[bitnami/openldap] Fails to set admin password (Docker/k8s/WSL2/nfs-ganesha) #65109
Description
Name and Version
bitnami/openldap:2.6.5
What architecture are you using?
None
What steps will reproduce the bug?
- Windows 11
- Docker Desktop
- WSL2
- Kubernetes
- nfs-ganesha
charts/nfs-server-provisioner/README.md
This is just the context that I am using it in.
What is the expected behavior?
When not using a volume - "slapd starting" then "Configure LDAP credentials for admin user"
2024-04-04 09:36:27 07:36:27.83 INFO ==> ** Starting LDAP setup **
2024-04-04 09:36:27 07:36:27.88 INFO ==> Validating settings in LDAP_* env vars
2024-04-04 09:36:27 07:36:27.94 INFO ==> Initializing OpenLDAP...
2024-04-04 09:36:27 07:36:27.94 DEBUG ==> Ensuring expected directories/files exist...
2024-04-04 09:36:27 07:36:27.96 INFO ==> Creating LDAP online configuration
2024-04-04 09:36:27 07:36:27.97 INFO ==> Creating slapd.ldif
2024-04-04 09:36:28 07:36:28.12 INFO ==> Starting OpenLDAP server in background
2024-04-04 09:36:28 660e587c.07cb43d1 0x7f89f251c740 @(#) $OpenLDAP: slapd 2.6.5 (Jul 24 2023 20:10:50) $
2024-04-04 09:36:28 @e1677ed71b32:/bitnami/blacksmith-sandox/openldap-2.6.5/servers/slapd
2024-04-04 09:36:28 660e587c.09645ea2 0x7f89f251c740 slapd starting
2024-04-04 09:36:29 07:36:29.13 INFO ==> Configure LDAP credentials for admin user
2024-04-04 09:36:29 SASL/EXTERNAL authentication started
2024-04-04 09:36:29 660e587d.085063b1 0x7f89b177a700 conn=1000 fd=12 ACCEPT from PATH=/opt/bitnami/openldap/var/run/ldapi (PATH=/opt/bitnami/openldap/var/run/ldapi)
2024-04-04 09:36:29 660e587d.0854c94a 0x7f89b177a700 conn=1000 op=0 BIND dn="" method=163
What do you see instead?
What seems to happen is, that the pvc requested via nfs-ganesha "takes too long" (?) and the " Configure LDAP credentials for admin user" is outpacing the "slapd starting"
When launching I see:
2024-04-04 10:08:39 08:08:39.70 INFO ==> ** Starting LDAP setup **
2024-04-04 10:08:39 08:08:39.73 INFO ==> Validating settings in LDAP_* env vars
2024-04-04 10:08:39 08:08:39.74 INFO ==> Initializing OpenLDAP...
2024-04-04 10:08:39 08:08:39.74 DEBUG ==> Ensuring expected directories/files exist...
2024-04-04 10:08:39 08:08:39.75 INFO ==> Creating LDAP online configuration
2024-04-04 10:08:39 08:08:39.75 INFO ==> Creating slapd.ldif
2024-04-04 10:08:39 08:08:39.79 INFO ==> Starting OpenLDAP server in background
2024-04-04 10:08:39 660e6007.2f88772a 0x7f0788ee3740 @(#) $OpenLDAP: slapd 2.6.5 (Jul 24 2023 20:10:50) $
2024-04-04 10:08:39 @e1677ed71b32:/bitnami/blacksmith-sandox/openldap-2.6.5/servers/slapd
2024-04-04 10:08:40 08:08:40.80 INFO ==> Configure LDAP credentials for admin user
2024-04-04 10:08:40 ldap_sasl_interactive_bind: Can't contact LDAP server (-1)
2024-04-04 10:08:40 660e6008.3401f7f9 0x7f0788ee3740 slapd starting
2024-04-04 10:08:40 660e6008.3403203c 0x7f0788ee3740 listener initialization failed
2024-04-04 10:08:40 660e6008.34037d05 0x7f0748942700 daemon: shutdown requested and initiated.
2024-04-04 10:08:40 660e6008.3404d854 0x7f0748942700 slapd shutdown: waiting for 0 operations/tasks to finish
2024-04-04 10:08:40 660e6008.342aa97a 0x7f0788ee3740 slapd stopped.
Additional information
The issue as I see it is that in /opt/bitnami/scripts/libopenldap.sh this part of the code isn't resilient to a slow responding filesystem/server start:
line 581
else
# Create OpenLDAP online configuration
ldap_create_online_configuration
ldap_start_bg
ldap_admin_credentialsldap_admin_credentials isn't waiting long enough for ldap_start_bg to be ready
line 193, in ldap_start_bg()
if is_ldap_not_running; thenit ultimately calls "is_ldap_running()" which only checks for the pid file.
What seems to be happening is that the pid file is there, however slapd not fully ready yet.
The code continues and the ldap_admin_credentials then tries to set the admin credentials too early.
options (?):
- add a sleep or the like
- check the actual slapd availablilty - rather than just pid file - before trying to execute the ldapmodify