19 lines
459 B
Markdown
19 lines
459 B
Markdown
# openldap
|
|
## directory server
|
|
|
|
the traffic is proxied by the ingress controller
|
|
there is a config map in place ingress-nginx/tcp-services
|
|
see:
|
|
https://kubernetes.github.io/ingress-nginx/user-guide/exposing-tcp-udp-services/
|
|
|
|
the traffic is still secured in the pod with a cert from cert manager
|
|
|
|
looks like nested groups are not possible
|
|
|
|
improvements:
|
|
proper lets encrypt cert
|
|
demand encryption
|
|
sophosxg firewall user
|
|
metrics
|
|
liveness probes
|
|
resource limits |