Stefan G. Weichinger
2018-Sep-03 15:05 UTC
[Samba] running a (secondary) samba DC as docker container
Am 03.09.18 um 15:12 schrieb Robert Marcano via samba:> On 09/03/2018 04:10 AM, Stefan G. Weichinger via samba wrote: >> >> As I am learning docker lately I came to the idea of using a docker >> container as a "fallback" DC at sites where there is no budget (or >> understanding) for a 2nd physical DC. >> >> That 2nd DC *might* run as docker container alongside the >> DM/fileserver, right? OK, it should get a separate IP, I assume etc >> >> Aside from the details: does anyone here actually do that? >> > Greetings, I am running 3 domains on customer sites, inside containers. > There are a few tips: > > 1. Add a new dedicated IP to use by the container > 2. Run the container with host networking > 3. Run the container in privileged mode. It should probably run without > this but some permissions may be needed to be granted, That is a big > TODO for me. > 4. On the container instance smb.conf, remember so set: > interfaces = <public IP> > bind interfaces only = Yes > 5. I am using the internal DNS but it should work too with Bind. > > I create my container instances this way (I use podman for simplicity, > but it works on docker too) > > podman create --privileged \ > --network host \ > -v /srv/samba/samba-ad/etc:/etc/samba:Z \ > -v /srv/samba/samba-ad/data:/var/lib/samba:Z \ > -v /srv/samba/samba-ad/log:/var/log/samba:Z \ > --hostname dc.example.com \ > --name samba-ad \ > --dns 127.0.0.1 \ > > Mounting these three volumes allow you to be able to recreate the > container at any time and reuse the important Samba persistent datagreat, thanks! Which docker image do you use as base image? That info seems to miss from your cut-and-paste ;-)
Robert Marcano
2018-Sep-03 15:21 UTC
[Samba] running a (secondary) samba DC as docker container
On 09/03/2018 11:05 AM, Stefan G. Weichinger via samba wrote:> Am 03.09.18 um 15:12 schrieb Robert Marcano via samba: >> On 09/03/2018 04:10 AM, Stefan G. Weichinger via samba wrote: >>> >>> As I am learning docker lately I came to the idea of using a docker >>> container as a "fallback" DC at sites where there is no budget (or >>> understanding) for a 2nd physical DC. >>> >>> That 2nd DC *might* run as docker container alongside the >>> DM/fileserver, right? OK, it should get a separate IP, I assume etc >>> >>> Aside from the details: does anyone here actually do that? >>> >> Greetings, I am running 3 domains on customer sites, inside containers. >> There are a few tips: >> >> 1. Add a new dedicated IP to use by the container >> 2. Run the container with host networking >> 3. Run the container in privileged mode. It should probably run without >> this but some permissions may be needed to be granted, That is a big >> TODO for me. >> 4. On the container instance smb.conf, remember so set: >> interfaces = <public IP> >> bind interfaces only = Yes >> 5. I am using the internal DNS but it should work too with Bind. >> >> I create my container instances this way (I use podman for simplicity, >> but it works on docker too) >> >> podman create --privileged \ >> --network host \ >> -v /srv/samba/samba-ad/etc:/etc/samba:Z \ >> -v /srv/samba/samba-ad/data:/var/lib/samba:Z \ >> -v /srv/samba/samba-ad/log:/var/log/samba:Z \ >> --hostname dc.example.com \ >> --name samba-ad \ >> --dns 127.0.0.1 \ >> >> Mounting these three volumes allow you to be able to recreate the >> container at any time and reuse the important Samba persistent data > > great, thanks! Which docker image do you use as base image?Sent to you a copy of this email with an attachment of the Dockerfile needed to build the container image. There are two Dockerfile there, one for Fedora (extremely experimental Samba package there, don't use on production) and another one based on Debian 9 and L.P.H. van Belle's Samba 4.7 packages The container has two entry points, "shell" so you can start the instance and do you configuration, and "start". I plan to publish these containers, but they need a little more polishing, and test a few more configurations (like to use Bind)> > That info seems to miss from your cut-and-paste ;-) >
Stefan G. Weichinger
2018-Sep-03 15:24 UTC
[Samba] running a (secondary) samba DC as docker container
Am 03.09.18 um 17:21 schrieb Robert Marcano:> On 09/03/2018 11:05 AM, Stefan G. Weichinger via samba wrote: >> great, thanks! Which docker image do you use as base image? > > Sent to you a copy of this email with an attachment of the Dockerfile > needed to build the container image. There are two Dockerfile there, one > for Fedora (extremely experimental Samba package there, don't use on > production) and another one based on Debian 9 and L.P.H. van Belle's > Samba 4.7 packages > > The container has two entry points, "shell" so you can start the > instance and do you configuration, and "start". > > I plan to publish these containers, but they need a little more > polishing, and test a few more configurations (like to use Bind)great, thanks. I thought of debian-based anyway, sure. I will play around with these and see how far I get ;-)