[Samba] Running samba in Kubernetes

Andrea Cucciarre' acucciarre at cloudian.com
Wed Sep 23 08:56:21 UTC 2020 

Hello,

It's not merely a personal challenge, is part of a bigger project where 
all the service has to run in kuberentes pods

Andrea




On 9/22/2020 3:40 PM, mailist wrote:
> Hi,
>
> just out of curiosity why? Is it a personal challenge?
>
> On 9/22/20 1:37 PM, Andrea Cucciarre' via samba wrote:
>> Hello,
>>
>> I have successfully (hopefully) configured samba to run in Kubernetes
>> pods, basically I have a pod (i.e. container) that run winbindd and join
>> the Windows AD, and a pod (i.e. container) that run smbd.
>> I have used socat to allow the unix socket communication between
>> winbindd and smbd pods:
>>
>> *** winbindd pod ***
>>
>> UID        PID  PPID  C STIME TTY          TIME CMD
>> root         1     0  0 Sep17 ?        00:00:03 /bin/bash
>> ./winbind_entrypoint.sh
>> root      1131     1  0 Sep17 ?        00:00:00 /usr/bin/socat -dd
>> tcp-listen:2377,fork,reuseaddr
>> unix-connect:/var/lib/samba/winbindd_privileged/pipe
>> root      1133     1  0 Sep17 ?        00:00:00 /usr/bin/socat -dd
>> tcp-listen:2376,fork,reuseaddr unix-connect:/run/samba/winbindd/pipe
>> root      2904     1  0 Sep18 ?        00:00:04 winbindd -s
>> /etc/samba/smb.conf
>> root      2906  2904  0 Sep18 ?        00:00:06 winbindd -s
>> /etc/samba/smb.conf
>> root      2908  2904  0 Sep18 ?        00:00:00 winbindd -s
>> /etc/samba/smb.conf
>> root      2909  2904  0 Sep18 ?        00:00:00 winbindd -s
>> /etc/samba/smb.conf
>> root      2918  2904  0 Sep18 ?        00:00:00 winbindd -s
>> /etc/samba/smb.conf
>>
>> *** smbd pod ***
>>
>> UID        PID  PPID  C STIME TTY          TIME CMD
>> root         1     0  0 11:04 ?        00:00:00 /bin/bash
>> /samba_entrypoint.sh
>> root        13     1  0 11:04 ?        00:00:00 socat -dd
>> unix-listen:/run/samba/winbindd/pipe,reuseaddr,fork
>> tcp-connect:winbindd-1:2376
>> root        14     1  0 11:04 ?        00:00:00 socat -dd
>> unix-listen:/var/lib/samba/winbindd_privileged/pipe,reuseaddr,fork
>> tcp-connect:winbindd-1:2377
>> root        18     1  0 11:04 ?        00:00:00 /usr/sbin/smbd
>> --no-process-group
>> root        30    18  0 11:04 ?        00:00:00 /usr/sbin/smbd
>> --no-process-group
>> root        31    18  0 11:04 ?        00:00:00 /usr/sbin/smbd
>> --no-process-group
>> root        35    18  0 11:04 ?        00:00:00 /usr/sbin/smbd
>> --no-process-group
>>
>> All seems to run fine, both the share connection and user id mapping
>>
>> # smbclient -L 127.0.0.1 -U administrator
>> Enter HYPERFILE\administrator's password:
>>
>>          Sharename       Type      Comment
>>          ---------       ----      -------
>>          volume1         Disk      HyperFile Group 1 Endpoint 1 Volume 1
>>
>> # id administrator at hyperfile.local
>> uid=10500(HYPERFILE\administrator) gid=10513(HYPERFILE\domain users)....
>>
>> Under /var/lib/samba/ I have seen there are a lot of .tdb files, sock
>> directory (i.e. msg.sock) and so on.
>> So I would need to know if */var/lib/samba/winbindd_privileged/pipe* and
>> */var/run/samba/winbindd/pipe* are the only file/socket needed by smbd
>> to work/communicate with winbindd?
>>
>> Thanks in advance
>> Andrea
>>
>>

More information about the samba mailing list