bridge
+#        driver: bridge

jupyterhub/docker-compose.yml_back2

@@ -0,0 +1,47 @@
+version: '3'
+
+services:
+  postgresjupyterhub:
+    container_name: postgresjupyterhub
+    image: postgres:9.6
+    restart: always
+    ports:
+        - "5432:5432"
+    environment:
+        POSTGRES_DB: jupyterhub
+        POSTGRES_PASSWORD: jupyterhub
+        POSTGRES_USER: jupyterhub
+    #volumes:
+    #    - postgres:/var/lib/postgresql/data
+    networks:
+        - back
+
+  jupyterhub:
+    build: ./jupyterhub
+    container_name: jupyterhub
+    #restart: always
+    extra_hosts:
+      idm.daf.gov.it: 192.168.0.29
+      livy.default.svc.cluster.local: 192.168.0.27
+    links:
+      - postgresjupyterhub
+        #- ldap
+    environment:
+        POSTGRES_HOST: postgresjupyterhub
+        POSTGRES_DB: "jupyterhub"
+        POSTGRES_USER: "jupyterhub"
+        POSTGRES_PASSWORD: "jupyterhub"
+    ports:
+        - "8000:8000"
+    # command: ["/wait_db_is_ready.sh", "postgresjupyterhub:5432", "--", "jupiterhub"]
+    depends_on:
+      #- ldap
+      - postgresjupyterhub
+    volumes:
+       - ./jupyterhubconfig:/srv/jupyterhub
+    networks:
+       - back
+networks:
+    back:
+#         # use the bridge driver, but enable IPv6
+        driver: bridge

jupyterhub/docker-compose.yml_original

@@ -0,0 +1,65 @@
+version: '3'
+
+services:
+  postgresjupyterhub:
+    container_name: postgresjupyterhub
+    image: postgres:9.6
+    restart: always
+    ports:
+        - "5432:5432"
+    environment:
+        POSTGRES_DB: jupyterhub
+        POSTGRES_PASSWORD: jupyterhub
+        POSTGRES_USER: jupyterhub
+    #volumes:
+    #    - postgres:/var/lib/postgresql/data
+    # networks:
+    #     - back
+
+  ldap:
+    image: osixia/openldap
+    ports:
+      - "389:389"
+      - "636:636"
+
+  phpldapadmin:
+    image: osixia/phpldapadmin
+    ports:
+      - "80:80"
+    environment:
+      - PHPLDAPADMIN_HTTPS="false"
+      - PHPLDAPADMIN_LDAP_HOSTS=ldap
+    links:
+      - ldap
+    depends_on:
+      - ldap
+
+  jupyterhub:
+    build: ./jupyterhub
+    container_name: jupyterhub
+    #restart: always
+    extra_hosts:
+      idm.daf.gov.it: 192.168.0.29
+      livy.default.svc.cluster.local: 192.168.0.27
+    links:
+      - postgresjupyterhub
+      - ldap
+    environment:
+        POSTGRES_HOST: postgresjupyterhub
+        POSTGRES_DB: "jupyterhub"
+        POSTGRES_USER: "jupyterhub"
+        POSTGRES_PASSWORD: "jupyterhub"
+    ports:
+        - "8000:8000"
+    # command: ["/wait_db_is_ready.sh", "postgresjupyterhub:5432", "--", "jupiterhub"]
+    depends_on:
+      #- ldap
+      - postgresjupyterhub
+    volumes:
+       - ./jupyterhubconfig:/srv/jupyterhub
+    # networks:
+    #     - back
+# networks:
+#     back:
+#         # use the bridge driver, but enable IPv6
+#         driver: bridge

jupyterhub/docker-compose.yml_working

@@ -0,0 +1,47 @@
+version: '3'
+
+services:
+  postgresjupyterhub:
+    container_name: postgresjupyterhub
+    image: postgres:9.6
+    restart: always
+    ports:
+        - "5432:5432"
+    environment:
+        POSTGRES_DB: jupyterhub
+        POSTGRES_PASSWORD: jupyterhub
+        POSTGRES_USER: jupyterhub
+    #volumes:
+    #    - postgres:/var/lib/postgresql/data
+    # networks:
+    #     - back
+
+  jupyterhub:
+    build: ./jupyterhub
+    container_name: jupyterhub
+    #restart: always
+    extra_hosts:
+      idm.daf.gov.it: 192.168.0.29
+      livy.default.svc.cluster.local: 192.168.0.27
+    links:
+      - postgresjupyterhub
+      #- ldap
+    environment:
+        POSTGRES_HOST: postgresjupyterhub
+        POSTGRES_DB: "jupyterhub"
+        POSTGRES_USER: "jupyterhub"
+        POSTGRES_PASSWORD: "jupyterhub"
+    ports:
+        - "8000:8000"
+    # command: ["/wait_db_is_ready.sh", "postgresjupyterhub:5432", "--", "jupiterhub"]
+    depends_on:
+      #- ldap
+      - postgresjupyterhub
+    volumes:
+       - ./jupyterhubconfig:/srv/jupyterhub
+    # networks:
+    #     - back
+# networks:
+#     back:
+#         # use the bridge driver, but enable IPv6
+#         driver: bridge

jupyterhub/ldap_config/users.ldif

@@ -0,0 +1,47 @@
+# LDIF Export for dc=example,dc=org
+# Server: ldap (ldap)
+# Search Scope: sub
+# Search Filter: (objectClass=*)
+# Total Entries: 4
+#
+# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on October 3, 2017 5:24 pm
+# Version: 1.2.3
+
+version: 1
+
+# Entry 1: dc=example,dc=org
+dn: dc=example,dc=org
+dc: example
+o: Example Inc.
+objectclass: top
+objectclass: dcObject
+objectclass: organization
+
+# Entry 2: cn=admin,dc=example,dc=org
+dn: cn=admin,dc=example,dc=org
+cn: admin
+description: LDAP administrator
+objectclass: simpleSecurityObject
+objectclass: organizationalRole
+userpassword: {SSHA}FEe4QdOUurh8FbWQR9cauY/KkttcOH8Z
+
+# Entry 3: cn=jupyterhub,dc=example,dc=org
+dn: cn=jupyterhub,dc=example,dc=org
+cn: jupyterhub
+gidnumber: 500
+objectclass: posixGroup
+objectclass: top
+
+# Entry 4: cn=alice,cn=jupyterhub,dc=example,dc=org
+dn: cn=alice,cn=jupyterhub,dc=example,dc=org
+cn: alice
+gidnumber: 500
+givenname: alice
+homedirectory: /home/users/alice
+objectclass: inetOrgPerson
+objectclass: posixAccount
+objectclass: top
+sn: alice
+uid: alice
+uidnumber: 1000
+userpassword: {MD5}X03MO1qnZdYdgyfeuILPmQ==

jupyterhub/ldap_db/DB_CONFIG

@@ -0,0 +1,4 @@
+set_cachesize 0 2097152 0
+set_lk_max_objects 1500
+set_lk_max_locks 1500
+set_lk_max_lockers 1500

ldap/Dockerfile

@@ -0,0 +1,11 @@
+FROM osixia/openldap
+
+# Init script spark magic
+ADD ./ldap_conf/users.ldif /var/lib/ldap/ldif/
+
+#RUN ldapadd -x -D "cn=admin,dc=example,dc=org" -w password -H ldap:// -f /var/lib/ldap/ldif/
+
+EXPOSE 389 636
+#ENTRYPOINT ["jupyterhub"]
+
+USER root

ldap/build.sh

@@ -0,0 +1 @@
+docker build -t ldap .

ldap/docker-compose.yml

@@ -0,0 +1,34 @@
+version: '3'
+
+services:
+  ldap:
+    container_name: ldap
+    image: osixia/openldap
+    ports:
+      - "389:389"
+      - "636:636"
+    volumes: 
+      - ./users.ldif:/container/service/slapd/assets/config/bootstrap/ldif/50-bootstrap.ldif
+    networks:
+      - back
+    #entrypoint: []
+
+  phpldapadmin:
+    container_name: phpldapadmin
+    image: osixia/phpldapadmin
+    ports:
+      - "80:80"
+    environment:
+      - PHPLDAPADMIN_HTTPS="false"
+      - PHPLDAPADMIN_LDAP_HOSTS=ldap
+    links:
+      - ldap
+    depends_on:
+      - ldap
+    networks:
+      - back
+    #  
+networks:
+  back:
+#         # use the bridge driver, but enable IPv6
+    driver: bridge

ldap/init.sh

@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+docker exec  -ti jupyterhub /sparkmagic-init.sh
+

ldap/ldap_conf/users.ldif

@@ -0,0 +1,47 @@
+# LDIF Export for dc=example,dc=org
+# Server: ldap (ldap)
+# Search Scope: sub
+# Search Filter: (objectClass=*)
+# Total Entries: 4
+#
+# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on October 3, 2017 5:24 pm
+# Version: 1.2.3
+
+version: 1
+
+# Entry 1: dc=example,dc=org
+dn: dc=example,dc=org
+dc: example
+o: Example Inc.
+objectclass: top
+objectclass: dcObject
+objectclass: organization
+
+# Entry 2: cn=admin,dc=example,dc=org
+dn: cn=admin,dc=example,dc=org
+cn: admin
+description: LDAP administrator
+objectclass: simpleSecurityObject
+objectclass: organizationalRole
+userpassword: {SSHA}FEe4QdOUurh8FbWQR9cauY/KkttcOH8Z
+
+# Entry 3: cn=jupyterhub,dc=example,dc=org
+dn: cn=jupyterhub,dc=example,dc=org
+cn: jupyterhub
+gidnumber: 500
+objectclass: posixGroup
+objectclass: top
+
+# Entry 4: cn=alice,cn=jupyterhub,dc=example,dc=org
+dn: cn=alice,cn=jupyterhub,dc=example,dc=org
+cn: alice
+gidnumber: 500
+givenname: alice
+homedirectory: /home/users/alice
+objectclass: inetOrgPerson
+objectclass: posixAccount
+objectclass: top
+sn: alice
+uid: alice
+uidnumber: 1000
+userpassword: {MD5}X03MO1qnZdYdgyfeuILPmQ==