MultiCloud Marketplace

Mentor Solutions Application Team - Ryan Geyer

OpenLDAP Directory Server v1.1

Open in Dashboard

Published by Mentor Solutions Application Team - Ryan Geyer on Oct 29, 2010Revision: 4

Description

This template will allow you to launch and maintain three different types of OpenLDAP servers.

  1. A Stand-Alone OpenLDAP Server.
  2. A Provider in a "refresh and persist" replication pair. Read all about it here
  3. A Consumer in a "refresh and persist" replication pair. Read all about it here

The recommended configuration is to have two instances of this template running at any given time. One in the Provider role, and one in the Consumer role. This way you always have a hot spare ready to go in case anything should go wrong with the Provider, you can simply run the LDAP Promote to Provider operational RightScript on the Consumer, and be back up and running in minutes.

Features

Whichever type of server you launch, it will have the following super-neato features.

New in Rev4

  • You can now run one or many LDIF files (stored in an S3 bucket) against the database at startup, or at any time using an operational script.
  • Added a few more defaults, in particular a list of schemas to get started (core,cosine,inetorgperson, which we use for our application)

Backups

  • Can be backed up to an S3 bucket instantly using the LDAP DB S3 Backup operational RightScript
  • Can be restored from an S3 bucket instantly using the LDAP DB S3 Restore operational RightScript
  • Can be backed up daily to an S3 bucket using the LDAP DB Enable Continuous Backup operational RightScript

Other super-neato stuff

  • Set the log level for the slapd process using the LDAP Set Log Level operational RightScript, then monitor the log messages in the "local1" log file in the RightScale dashboard
  • A critical alert will be sent if ephemeral storage (where the LDAP database is stored) has less than 100MB free

Quick-Start Guides

When the server is first launched and becomes operational, you'll have a fully operational OpenLDAP instance. However no database will exist yet, you'll need to create one (or many) with the base naming context(s) you want. Here are some quick start guides for the three different server types.

Stand-Alone OpenLDAP Server

  1. Launch the server
  2. Run the LDAP Create Database operational RightScript to create your first database
  3. If daily backups are desired, run the LDAP DB S3 Enable Continuous Backup operational RightScript
  4. Put some stuff in your new LDAP database using your favorite directory tool. (I really like the Apache Directory Studio!)

Provider OpenLDAP Server

  1. Follow the steps from the Stand-Alone Server to launch this instance
  2. Run the LDAP Initialize Provider operational RightScript
  3. Enjoy!

Consumer OpenLDAP Server

  1. Make sure you have another instance running which has already been configured using the steps for the Provider server
  2. Follow the steps from the Stand-Alone Server to launch this instance
  3. Run the LDAP Initialize Consumer operational RightScript
  4. Enjoy!

Contents

  • MultiCloudImage: RightImage Ubuntu_9.10_i386_v4.5 [rev 4]

  • MultiCloudImage: RightImage Ubuntu_9.10_x64_v4.5 [rev 6]

  • RightScript: LDAP Initialize Provider [rev 1]

  • RightScript: LDAP DB S3 Enable Continuous Backup [rev 2]

  • RightScript: LDAP DB S3 Restore [rev 2]

  • RightScript: LDAP Enable Module [rev 1]

  • RightScript: LDAP Enable Schema(s) [rev 2]

  • RightScript: LDAP Execute LDIF File(s) [rev 1]

  • RightScript: LDAP Execute LDIF File(s) at boot [rev 1]

  • RightScript: LDAP Initialize Consumer [rev 1]

  • RightScript: LDAP DB S3 Disable Continuous Backup [rev 2]

  • RightScript: LDAP Install OpenLDAP [rev 2]

  • RightScript: LDAP Promote to Provider [rev 1]

  • RightScript: LDAP Set Config Admin Details [rev 3]

  • RightScript: LDAP Set Log Level [rev 1]

  • RightScript: LDAP Tools Install [rev 4]

  • RightScript: MISC ssh priv key install v2 [rev 4]

  • RightScript: LDAP Create Database [rev 2]

  • RightScript: LDAP DB S3 Backup [rev 2]

  • RightScript: SYS Syslog Remote Logging Client v7 [rev 6]

  • RightScript: SYS Timezone set v1 [rev 5]

  • See More

Revisions

Revision 4 | Oct 29, 2010

Added some defaults, and functionality to load arbitrary LDIF File(s) from S3 at boot or from an operational script!

Revision 3 | Oct 19, 2010

Some syntax errors in ldapUtils.sh which prevented the promotion of a consumer to a provider.exec != eval && $1i != $1

Revision 1 | Oct 18, 2010

Initial Commit

Discussion

0b359e9ce1a8fb5f3315fbec8beda697 Thorsten on Oct 28, 2010 | Re: v3

Very cool! Haven't played with it much but the feature set is very impressive. Note that the descriptions of the LDAP_CONFIG_ADMIN_* inputs seem to be crossed. Also, could you provide more defaults? I wasn't sure what to put into the ldap schema list that would work.

2b2f1e8e44051abfa4b72df9a5460434Ryan Geyer on Oct 29, 2010 | Re: v4

Thanks for the feedback TvE! I've fixed the input confusion, fortunately the fields were just mis-labeled in one of the two scripts that used them, but they were actually applied correctly. :-) I also added a couple more defaults, in particular I populated the schema list with (core,cosine,inetorgperson) which is what we use for our application. It also has the ability to load one or many LDIF file(s) from an S3 bucket on boot, or from an operational script. Something I had added to the LDAP scripts for use in my [Tomcat6 Application All-in-One](http://www.rightscale.com/library/server_templates/Tomcat6-Java-or-Grails-App-Fro/14552) template. :-)

Info

2 Ratings

Supported Clouds

Pricing

All Users

Sign-up for RightScale

Support Information

If you have problems with this server template or any of the scripts, feel free to email me at rgeyer@its.jnj.com.