eDirectory supports eDirectory container deployment on Microsoft Azure container instance. The deployment process is simple and time-efficient. eDirectory container is pushed into the registry as Docker image that is self-contained and capable of running on its own. This section guides you through the process of deploying eDirectory Docker image on Azure.
To setup the Azure container for deployment, NetIQ recommends that you complete the steps in the following checklist:
Checklist Items |
|
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
To push the Docker image to the Azure container registry:
Download the eDirectory Docker image tarball from the Software License and Download portal.
Untar the downloaded build, extract the Docker image, and then load it into the local Docker registry using the following commands:
# tar -xvf eDirectory_92x_Container.tar.gz # docker load --input eDirectory_92x/eDirectory_92x.tar.gz
The docker load command loads the Docker image named edirectory:9.2.x from tar archive.
Tag the Docker image with your registry name using the following command
Docker tag edirectory:<image-id> <registry-name>.azurecr.io/<repository-name-tag>
Where,
edirectory:<image-id> is the local Docker image ID.
<registry-name> is the name of your private registry.
<repository-name-tag> is the tag you want to assign to the Docker image.
For example, docker tag edirectory:92x myazureregistry.azurecr.io/edir927
Push the Docker image to the registry using the following command:
docker push <registry-name>.azurecr.io/<repository-name-tag>
Where,
<registry-name> is the name of your private registry.
<repository-name-tag> is the tag that you assigned to the Docker image.
For example, docker push myazureregistry.azurecr.io/edir92x
A YAML file is a quick and easy way to create or update a container group. The az container create command in the Azure command-line interface reads the group configurations from a YAML file. You must edit and upload the YAML file bundled with the eDirectory Docker image tarball before creating an Azure container instance.
The following section shows the schema for a YAML file, including comments (indicated with a # symbol) that highlights key properties. For a description of properties in this schema, see the Property Values section.
name: # Provide the name of the container group apiVersion: '2019-12-01' properties: # Properties of container group containers: # The containers within the container group - name: test-edir92 # Provide a name of container instance properties: # Properties of a container instance image: myazureregistry.azurecr.io/edir926 # Provide the name of the container image used to create the container instance command: - /start.sh #Not optional - 'new -t 926edir1 -n novell -a admin.novell -w xx -S server1 -i -B @1524 -o 1028 -O 1030 -L 1389 -l 1636 --configure-eba-now no' #Sample command ports: # External-facing ports exposed on the instance, must also be set in group ipAddress property - protocol: tcp port: 1030 #HTTPS port. Depends on the parameter provided in command for -O - protocol: tcp port: 1389 #LDAP port. Depends on the parameter provided in command for -L environmentVariables: - name: YAML_MODE #Mandatory variable. Required if yaml file is used for configuring edirectory value: '1' resources: # Minimum resource requirements of the instance requests: memoryInGB: 2 cpu: 1.5 volumeMounts: # Array of volume mounts for the instance - name: configvolume mountPath: /config #Mandatory. Do not change this path. imageRegistryCredentials: # Credentials to pull a private image - server: myazureregistry.azurecr.io #Provide the image registry server name username: myazureregistry #Provide the image registry username password: xxxx #Provide the image registry password #restartPolicy: Never #Optional ipAddress: # IP address configuration of container group ports: - protocol: tcp port: 1030 #HTTPS port. Depends on the parameter provided in command for -O - protocol: tcp port: 1389 #LDAP port. Depends on the parameter provided in command for -L type: Private networkProfile: # Virtual network profile for container group id: subscriptions/xxx-xxx-xxx/resourceGroups/myresourcegroup/providers/Microsoft.Network/networkProfiles/aci-network-profile-VirtualNetmy-containersubnet #Can be found by running the command, az network profile list --resource-group myResourceGroup --query [0].id --output tsv, if no output then run the first time using azure cloud shell osType: Linux volumes: # Array of volumes available to the instances - name: configvolume azureFile: shareName: testshare #Provide the name of the Azure File share to be mounted as a volume storageAccountName: myfileshare #Provide name of the storage account storageAccountKey: xxx_xxx #Provide storage account access key
The following tables describe the values you need to set in the schema.
Name |
Type |
Required |
Value |
---|---|---|---|
containerGroups object |
|||
Name |
String |
Yes |
Name of the container group. You can also provide container name. |
apiVersion |
enum |
Yes |
The resource api version. For example, '2019-12-01'. |
properties |
object |
Yes |
Properties of a container group. Look for the ContainerGroupProperties object in this table to find values supported for properties. |
ContainerGroupProperties object |
|||
containers |
array |
Yes |
The containers within the container group. Look for the Container object in this table to find values supported for containers. |
imageRegistryCredentials |
array |
No |
The image registry credentials by which the container group is created from. Look for the ImageRegistryCredential object in this table to find values supported for imageRegistryCredentials. |
restartPolicy |
enum |
No |
Restart policy for all containers within the container group:
|
ipAddress |
object |
No |
The IP address type of the container group. Look for the IPAddress object in this table to find values supported for ipAddress. |
osType |
enum |
Yes |
The operating system type required by the containers in the container group. - Windows or Linux |
volumes |
array |
No |
The list of volumes that can be mounted by containers in this container group. Look for the Volume object in this table to find values supported for volumes. |
Container object |
|||
name |
string |
Yes |
The user-provided name of the container instance. For example, test-edir92. |
properties |
object |
Yes |
The properties of the container instance. Look for the ContainerProperties object in this table to find values supported for properties. |
ContainerProperties object |
|||
image |
string |
Yes |
The name of the image used to create the container instance. For example, myazureregistry.azurecr.io/edir926 (Step 3). |
command |
array |
No |
The commands to execute within the container instance in exec form. eDirectory Docker container accepts the parameters of the ndsconfig utility with Docker command. For more information about the ndsconfig utility, see The ndsconfig Utility. |
ports |
array |
No |
The exposed ports on the container instance. Look for the ContainerPort object in this table to find values supported for ports. |
environmentVariables |
array |
No |
The environment variables to set in the container instance. Look for the EnvironmentVariable object in this table to find values supported for environmentVariables. |
resources |
object |
Yes |
The resource requirements of the container instance. Look for the ResourceRequirements object in this table to find values supported for resources. |
volumeMounts |
array |
No |
The volume mounts available to the container instance. Look for the VolumeMount object in this table to find values supported for volumeMounts. |
ContainerPort object |
|||
protocol |
enum |
No |
The protocol associated with the port. - TCP or UDP |
port |
integer |
Yes |
The port number. |
EnvironmentVariable object |
|||
name |
string |
Yes |
The name of the environment variable. |
value |
string |
No |
The value of the environment variable. |
ResourceRequirements object |
|||
requests |
object |
Yes |
The resource requests of this container instance. Look for the ResourceRequests object in this table to find values supported for requests. |
ResourceRequests object |
|||
memoryInGB |
number |
Yes |
The memory request in GB of this container instance. |
cpu |
number |
Yes |
The CPU request of this container instance. |
VolumeMount object |
|||
name |
string |
Yes |
The name of the volume mount. |
mountPath |
string |
Yes |
The path within the container where the volume should be mounted. Must not contain colon (:). |
ImageRegistryCredential object |
|||
server |
string |
Yes |
The Docker image registry server without a protocol such as "http" and "https". Provide the registry name created in checklist step 1 (see Checklist for Deploying the Container). |
username |
string |
No |
The username for the private registry. For more information, see How to Find Username Information. |
password |
string |
No |
The password for the private registry. For more information, see How to Find Azure Registry Password. |
IPAddress object |
|||
ports |
array |
Yes |
The list of ports exposed on the container group. Look for the Port object in this table to find values supported for ports. |
type |
enum |
Yes |
Specifies if the IP is exposed to the public internet or private VNET. - Public or Private |
Port object |
|||
protocol |
enum |
No |
The protocol associated with the port. - TCP or UDP |
port |
integer |
Yes |
The port number. |
Volume object |
|||
name |
string |
Yes |
The name of the volume. |
azureFile |
object |
No |
The Azure File volume. Look for the AzureFileVolume object in this table to find values supported for azureFile. |
AzureFileVolume object |
|||
shareName |
string |
Yes |
The name of the Azure File share to be mounted as a volume. Provide the storage file share name created in checklist step 3 (see Checklist for Deploying the Container). |
storageAccountName |
string |
Yes |
The name of the storage account that contains the Azure File share. |
storageAccountKey |
string |
No |
The storage account access key used to access the Azure File share. To find storage account key, see View Account Access Keys. |
Run the following command to create a container in a container group using the YAML file you earlier edited:
az container create --resource-group <MyResourceGroup> --name <container-instance-name> --file <containerGroup.yaml>
Where,
<MyResourceGroup> represents the name of the resource group. Mandatory field.
<container-instance-name> represents the name of the container instance in a container group.
<containerGroup.yaml> represents the path to the input file.
For example, az container create --resource-group MyResourcegroup --name edir92 --file edir-azure-conf.yaml