# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Default values for ldap. # This is a YAML-formatted file. # Declare variables to be passed into your templates. pod: affinity: anti: type: default: preferredDuringSchedulingIgnoredDuringExecution topologyKey: default: kubernetes.io/hostname weight: default: 10 replicas: server: 1 lifecycle: upgrades: deployments: revision_history: 3 pod_replacement_strategy: RollingUpdate rolling_update: max_unavailable: 1 max_surge: 3 resources: enabled: false server: requests: memory: "128Mi" cpu: "100m" limits: memory: "1024Mi" cpu: "2000m" jobs: bootstrap: requests: memory: "128Mi" cpu: "100m" limits: memory: "1024Mi" cpu: "2000m" image_repo_sync: requests: memory: "128Mi" cpu: "100m" limits: memory: "1024Mi" cpu: "2000m" mounts: ldap_data_load: init_container: null ldap_data_load: images: tags: bootstrap: "docker.io/osixia/openldap:1.2.0" ldap: "docker.io/osixia/openldap:1.2.0" dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0 image_repo_sync: docker.io/docker:17.07.0 pull_policy: IfNotPresent local_registry: active: false exclude: - dep_check - image_repo_sync dependencies: dynamic: common: local_image_registry: jobs: - ldap-image-repo-sync services: - endpoint: node service: local_image_registry static: ldap: jobs: null bootstrap: services: - endpoint: internal service: ldap server: jobs: - ldap-load-data services: - endpoint: internal service: ldap image_repo_sync: services: - endpoint: internal service: local_image_registry storage: pvc: enabled: true size: 2Gi class_name: general host: data_path: /data/openstack-helm/ldap config_path: /data/openstack-helm/config labels: server: node_selector_key: openstack-control-plane node_selector_value: enabled job: node_selector_key: openstack-control-plane node_selector_value: enabled bootstrap: enabled: false endpoints: cluster_domain_suffix: cluster.local local_image_registry: name: docker-registry namespace: docker-registry hosts: default: localhost internal: docker-registry node: localhost host_fqdn_override: default: null port: registry: node: 5000 ldap: hosts: default: ldap host_fqdn_override: default: null path: null scheme: 'ldap' port: ldap: default: 389 network_policy: ldap: ingress: - {} egress: - {} data: sample: | dn: ou=People,dc=cluster,dc=local objectclass: organizationalunit ou: People description: We the People # NOTE: Password is "password" without quotes dn: uid=alice,ou=People,dc=cluster,dc=local objectClass: inetOrgPerson objectClass: top objectClass: posixAccount objectClass: shadowAccount objectClass: person sn: Alice cn: alice uid: alice userPassword: {SSHA}+i3t/DLCgLDGaIOAmfeFJ2kDeJWmPUDH description: SHA gidNumber: 1000 uidNumber: 1493 homeDirectory: /home/alice mail: alice@example.com # NOTE: Password is "password" without quotes dn: uid=bob,ou=People,dc=cluster,dc=local objectClass: inetOrgPerson objectClass: top objectClass: posixAccount objectClass: shadowAccount objectClass: person sn: Bob cn: bob uid: bob userPassword: {SSHA}fCJ5vuW1BQ4/OfOVkkx1qjwi7yHFuGNB description: MD5 gidNumber: 1000 uidNumber: 5689 homeDirectory: /home/bob mail: bob@example.com dn: ou=Groups,dc=cluster,dc=local objectclass: organizationalunit ou: Groups description: We the People dn: cn=cryptography,ou=Groups,dc=cluster,dc=local objectclass: top objectclass: posixGroup gidNumber: 418 cn: cryptography description: Cryptography Team memberUID: uid=alice,ou=People,dc=cluster,dc=local memberUID: uid=bob,ou=People,dc=cluster,dc=local dn: cn=blue,ou=Groups,dc=cluster,dc=local objectclass: top objectclass: posixGroup gidNumber: 419 cn: blue description: Blue Team memberUID: uid=bob,ou=People,dc=cluster,dc=local dn: cn=red,ou=Groups,dc=cluster,dc=local objectclass: top objectclass: posixGroup gidNumber: 420 cn: red description: Red Team memberUID: uid=alice,ou=People,dc=cluster,dc=local secrets: identity: admin: admin ldap: ldap openldap: domain: cluster.local password: password manifests: configmap_bin: true configmap_etc: true job_bootstrap: true job_image_repo_sync: true network_policy: false statefulset: true service: true