Glauth K8S
| Channel | Revision | Published | Runs on | 
|---|---|---|---|
| latest/stable | 16 | 20 May 2024 | |
| latest/edge | 56 | 30 Jul 2025 | 
juju deploy glauth-k8s  
        
      Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
Charmed GLAuth K8s Tutorial
This tutorial aims to provide a general walkthrough to set up a fully working
GLAuth server using glauth-k8s charmed operator, MicroK8s, and Juju.
Set up the environment
Follow this guide to bootstrap a MicroK8s cloud running a Juju controller.
Create a Juju model:
juju add-model dev
Deploy prerequisite charmed operators
The glauth-k8s charmed operator requires the following charmed operators
deployed in the MicroK8s cluster:
juju deploy postgresql-k8s --channel 14/stable --trust
juju deploy self-signed-certificates
Deploy glauth-k8s charmed operator
The glauth-k8s charmed operator can be deployed as follows:
juju deploy glauth-k8s --channel edge --trust
Integrate with other charmed operators
The glauth-k8s charmed operator needs to integrate with the postgresql-k8s
and self-signed-certificates charmed operators to reach active state:
juju integrate glauth-k8s postgresql-k8s
juju integrate glauth-k8s self-signed-certificates
The glauth-k8s charmed operator offers the ldap integration with any LDAP
client charmed operator following the ldap interface protocol. Assuming we
have deployed such a client charmed operator, we can proceed to integrate it
with the glauth-k8s:
juju integrate <client-charm>:ldap glauth-k8s:ldap
The GLAuth supports the StartTLS operation, and the glauth-k8s charmed
operator enables it by default. In order to allow the client to trust the
self-signed certificates, we need to integrate the client charmed operator with
the glauth-k8s charmed operator for the certificate_transfer interface
protocol:
juju integrate <client-charm>:send-ca-cert glauth-k8s:send-ca-cert
Furthermore,
the glauth-utils charmed operator allows
us to apply data changes by using
the LDIF. To integrate with
the glauth-utils:
juju deploy glauth-utils --channel edge --trust
juju integrate glauth-k8s glauth-utils
A sample of supported LDIF content records can be found here.
We now should be able to reach to the following deployment status:
$ juju status --relations
Model  Controller          Cloud/Region        Version  SLA          Timestamp
dev    microk8s-localhost  microk8s/localhost  3.2.0    unsupported  16:12:33Z
App                       Version  Status  Scale  Charm                     Channel    Rev  Address         Exposed  Message
client                             active      1  client                                 0  10.152.183.78   no
glauth-k8s                         active      1  glauth-k8s                edge        13  10.152.183.231  no
glauth-utils                       active      1  glauth-utils              edge         4  10.152.183.26   no
postgresql-k8s            14.10    active      1  postgresql-k8s            14/stable  193  10.152.183.163  no       Primary
self-signed-certificates           active      1  self-signed-certificates  stable      72  10.152.183.21   no
Unit                         Workload  Agent  Address      Ports  Message
client/0*                    active    idle   10.1.48.115
glauth-k8s/0*                active    idle   10.1.48.96
glauth-utils/0*              active    idle   10.1.48.107
postgresql-k8s/0*            active    idle   10.1.48.77          Primary
self-signed-certificates/0*  active    idle   10.1.48.86
Integration provider                   Requirer                       Interface             Type     Message
glauth-k8s:glauth-auxiliary            glauth-utils:glauth-auxiliary  glauth_auxiliary      regular
glauth-k8s:glauth-peers                glauth-k8s:glauth-peers        glauth_peers          peer
glauth-k8s:ldap                        client:ldap                    ldap                  regular
glauth-k8s:send-ca-cert                client:send-ca-cert            certificate_transfer  regular
postgresql-k8s:database                glauth-k8s:pg-database         postgresql_client     regular
postgresql-k8s:database-peers          postgresql-k8s:database-peers  postgresql_peers      peer
postgresql-k8s:restart                 postgresql-k8s:restart         rolling_op            peer
postgresql-k8s:upgrade                 postgresql-k8s:upgrade         upgrade               peer
self-signed-certificates:certificates  glauth-k8s:certificates        tls-certificates      regular
Tear down the environment
Remove the dev Juju model:
juju destroy-model dev