0

I'm using supervisord to run multi-service in a container. I want a ldap service for my web application. So I installed and started opendj with the follow info,

Dockerfile

RUN dpkg -i $APP_HOME/packages/opendj_3.0.0-1_all.deb && \
    /opt/opendj/setup \
          --cli \
          --backendType je \
          --baseDN dc=test,dc=net \
          --ldapPort 389 \
          --adminConnectorPort 4444 \
          --rootUserDN cn=Directory\ Manager \
          --rootUserPassword 123456 \
          --no-prompt \
          --noPropertiesFile \
          --acceptLicense \
          --doNotStart

supervisord.conf

[program:ldap]
command=/opt/opendj/bin/start-ds
priority=1

When running my customized imgae, I got the following exiting message for ldap.

2020-05-25 06:46:03,486 INFO exited: ldap (exit status 0; expected)

Logging into the container to get all process status info with supervisorctl status all and ps -aux respectively.

$supervisorctl status all
ldap                             EXITED    May 25 06:46 AM

$ps -aux
root        97  3.4  5.9 3489048 240248 pts/0  Sl   06:15   0:08 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -server -Dorg.opends.server.scriptName=start-ds org.opends.server.core.DirectoryServer --configClass org.opends.server.extensions.ConfigFileHandler

I found the ldap program starting up with start-ds shell script, that is, that start-ds shell process exited, but the ldap server which isn't controlled by supervisor is running. If stopping supervisor subprocesses, the ldap server can't be stopped gracefully.

So my question is how to configure to make the supervisor to control the ldap server process which is started up by start-ds.

niaomingjian
  • 3,472
  • 8
  • 43
  • 78
  • Could you run the LDAP server and application in separate containers? That might be easier to manage than configuring supervisord, and avoids some practical issues (if you need to update the application, you're not forced to also restart the LDAP daemon; if you need to run multiple replicas for scale, you can independently scale the application and LDAP server). – David Maze May 25 '20 at 10:24
  • The reason of starting up all services and the web app in one container is just for preview conveniently, not for performance, scaling, and so on. I also have them in separate containers for production. – niaomingjian May 26 '20 at 02:25

2 Answers2

0

There is a --nodetach option that you should use in such cases: https://github.com/ForgeRock/opendj-community-edition/blob/master/resource/bin/start-ds#L60

JnRouvignac
  • 807
  • 5
  • 19
  • There's no _svc-opendj.sh file in the ${INSTALL_ROOT}/lib/ directory. So I think that statement won't be executed. And my base image is ubuntu:16.04. – niaomingjian May 27 '20 at 02:57
0

Reference Doc says:

Options

The start-ds command takes the following options:

-N | --nodetach
Do not detach from the terminal and continue running in the foreground. This option cannot be used with the -t, --timeout option.

Default: false

The statement in start-ds.sh file is:

exec "${OPENDJ_JAVA_BIN}" ${OPENDJ_JAVA_ARGS} ${SCRIPT_NAME_ARG} \
  org.opends.server.core.DirectoryServer \
  --configClass org.opends.server.extensions.ConfigFileHandler \
  --configFile "${CONFIG_FILE}" "${@}"

start-ds script will append this option when run /opt/opendj/bin/start-ds -N

/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -server -Dorg.opends.server.scriptName=start-ds org.opends.server.core.DirectoryServer --configClass org.opends.server.extensions.ConfigFileHandler --configFile /opt/opendj/config/config.ldif -N
niaomingjian
  • 3,472
  • 8
  • 43
  • 78