Git Product home page Git Product logo

Comments (4)

phlogistonjohn avatar phlogistonjohn commented on June 16, 2024 1

Thanks for the feedback! There's currently no great way to get custom settings into the AD DC container (this is not the case for the file server container). This is due to the fact that the AD DC provision command makes the smb.conf file and how it does that. There's an issue for this in sambacc samba-in-kubernetes/sambacc#43 - I started working on it but found it was trickier than I anticipated. I did find out from Andrew Bartlett of the samba team there are other approaches but those ended up fairly tricky to implement too. At one point I wondered if it would be worth trying to patch samba-tool.

This is not an excuse, but rather an explanation of why I haven't gotten back to it! ;-) Maybe I'll have the motivation to look again soon. Also, anyone should feel free to try and contribute the feature if you're up to it.

from samba-container.

phlogistonjohn avatar phlogistonjohn commented on June 16, 2024 1

I forgot to mention: for what it's worth one can manipulate the generated smb.conf after the provision is done. So if the settings in question are not needed for provisioning it's possible to do that (esp. if you're storing the /etc/samba as a persistent volume). But it's annoying, I know.

from samba-container.

phlogistonjohn avatar phlogistonjohn commented on June 16, 2024 1

I keep forgetting things. In case it helps: the way we set up our AD DC instances we configure the internal k8s dns server to delegate to the AD DC for certain subdomains. When the in-cluster applications refer to domains outside of the DC's domain the resolution doesn't need to go through the DC's DNS. This principle would also apply to systems outside of the k8s cluster but you need to control a DNS server :-)

Example:

samba-container/tests/test-deploy-ad-server.sh

Lines 57 to 92 in 193bfe8

echo "patching coredns zonefile"
AD_POD_IP=$(kubectl get pod -o jsonpath='{ .items[*].status.podIP }')
[ $? -eq 0 ] || _error "Error getting ad server pod IP"
echo "AD pod IP: ${AD_POD_IP}"
TMPFILE=$(mktemp)
cat > "${TMPFILE}" <<EOF
data:
Corefile: |
EOF
kubectl get cm -n kube-system coredns -o jsonpath='{ .data.Corefile }' \
| sed -e 's/^/ /g' \
>> "${TMPFILE}"
echo >> "${TMPFILE}"
# don't repeat an existing block for our domain
FIRSTLINE="$(head -1 ./tests/files/coredns-snippet.template)"
LASTLINE=" }"
sed -i .backup -e "/$FIRSTLINE/,/$LASTLINE/d" "${TMPFILE}"
sed -e "s/AD_SERVER_IP/${AD_POD_IP}/" \
< tests/files/coredns-snippet.template \
>> "${TMPFILE}"
echo >> "${TMPFILE}"
kubectl patch cm -n kube-system coredns -p "$(cat "${TMPFILE}")"
[ $? -eq 0 ] || _error "Error patching coredns config map"
echo "ad setup done"

Maybe that'll be useful to you as a workaround for not being able to set dns forwarder for now.

from samba-container.

scara avatar scara commented on June 16, 2024

Thanks @phlogistonjohn for your fast reply and insights!
For my use case the AD DC DNS will be the primary one, unfortunately.

samba-container/tests/test-deploy-ad-server.sh

Nice hack!

In the mean time, I'll explore the other sambacc caps.

TIA,
Matteo

from samba-container.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.