OpenLDAP多主复制（基于docker容器模式部署）

`master 1` ldap.davidops.info
```
version: '2'
services:
  openldap:
    image: osixia/openldap:1.5.0
    container_name: openldap
    environment:
      LDAP_LOG_LEVEL: "20991"
      LDAP_ORGANISATION: "leg company"
      LDAP_DOMAIN: "davidops.info"
      LDAP_BASE_DN: ""
      LDAP_ADMIN_PASSWORD: "admin123"
      LDAP_CONFIG_PASSWORD: "config123"
      LDAP_READONLY_USER: "false"
      LDAP_READONLY_USER_USERNAME: "readonly"
      LDAP_READONLY_USER_PASSWORD: "readonly"
      LDAP_RFC2307BIS_SCHEMA: "false"
      LDAP_BACKEND: "mdb"
      LDAP_TLS: "true"
      LDAP_TLS_CRT_FILENAME: "fullchain.cer"
      LDAP_TLS_KEY_FILENAME: "*.davidops.info.key"
      LDAP_TLS_CA_CRT_FILENAME: "ca.cer"
      LDAP_TLS_ENFORCE: "false"
      #LDAP_TLS_CIPHER_SUITE: "SECURE256:-VERS-SSL3.0"
      LDAP_TLS_VERIFY_CLIENT: "never"
      LDAP_REPLICATION: "true" #开启多主复制
      LDAP_REPLICATION_CONFIG_SYNCPROV: 'binddn="cn=admin,cn=config" bindmethod=simple credentials="$$LDAP_CONFIG_PASSWORD" searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical'
      LDAP_REPLICATION_DB_SYNCPROV: 'binddn="cn=admin,$$LDAP_BASE_DN" bindmethod=simple credentials="$$LDAP_ADMIN_PASSWORD" searchbase="$$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical'
	  #为同步的服务器列表，必须和hostname对应上，并且保证两台机器网络互相访问正常
      LDAP_REPLICATION_HOSTS: "#PYTHON2BASH:['ldap://ldap.davidops.info','ldap://ldap2.davidops.info']"
      KEEP_EXISTING_CONFIG: "false"
      LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
      LDAP_SSL_HELPER_PREFIX: "ldap"
    tty: true
    stdin_open: true
    volumes:
      - /root/ldap/ldap:/var/lib/ldap
      - /root/ldap/slapd.d:/etc/ldap/slapd.d
      - /root/ldap/certs:/container/service/slapd/assets/certs/
    ports:
      - "389:389"
      - "636:636"
    # For replication to work correctly, domainname and hostname must be
    # set correctly so that "hostname"."domainname" equates to the
    # fully-qualified domain name for the host.
    domainname: "davidops.info"
	#名称可以自定义，但是必须和LDAP_REPLICATION_HOSTS 其中的值一致
    hostname: "ldap.davidops.info"
  phpldapadmin:
    image: osixia/phpldapadmin:latest
    container_name: phpldapadmin
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "openldap"
      PHPLDAPADMIN_HTTPS: "false"
    ports:
      - "8080:80"
    depends_on:
      - openldap
```
---
`master2`ldap2.davidops.info
```
version: '2'
services:
  openldap:
    image: osixia/openldap:1.5.0
    container_name: openldap
    environment:
      LDAP_LOG_LEVEL: "20991"
      LDAP_ORGANISATION: "leg company"
      LDAP_DOMAIN: "davidops.info"
      LDAP_BASE_DN: ""
      LDAP_ADMIN_PASSWORD: "admin123"
      LDAP_CONFIG_PASSWORD: "config123"
      LDAP_READONLY_USER: "false"
      LDAP_READONLY_USER_USERNAME: "readonly"
      LDAP_READONLY_USER_PASSWORD: "readonly"
      LDAP_RFC2307BIS_SCHEMA: "false"
      LDAP_BACKEND: "mdb"
      LDAP_TLS: "true"
      LDAP_TLS_CRT_FILENAME: "fullchain.cer"
      LDAP_TLS_KEY_FILENAME: "*.davidops.info.key"
      LDAP_TLS_CA_CRT_FILENAME: "ca.cer"
      LDAP_TLS_ENFORCE: "false"
      #LDAP_TLS_CIPHER_SUITE: "SECURE256:-VERS-SSL3.0"
      LDAP_TLS_VERIFY_CLIENT: "never"
      LDAP_REPLICATION: "true"
      LDAP_REPLICATION_CONFIG_SYNCPROV: 'binddn="cn=admin,cn=config" bindmethod=simple credentials="$$LDAP_CONFIG_PASSWORD" searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical'
      LDAP_REPLICATION_DB_SYNCPROV: 'binddn="cn=admin,$$LDAP_BASE_DN" bindmethod=simple credentials="$$LDAP_ADMIN_PASSWORD" searchbase="$$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical'
      LDAP_REPLICATION_HOSTS: "#PYTHON2BASH:['ldap://ldap.davidops.info','ldap://ldap2.davidops.info']"
      KEEP_EXISTING_CONFIG: "false"
      LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
      LDAP_SSL_HELPER_PREFIX: "ldap"
    tty: true
    stdin_open: true
    volumes:
      - /root/ldap/ldap:/var/lib/ldap
      - /root/ldap/slapd.d:/etc/ldap/slapd.d
      - /root/ldap/certs:/container/service/slapd/assets/certs/
    ports:
      - "389:389"
      - "636:636"
    # For replication to work correctly, domainname and hostname must be
    # set correctly so that "hostname"."domainname" equates to the
    # fully-qualified domain name for the host.
    domainname: "davidops.info"
    hostname: "ldap2.davidops.info"
  phpldapadmin:
    image: osixia/phpldapadmin:latest
    container_name: phpldapadmin
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "openldap"
      PHPLDAPADMIN_HTTPS: "false"
    ports:
      - "8080:80"
    depends_on:
      - openldap
```