Applies To
- Zenoss Resource Manager 5.x
Summary
If the host OS can ping the LDAP server but the zope containers cannot ping outbound to the LDAP server, the host isn't forwarding container packets externally.
Signs that LDAP is not working correctly can include:
- Inability to delete old LDAP configuration from Resource Manager GUI.
- Inability to create new LDAP configuration after removing LDAP configuration via the Zope configuration page
(https://<RM Host Name>/zport/acl_users/manage). - Inability to ping the LDAP server from the container.
Procedure
To set the host to forward the container outbound LDAP packets, perform the following:
- Determine if the host is configured to forward outbound container packets:
cat /proc/sys/net/ipv4/ip_forward
If this returns a 0 (false), the host is not configured to forward packets from the container.
- Change the value from 0 (false) to 1 (true) to enable container packet forwarding by the host:
echo 1 > /proc/sys/net/ipv4/ip_forward
- Verify the setting is now 1 (true):
cat /proc/sys/net/ipv4/ip_forward
A return of 1 indicates the value is set to 1 (true). This indicates forwarding of container packets by the host is enabled.
- Verify the LDAP server can be pinged from the container.
Additional information concerning Docker container networking and routing is located at :
https://docs.docker.com/v1.5/articles/networking/
Comments