GLAuth Kubernetes Charmed Operator

This repository holds the Juju Kubernetes charmed operator for GLAuth, an open-sourced LDAP server.

Usage

The glauth-k8s charmed operator can be deployed using the following command:

juju deploy glauth-k8s --channel edge --trust

The glauth-k8s charmed operator uses the Charmed PostgreSQL K8s Operator as the backend:

juju deploy postgresql-k8s --channel 14/stable --trust

juju integrate glauth-k8s postgresql-k8s

The glauth-k8s charmed operator also requires a certificate provider. Take the self-signed-certificates-operator as an example:

juju deploy self-signed-certificates --channel stable --trust

juju integrate glauth-k8s self-signed-certificates

Integrations

ldap Integration

The glauth-k8s charmed operator offers the ldap integration with any LDAP client charmed operator following the ldap interface protocol.

juju integrate <ldap-client-charm>:ldap glauth-k8s:ldap

glauth_auxiliary Integration

The glauth-k8s charmed operator provides the glauth_auxiliary integration with the glauth-utils charmed operator to deliver necessary auxiliary configurations.

juju integrate glauth-utils glauth-k8s

certificate_transfer Integration

The glauth-k8s charmed operator provides the certificate_transfer integration with any charmed operator following the certificate_transfer interface protocol.

juju integrate <client-charm> glauth-k8s

postgresql_client Integration

The glauth-k8s charmed operator requires the integration with the postgres-k8s charmed operator following the postgresql_client interface protocol.

juju integrate glauth-k8s postgresql-k8s

tls_certificates Integration

The glauth-k8s charmed operator requires the tls-certificates integration with any charmed operator following the tls_certificates interface protocol. Take the self-signed-certificates-operator as an example:

juju integrate glauth-k8s self-signed-certificates

Observability

GLAuth operator integrates with Canonical Observability Stack (COS) bundle. It comes with a Grafana dashboard and Loki and Prometheus alert rules for basic common scenarios. To integrate with the COS bundle, after you deploy it, you can run:

juju integrate glauth-k8s:metrics-endpoint prometheus:metrics-endpoint
juju integrate glauth-k8s:logging loki:logging
juju integrate glauth-k8s:grafana-dashboard grafana:grafana-dashboard

Configurations

The glauth-k8s charmed operator offers the following charm configuration options.

Charm Config Option	Description	Example
base_dn	The portion of the DIT in which to search for matching entries	juju config <charm-app> base-dn="dc=glauth,dc=com"
hostname	The hostname of the LDAP server in glauth-k8s charmed operator	juju config <charm-app> hostname="ldap.glauth.com"
starttls_enabled	The switch to enable/disable StartTLS support	juju config <charm-app> starttls_enabled=true

⚠️ NOTE

• The hostname should NOT contain the ldap scheme (e.g. ldap://) and port.
• Please refer to the config.yaml for more details about the configurations.

Contributing

Please refer to the Contributing for developer guidance. Please see the Juju SDK documentation for more information about developing and improving charms.

Licence

The GLAuth Kubernetes Charmed Operator is free software, distributed under the Apache Software License, version 2.0. See LICENSE for more information.