-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
e272a70
commit 94e39ee
Showing
13 changed files
with
620 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,100 @@ | ||
| # k8s搭建教程 | ||
|
|
||
| > 首先下载代码文件 | ||
| ``` | ||
| git clone https://github.com/xiaoxiaoranxxx/POT-ZHIYUN.git | ||
| cd POT-ZHIYUN | ||
| ``` | ||
|
|
||
| ## 编译镜像 | ||
|
|
||
| ``` | ||
| docker build -t install/pot-main:v1 . | ||
| ``` | ||
|
|
||
|  | ||
|
|
||
| ## 创建命名空间和configmap | ||
|
|
||
| ``` | ||
| kubectl create -f pot-mysql-init.yaml | ||
| # 查看创建情况 | ||
| kubectl get configmaps -n pot-zhiyun | ||
| ``` | ||
|
|
||
|  | ||
|
|
||
| ## 创建pv,pvc,mysql | ||
|
|
||
| ``` | ||
| kubectl create -f pot-mysql.yaml | ||
| ``` | ||
|
|
||
|  | ||
|
|
||
| > 查看mysql容器中的init.sql是否成功初始化 | ||
| ``` | ||
| kubectl logs -n pot-zhiyun pot-mysql-0 | ||
| ``` | ||
|
|
||
|  | ||
|
|
||
| ## 创建pv,pvc,web | ||
|
|
||
| ``` | ||
| kubectl create -f pot-web-deployment.yaml | ||
| ``` | ||
|
|
||
|  | ||
|
|
||
| # 确认正常安装 | ||
|
|
||
| ``` | ||
| kubectl get pods -n pot-zhiyun | ||
| ``` | ||
|
|
||
| > pot-zhiyun空间下所有pod都为Running状态 | ||
|  | ||
|
|
||
| ``` | ||
| kubectl get svc -n pot-zhiyun | ||
| ``` | ||
|
|
||
| > 查看svc的状态,pot-web 的NodePort出口端口为31394,因此访问http://127.0.0.1:31394/为200说明搭建成功 | ||
|  | ||
|
|
||
| # 设计思路 | ||
|
|
||
| ## mysql | ||
|
|
||
| > mysql为StatefulSet类型,单数据库来存储 | ||
| > | ||
| > 通过configMap来初始化数据库文件 | ||
| > | ||
| > 通过pv卷来实现持久化存储,默认分配大小为10G | ||
| > | ||
| > 创建一个services,可通过pot-mysql来获取主机名 | ||
| ## web | ||
|
|
||
| > web为Deployment类型,可生成多个pod来实现负载 | ||
| > | ||
| > 通过pv卷来实现runtime目录共享,达到多个pod数据同步问题 | ||
| > | ||
| > pv卷默认分配大小为1G | ||
| > | ||
| > 创建一个services,可通过Local来获取真实IP地址 | ||
| > | ||
| > NodePort会对外映射一个端口 | ||
|
|
||
|
|
||
|
|
||
| > 面对多个扫描器同时扫描可达到负载效果,可以在内网多个节点配置蜜罐来达到内网多节点蜜罐 | ||
|  |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,86 @@ | ||
| apiVersion: v1 | ||
| kind: PersistentVolume | ||
| metadata: | ||
| name: mysql-pv | ||
| namespace: pot-zhiyun | ||
| spec: | ||
| capacity: | ||
| storage: 10Gi | ||
| volumeMode: Filesystem | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| persistentVolumeReclaimPolicy: Retain | ||
| storageClassName: standard-pot-mysql | ||
| hostPath: | ||
| path: /mnt/data/pot-mysql | ||
| --- | ||
| apiVersion: v1 | ||
| kind: PersistentVolumeClaim | ||
| metadata: | ||
| name: mysql-data-pot-mysql | ||
| namespace: pot-zhiyun | ||
| spec: | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| resources: | ||
| requests: | ||
| storage: 10Gi | ||
| storageClassName: standard-pot-mysql | ||
| --- | ||
| apiVersion: apps/v1 | ||
| kind: StatefulSet | ||
| metadata: | ||
| name: pot-mysql | ||
| namespace: pot-zhiyun | ||
| spec: | ||
| serviceName: "pot-mysql" | ||
| replicas: 1 | ||
| selector: | ||
| matchLabels: | ||
| app: pot-mysql | ||
| template: | ||
| metadata: | ||
| labels: | ||
| app: pot-mysql | ||
| spec: | ||
| volumes: | ||
| - name: init-scripts | ||
| configMap: | ||
| name: mysql-initdb-config | ||
| containers: | ||
| - name: pot-mysql | ||
| image: mysql:8.0.22 | ||
| env: | ||
| - name: MYSQL_DATABASE | ||
| value: pot_admin | ||
| - name: MYSQL_USER | ||
| value: root | ||
| - name: MYSQL_ROOT_PASSWORD | ||
| value: pot_admin@123 | ||
| ports: | ||
| - containerPort: 3306 | ||
| volumeMounts: | ||
| - name: mysql-data-pot | ||
| mountPath: /var/lib/mysql | ||
| - name: init-scripts | ||
| mountPath: /docker-entrypoint-initdb.d | ||
| volumeClaimTemplates: | ||
| - metadata: | ||
| name: mysql-data-pot | ||
| spec: | ||
| accessModes: ["ReadWriteOnce"] | ||
| resources: | ||
| requests: | ||
| storage: 10Gi | ||
| --- | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: pot-mysql | ||
| namespace: pot-zhiyun | ||
| spec: | ||
| ports: | ||
| - port: 3306 | ||
| targetPort: 3306 | ||
| selector: | ||
| app: pot-mysql |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| apiVersion: v1 | ||
| kind: PersistentVolumeClaim | ||
| metadata: | ||
| name: mysql-data-pot-web | ||
| namespace: pot-zhiyun | ||
| spec: | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| resources: | ||
| requests: | ||
| storage: 1Gi | ||
| storageClassName: standard-pot-web | ||
| --- | ||
| apiVersion: v1 | ||
| kind: PersistentVolume | ||
| metadata: | ||
| name: pot-web-pv | ||
| spec: | ||
| capacity: | ||
| storage: 1Gi | ||
| volumeMode: Filesystem | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| persistentVolumeReclaimPolicy: Retain | ||
| storageClassName: standard-pot-web | ||
| hostPath: | ||
| path: /mnt/data/pot-web | ||
| --- | ||
| apiVersion: apps/v1 | ||
| kind: Deployment | ||
| metadata: | ||
| name: pot-web | ||
| namespace: pot-zhiyun | ||
| spec: | ||
| replicas: 5 | ||
| selector: | ||
| matchLabels: | ||
| app: pot-web | ||
| template: | ||
| metadata: | ||
| labels: | ||
| app: pot-web | ||
| spec: | ||
| initContainers: | ||
| - name: init-permissions | ||
| image: busybox | ||
| command: ["sh", "-c", "chmod -R 777 /var/www/html/runtime/"] | ||
| volumeMounts: | ||
| - name: mysql-data-pot | ||
| mountPath: /var/www/html/runtime/ | ||
| containers: | ||
| - name: pot-web | ||
| image: install/pot-main:v1 | ||
| ports: | ||
| - containerPort: 80 | ||
| volumeMounts: | ||
| - name: mysql-data-pot | ||
| mountPath: /var/www/html/runtime/ | ||
| volumes: | ||
| - name: mysql-data-pot | ||
| persistentVolumeClaim: | ||
| claimName: mysql-data-pot-web | ||
| --- | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: pot-web | ||
| namespace: pot-zhiyun | ||
| spec: | ||
| type: NodePort | ||
| externalTrafficPolicy: Local | ||
| ports: | ||
| - port: 80 | ||
| targetPort: 80 | ||
| selector: | ||
| app: pot-web |