Multi-Region: Support shared LDAP service

Decouple NSLCD from the open-ldap SM service and manage it by PMOND
instead. This is needed because in the Shared LDAP case, we deprovision
the open-ldap service on the Secondary Region which renders NSLCD
unmanaged.

Additionally, we allow the Secondary Region or Sub Clouds to bind
anonymously, but still need to support LDAP read operations in these
regions such as ldapfinger or lsldap. For this purpose, the ldapscripts
runtime library has been modified to allow anonymous binds during LDAP
search operations.

Change-Id: Ic01a8097e8124348d493c9e0c82fda94700e28e2
Signed-off-by: Jack Ding <jack.ding@windriver.com>
This commit is contained in:
Kam Nasim 2018-04-17 16:26:25 -04:00 committed by Jack Ding
parent 25ee1b19a4
commit 5e725a7a0a
3 changed files with 23 additions and 3 deletions

View File

@ -1,3 +1,3 @@
SRC_DIR="cgts-mtce-common-1.0"
TIS_PATCH_VER=133
TIS_PATCH_VER=134
BUILD_IS_SLOW=5

View File

@ -485,6 +485,7 @@ install -m 644 -p -D %{_buildsubdir}/pmon/scripts/acpid.conf %{buildroot}%{local
install -m 644 -p -D %{_buildsubdir}/pmon/scripts/sshd.conf %{buildroot}%{local_etc_pmond}/sshd.conf
install -m 644 -p -D %{_buildsubdir}/pmon/scripts/ntpd.conf %{buildroot}%{local_etc_pmond}/ntpd.conf
install -m 644 -p -D %{_buildsubdir}/pmon/scripts/syslog-ng.conf %{buildroot}%{local_etc_pmond}/syslog-ng.conf
install -m 644 -p -D %{_buildsubdir}/pmon/scripts/nslcd.conf %{buildroot}%{local_etc_pmond}/nslcd.conf
install -m 644 -p -D %{_buildsubdir}/rmon/scripts/rmon.conf %{buildroot}%{local_etc_pmond}/rmon.conf
install -m 644 -p -D %{_buildsubdir}/fsmon/scripts/fsmon.conf %{buildroot}%{local_etc_pmond}/fsmon.conf
install -m 644 -p -D %{_buildsubdir}/scripts/mtclogd.conf %{buildroot}%{local_etc_pmond}/mtclogd.conf
@ -579,7 +580,7 @@ install -m 755 -d %{buildroot}/var/run
%{_sysconfdir}/mtc.conf
%{_sysconfdir}/mtc/fsmond.conf
# Mainteance Process Monitor Config Files
# Maintenance Process Monitor Config Files
%{local_etc_pmond}/sshd.conf
%{local_etc_pmond}/ntpd.conf
%{local_etc_pmond}/mtcClient.conf
@ -589,8 +590,10 @@ install -m 755 -d %{buildroot}/var/run
%{local_etc_pmond}/fsmon.conf
%{local_etc_pmond}/mtclogd.conf
%{local_etc_pmond}/mtcalarm.conf
%{local_etc_pmond}/nslcd.conf
# Mainteance log rotation config files
# Maintenance log rotation config files
%{local_etc_logrotated}/fsmon.logrotate
%{local_etc_logrotated}/mtce.logrotate
%{local_etc_logrotated}/mtcalarm.logrotate

View File

@ -0,0 +1,17 @@
[process]
process = nslcd
service = nslcd
pidfile = /var/run/nslcd/nslcd.pid
script = /etc/init.d/openldap
style = lsb ; ocf or lsb
severity = major ; minor, major, critical
restarts = 3 ; restart retries before error assertion
interval = 5 ; number of seconds to wait between restarts
debounce = 20 ; number of seconds that a process needs to remain
; running before degrade is removed and retry count
; is cleared.
startuptime = 5 ; Seconds to wait after process start before starting the debounce monitor
mode = passive ; Monitoring mode: passive (default) or active
; passive: process death monitoring (default: always)
; active : heartbeat monitoring, i.e. request / response messaging
; ignore : do not monitor or stop monitoring