thr3ads.net - samba - [Samba] Running samba in Kubernetes [Sep 2020]

If this information is useful, please help other people find it:
Share via:

Andrea Cucciarre'

2020-Sep-22 11:37 UTC

[Samba] Running samba in Kubernetes

Hello,

I have successfully (hopefully) configured samba to run in Kubernetes 
pods, basically I have a pod (i.e. container) that run winbindd and join 
the Windows AD, and a pod (i.e. container) that run smbd.
I have used socat to allow the unix socket communication between 
winbindd and smbd pods:

*** winbindd pod ***

UID??????? PID? PPID? C STIME TTY????????? TIME CMD
root???????? 1???? 0? 0 Sep17 ???????? 00:00:03 /bin/bash 
./winbind_entrypoint.sh
root????? 1131???? 1? 0 Sep17 ???????? 00:00:00 /usr/bin/socat -dd 
tcp-listen:2377,fork,reuseaddr 
unix-connect:/var/lib/samba/winbindd_privileged/pipe
root????? 1133???? 1? 0 Sep17 ???????? 00:00:00 /usr/bin/socat -dd 
tcp-listen:2376,fork,reuseaddr unix-connect:/run/samba/winbindd/pipe
root????? 2904???? 1? 0 Sep18 ???????? 00:00:04 winbindd -s 
/etc/samba/smb.conf
root????? 2906? 2904? 0 Sep18 ???????? 00:00:06 winbindd -s 
/etc/samba/smb.conf
root????? 2908? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s 
/etc/samba/smb.conf
root????? 2909? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s 
/etc/samba/smb.conf
root????? 2918? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s 
/etc/samba/smb.conf

*** smbd pod ***

UID??????? PID? PPID? C STIME TTY????????? TIME CMD
root???????? 1???? 0? 0 11:04 ???????? 00:00:00 /bin/bash 
/samba_entrypoint.sh
root??????? 13???? 1? 0 11:04 ???????? 00:00:00 socat -dd 
unix-listen:/run/samba/winbindd/pipe,reuseaddr,fork 
tcp-connect:winbindd-1:2376
root??????? 14???? 1? 0 11:04 ???????? 00:00:00 socat -dd 
unix-listen:/var/lib/samba/winbindd_privileged/pipe,reuseaddr,fork 
tcp-connect:winbindd-1:2377
root??????? 18???? 1? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd 
--no-process-group
root??????? 30??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd 
--no-process-group
root??????? 31??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd 
--no-process-group
root??????? 35??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd 
--no-process-group

All seems to run fine, both the share connection and user id mapping

# smbclient -L 127.0.0.1 -U administrator
Enter HYPERFILE\administrator's password:

 ??????? Sharename?????? Type????? Comment
 ??????? ---------?????? ----????? -------
 ??????? volume1???????? Disk????? HyperFile Group 1 Endpoint 1 Volume 1

# id administrator at hyperfile.local
uid=10500(HYPERFILE\administrator) gid=10513(HYPERFILE\domain users)....

Under /var/lib/samba/ I have seen there are a lot of .tdb files, sock 
directory (i.e. msg.sock) and so on.
So I would need to know if */var/lib/samba/winbindd_privileged/pipe* and 
*/var/run/samba/winbindd/pipe* are the only file/socket needed by smbd 
to work/communicate with winbindd?

Thanks in advance
Andrea

mailist

2020-Sep-22 13:40 UTC

head link

[Samba] Running samba in Kubernetes

Hi,

just out of curiosity why? Is it a personal challenge?

On 9/22/20 1:37 PM, Andrea Cucciarre' via samba
wrote:> Hello,
> 
> I have successfully (hopefully) configured samba to run in Kubernetes
> pods, basically I have a pod (i.e. container) that run winbindd and join
> the Windows AD, and a pod (i.e. container) that run smbd.
> I have used socat to allow the unix socket communication between
> winbindd and smbd pods:
> 
> *** winbindd pod ***
> 
> UID??????? PID? PPID? C STIME TTY????????? TIME CMD
> root???????? 1???? 0? 0 Sep17 ???????? 00:00:03 /bin/bash
> ./winbind_entrypoint.sh
> root????? 1131???? 1? 0 Sep17 ???????? 00:00:00 /usr/bin/socat -dd
> tcp-listen:2377,fork,reuseaddr
> unix-connect:/var/lib/samba/winbindd_privileged/pipe
> root????? 1133???? 1? 0 Sep17 ???????? 00:00:00 /usr/bin/socat -dd
> tcp-listen:2376,fork,reuseaddr unix-connect:/run/samba/winbindd/pipe
> root????? 2904???? 1? 0 Sep18 ???????? 00:00:04 winbindd -s
> /etc/samba/smb.conf
> root????? 2906? 2904? 0 Sep18 ???????? 00:00:06 winbindd -s
> /etc/samba/smb.conf
> root????? 2908? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s
> /etc/samba/smb.conf
> root????? 2909? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s
> /etc/samba/smb.conf
> root????? 2918? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s
> /etc/samba/smb.conf
> 
> *** smbd pod ***
> 
> UID??????? PID? PPID? C STIME TTY????????? TIME CMD
> root???????? 1???? 0? 0 11:04 ???????? 00:00:00 /bin/bash
> /samba_entrypoint.sh
> root??????? 13???? 1? 0 11:04 ???????? 00:00:00 socat -dd
> unix-listen:/run/samba/winbindd/pipe,reuseaddr,fork
> tcp-connect:winbindd-1:2376
> root??????? 14???? 1? 0 11:04 ???????? 00:00:00 socat -dd
> unix-listen:/var/lib/samba/winbindd_privileged/pipe,reuseaddr,fork
> tcp-connect:winbindd-1:2377
> root??????? 18???? 1? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd
> --no-process-group
> root??????? 30??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd
> --no-process-group
> root??????? 31??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd
> --no-process-group
> root??????? 35??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd
> --no-process-group
> 
> All seems to run fine, both the share connection and user id mapping
> 
> # smbclient -L 127.0.0.1 -U administrator
> Enter HYPERFILE\administrator's password:
> 
> ??????? Sharename?????? Type????? Comment
> ??????? ---------?????? ----????? -------
> ??????? volume1???????? Disk????? HyperFile Group 1 Endpoint 1 Volume 1
> 
> # id administrator at hyperfile.local
> uid=10500(HYPERFILE\administrator) gid=10513(HYPERFILE\domain users)....
> 
> Under /var/lib/samba/ I have seen there are a lot of .tdb files, sock
> directory (i.e. msg.sock) and so on.
> So I would need to know if */var/lib/samba/winbindd_privileged/pipe* and
> */var/run/samba/winbindd/pipe* are the only file/socket needed by smbd
> to work/communicate with winbindd?
> 
> Thanks in advance
> Andrea
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.samba.org/pipermail/samba/attachments/20200922/33d2b96b/signature.sig>

Andrea Cucciarre'

2020-Sep-23 08:56 UTC

head link

[Samba] Running samba in Kubernetes

Hello,

It's not merely a personal challenge, is part of a bigger project where 
all the service has to run in kuberentes pods

Andrea




On 9/22/2020 3:40 PM, mailist wrote:> Hi,
>
> just out of curiosity why? Is it a personal challenge?
>
> On 9/22/20 1:37 PM, Andrea Cucciarre' via samba wrote:
>> Hello,
>>
>> I have successfully (hopefully) configured samba to run in Kubernetes
>> pods, basically I have a pod (i.e. container) that run winbindd and
join
>> the Windows AD, and a pod (i.e. container) that run smbd.
>> I have used socat to allow the unix socket communication between
>> winbindd and smbd pods:
>>
>> *** winbindd pod ***
>>
>> UID??????? PID? PPID? C STIME TTY????????? TIME CMD
>> root???????? 1???? 0? 0 Sep17 ???????? 00:00:03 /bin/bash
>> ./winbind_entrypoint.sh
>> root????? 1131???? 1? 0 Sep17 ???????? 00:00:00 /usr/bin/socat -dd
>> tcp-listen:2377,fork,reuseaddr
>> unix-connect:/var/lib/samba/winbindd_privileged/pipe
>> root????? 1133???? 1? 0 Sep17 ???????? 00:00:00 /usr/bin/socat -dd
>> tcp-listen:2376,fork,reuseaddr unix-connect:/run/samba/winbindd/pipe
>> root????? 2904???? 1? 0 Sep18 ???????? 00:00:04 winbindd -s
>> /etc/samba/smb.conf
>> root????? 2906? 2904? 0 Sep18 ???????? 00:00:06 winbindd -s
>> /etc/samba/smb.conf
>> root????? 2908? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s
>> /etc/samba/smb.conf
>> root????? 2909? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s
>> /etc/samba/smb.conf
>> root????? 2918? 2904? 0 Sep18 ???????? 00:00:00 winbindd -s
>> /etc/samba/smb.conf
>>
>> *** smbd pod ***
>>
>> UID??????? PID? PPID? C STIME TTY????????? TIME CMD
>> root???????? 1???? 0? 0 11:04 ???????? 00:00:00 /bin/bash
>> /samba_entrypoint.sh
>> root??????? 13???? 1? 0 11:04 ???????? 00:00:00 socat -dd
>> unix-listen:/run/samba/winbindd/pipe,reuseaddr,fork
>> tcp-connect:winbindd-1:2376
>> root??????? 14???? 1? 0 11:04 ???????? 00:00:00 socat -dd
>> unix-listen:/var/lib/samba/winbindd_privileged/pipe,reuseaddr,fork
>> tcp-connect:winbindd-1:2377
>> root??????? 18???? 1? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd
>> --no-process-group
>> root??????? 30??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd
>> --no-process-group
>> root??????? 31??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd
>> --no-process-group
>> root??????? 35??? 18? 0 11:04 ???????? 00:00:00 /usr/sbin/smbd
>> --no-process-group
>>
>> All seems to run fine, both the share connection and user id mapping
>>
>> # smbclient -L 127.0.0.1 -U administrator
>> Enter HYPERFILE\administrator's password:
>>
>>  ??????? Sharename?????? Type????? Comment
>>  ??????? ---------?????? ----????? -------
>>  ??????? volume1???????? Disk????? HyperFile Group 1 Endpoint 1 Volume
1
>>
>> # id administrator at hyperfile.local
>> uid=10500(HYPERFILE\administrator) gid=10513(HYPERFILE\domain
users)....
>>
>> Under /var/lib/samba/ I have seen there are a lot of .tdb files, sock
>> directory (i.e. msg.sock) and so on.
>> So I would need to know if */var/lib/samba/winbindd_privileged/pipe*
and
>> */var/run/samba/winbindd/pipe* are the only file/socket needed by smbd
>> to work/communicate with winbindd?
>>
>> Thanks in advance
>> Andrea
>>
>>

Apparently Analagous Threads

Search for more maybe matching threads

samba - Sep 2020 - Running samba in Kubernetes

[Samba] Running samba in Kubernetes

[Samba] Running samba in Kubernetes

[Samba] Running samba in Kubernetes

Apparently Analagous Threads