WARNING: This project is not production ready, so use at your own risk!
This project is an experiment to run an fully integrated on-demand kerberos cluster using docker. The components include:
- MIT Kerberos KDC (Key Distribution Center)
- MIT Kerberos Administration Server
- 389ds LDAP Directory Server
- BIND DNS Server
Possible use cases might be:
- Testing configuration changes
- Testing performance/upgrades
- Running applications which require kerberos authentication (Definitely not production!)
The docker-compose config expects the following environment variables to be defined - either in a .env file, or individual environment variables:
# Directory on host to use as volume to store configs
KRB_SRC_CONF_LOC=
# Mount location in container for kerberos configs
KRB_CONF_MNT=
# Directory on host to use as volume to store keytabs
KRB_SRC_KEYTAB_LOC=
# Mount location in container for keytabs
KRB_KEYTAB_MNT=
# Directory on host to store kerberos state information
KRB_SRC_STATE_LOC=
# Mount location within container for kerberos state info
KRB_SRC_STATE_MNT=
# Directory on host to store logs
KRB_SRC_LOG=
# Mount location within container to store logs
KRB_LOGS_MNT=
# Master Password
KRB_MASTER_PASS=
# Default domain to use
KRB_DOMAIN=
# Default Realm KDC will be managing
KRB_REALM=
# Kerberos Server Hostname
KRB_SERVER_HOSTNAME=
# Domain name of the server hosting the admin server
KRB_ADMIN_SERVER=
# Domain name of the server hosting the KDC server
KRB_KDC_SERVER=docker-compose upLicensed under the MIT License