Ldap Authentication for Docker
To enable LDAP for docker deployment, there are a couple of files/certificates which are required to carry out the process. With the help of this documentation, we can provide those files/certificates to the docker container to use. To enable security for the Docker deployment, follow the next steps:
Ways to configure LDAP using docker
Configure Using Volumes
In docker/docker-compose-quickstart/docker-compose.yml
file configure the volumes based on the truststoreConfigType
NO NEED TO ADD VOLUMES IF truststoreConfigType
IS TrustAll
OR HostName
.
Using JVMDefault
For docker container to access cacerts, copy the cacerts to docker/ldap/config
and add the path in volumes.
Using CustomTrustStore
For docker container to access your truststore, copy the truststore to docker/ldap/config
and add the path in volumes.
Extend the OpenMetadata server docker image
Create a docker file and add the following details based on the truststoreConfigType
.
NO NEED TO CREATE THIS FILE IF truststoreConfigType
IS TrustAll
OR HostName
.
Using JVMDefault
For docker container to access cacerts, copy the cacerts to docker/ldap/config
as shown below.
Using CustomTrustStore
For docker container to access your truststore, copy the truststore to docker/ldap/config
as shown below.
Run the following command from OpenMetadata root directory to create an image:
NOTE: After the image is created, in docker/docker-compose-quickstart/docker-compose.yml
file, under openmetadata-server service replace the image name with the above created docker image.
Create an .env file
Create an openmetadata_ldap.env file and add the following contents as an example. Use the information generated when setting up the account.
Based on the different truststoreConfigType
, we have following different trustStoreConfig
.