Yearning SQL审核平台（Kubernetes部署）

Yearning SQL审核平台

1：环境

Kubernetes版本：1.23.1
MySQL版本：5.7
Yearning-go 提供二进制下载包
下载地址 https://github.com/cookieY/Yearning/releases
# 下载二进制包, 使用自带的dockerfile构建镜像，

2：操作

更改conf.toml
	SecretKey 是 token/数据库密码加密/解密的 salt。
	建议所有用户在初次安装 Yearning 之前将 SecretKey 更改(不更改将存在安全风险)
	格式: 大小写字母均可, 长度必须为 16 位 如长度不是16位将会导致无法新建数据源
#特别注意:
此 key 仅可在初次安装时更改!之后不可再次更改!如再次更改会导致之前已存放的数据源密码无法解密,最终导致无法获取相关数据源信息

[General]   #数据库加解密key，只可更改一次。
SecretKey = "zxcvnjgfiroskqed"

# 数据库部署：
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysql-dep
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
      - name: mysql
        image: mariadb
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 3306
        env:
        - name: MYSQL_ROOT_PASSWORD
          value: "123456"
---
apiVersion: v1
kind: Service
metadata:
  name: mysql-svc
spec:
  type: NodePort
  ports:
  - port: 3306
    protocol: TCP
    targetPort: 3306
  selector:
    name: mysql-dep

[root@k8s-master ~]# kubectl get svc,pod -o wide
NAME                 TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)          AGE     SELECTOR
service/kubernetes   ClusterIP   172.1.0.1     <none>        443/TCP          64m     <none>
service/mysql-svc    NodePort    172.1.58.62   <none>        3306:32550/TCP   2m41s   name=mysql-dep

NAME                            READY   STATUS    RESTARTS   AGE     IP              NODE        NOMINATED NODE   READINESS GATES
pod/mysql-dep-9bfc49f9f-h9rn6   1/1     Running   0          2m41s   100.1.169.134   k8s-node2   <none>           <none>

# 拉取代码
wget https://github.com/cookieY/Yearning/releases/download/2.3.5/Yearning-2.3.5-linux-amd64.zip
# 构建镜像
docker build -t yearning:2.3.5 .
# 若有私有仓库可将镜像推送到k8s的私有仓库， 我这里直接推送到节点上了

K8S部署yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: yearning
spec:
  replicas: 1
  selector:
    matchLabels:
      app: yearning
  template:
    metadata:
      labels:
        app: yearning
    spec:
      containers:
      - name: yearning
        image: 'yearning:2.3.5'
        imagePullPolicy: IfNotPresent
        ports:
          - containerPort: 8000
        env:
        - name: MYSQL_ADDR
          value: '100.1.169.134:3306'
        - name: MYSQL_USER
          value: "root"
        - name: MYSQL_PASSWORD
          value: "123456"
        - name: MYSQL_DB
          value: "yearning"
---
apiVersion: v1
kind: Service
metadata:
  name: yearning
spec:
  ports:
    - name: http-8000
      port: 8000
      protocol: TCP
      targetPort: 8000
  selector:
    app: yearning
  type: NodePort
  
使用env 变量注入参数，程序启动会先读。再使用Nodeport暴露控台地址

查看SVC并登录后台
[root@k8s-master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
kubernetes   ClusterIP   172.1.0.1      <none>        443/TCP          80m
mysql-svc    NodePort    172.1.58.62    <none>        3306:32550/TCP   18m
yearning     NodePort    172.1.149.28   <none>        8000:30637/TCP   37s

登录后台：
http://IP:30637/

默认账号/密码：admin/Yearning_admin

官方文档
https://yearning.io/

参考文档
https://guide.yearning.io/install.html

登录效果：