LdapCacheCleaner is a special container to clean cache in WrenDS pods.
- Stable:
gluufederation/ldap-cache-cleaner:4.1.1_01 - Unstable:
gluufederation/ldap-cache-cleaner:4.1.1_dev
Refer to Changelog for details on new features, bug fixes, or older releases.
The following environment variables are supported by the container:
GLUU_CONFIG_ADAPTER: The config backend adapter, can beconsul(default) orkubernetes.GLUU_CONFIG_CONSUL_HOST: hostname or IP of Consul (default tolocalhost).GLUU_CONFIG_CONSUL_PORT: port of Consul (default to8500).GLUU_CONFIG_CONSUL_CONSISTENCY: Consul consistency mode (choose one ofdefault,consistent, orstale). Default tostalemode.GLUU_CONFIG_CONSUL_SCHEME: supported Consul scheme (httporhttps).GLUU_CONFIG_CONSUL_VERIFY: whether to verify cert or not (default tofalse).GLUU_CONFIG_CONSUL_CACERT_FILE: path to Consul CA cert file (default to/etc/certs/consul_ca.crt). This file will be used if it exists andGLUU_CONFIG_CONSUL_VERIFYset totrue.GLUU_CONFIG_CONSUL_CERT_FILE: path to Consul cert file (default to/etc/certs/consul_client.crt).GLUU_CONFIG_CONSUL_KEY_FILE: path to Consul key file (default to/etc/certs/consul_client.key).GLUU_CONFIG_CONSUL_TOKEN_FILE: path to file contains ACL token (default to/etc/certs/consul_token).GLUU_CONFIG_KUBERNETES_NAMESPACE: Kubernetes namespace (default todefault).GLUU_CONFIG_KUBERNETES_CONFIGMAP: Kubernetes configmaps name (default togluu).GLUU_CONFIG_KUBERNETES_USE_KUBE_CONFIG: Load credentials from$HOME/.kube/config, only useful for non-container environment (default tofalse).GLUU_SECRET_ADAPTER: The secrets adapter, can bevaultorkubernetes.GLUU_SECRET_VAULT_SCHEME: supported Vault scheme (httporhttps).GLUU_SECRET_VAULT_HOST: hostname or IP of Vault (default tolocalhost).GLUU_SECRET_VAULT_PORT: port of Vault (default to8200).GLUU_SECRET_VAULT_VERIFY: whether to verify cert or not (default tofalse).GLUU_SECRET_VAULT_ROLE_ID_FILE: path to file contains Vault AppRole role ID (default to/etc/certs/vault_role_id).GLUU_SECRET_VAULT_SECRET_ID_FILE: path to file contains Vault AppRole secret ID (default to/etc/certs/vault_secret_id).GLUU_SECRET_VAULT_CERT_FILE: path to Vault cert file (default to/etc/certs/vault_client.crt).GLUU_SECRET_VAULT_KEY_FILE: path to Vault key file (default to/etc/certs/vault_client.key).GLUU_SECRET_VAULT_CACERT_FILE: path to Vault CA cert file (default to/etc/certs/vault_ca.crt). This file will be used if it exists andGLUU_SECRET_VAULT_VERIFYset totrue.GLUU_SECRET_KUBERNETES_NAMESPACE: Kubernetes namespace (default todefault).GLUU_SECRET_KUBERNETES_CONFIGMAP: Kubernetes secrets name (default togluu).GLUU_SECRET_KUBERNETES_USE_KUBE_CONFIG: Load credentials from$HOME/.kube/config, only useful for non-container environment (default tofalse).GLUU_WAIT_MAX_TIME: How long the startup "health checks" should run (default to300seconds).GLUU_WAIT_SLEEP_DURATION: Delay between startup "health checks" (default to10seconds).GLUU_PERSISTENCE_TYPE: Persistence backend being used (one ofldap,couchbase, orhybrid; default toldap).GLUU_PERSISTENCE_LDAP_MAPPING: Specify data that should be saved in LDAP (one ofdefault,user,cache,site, ortoken; default todefault). Note this environment only takes effect whenGLUU_PERSISTENCE_TYPEis set tohybrid.GLUU_LDAP_URL: Address and port of LDAP server (default tolocalhost:1636); required ifGLUU_PERSISTENCE_TYPEis set toldaporhybrid.GLUU_CONTAINER_METADATA: The name of scheduler to pull container metadata (one ofdockerorkubernetes; default todocker).
-
Set the appropriate
GLUU_CONTAINER_METADATAenvironment variable. If the container is running on the Docker scheduler, thedocker.sockfile must be mounted into container.Docker:
docker run \ -e GLUU_CONTAINER_METADATA=docker \ -v /var/run/docker.sock:/var/run/docker.sock \ gluufederation/ldap-cache-cleaner:4.1.1_01
Kubernetes:
Set the environment variable
GLUU_CONTAINER_METADATA=kubernetes.