apiVersion: v1 kind: Namespace metadata: name: db-minio --- apiVersion: batch/v1 kind: Job metadata: name: minio-init-job namespace: db-minio spec: template: spec: restartPolicy: OnFailure containers: - name: minio-init image: hub.yizhisec.com/hybridscope/v3/minio-init:latest command: - /bin/sh - -c args: - | #!/bin/sh set -e # Function to add timestamp to log messages log() { echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" } log "Starting MinIO initialization..." log "Environment: MINIO_ROOT_USER=admin, MINIO_ROOT_PASSWORD=YizhiSEC@123" log "Target MinIO endpoint: http://minio-service:9000" # 等待 MinIO 服务就绪 log "Phase 1: Waiting for MinIO service to be ready..." log "Checking network connectivity to minio-service:9000..." # 首先等待服务可达 RETRY_COUNT=0 until timeout 10 nc -z minio-service 9000; do RETRY_COUNT=$((RETRY_COUNT + 1)) log "Attempt $RETRY_COUNT: MinIO service is not reachable - sleeping 5 seconds..." sleep 5 done log "✓ Network connectivity to MinIO service established" log "Phase 2: Waiting for MinIO API to respond..." # 然后等待 MinIO API 响应 RETRY_COUNT=0 until mc alias set minio http://minio-service:9000 admin YizhiSEC@123; do RETRY_COUNT=$((RETRY_COUNT + 1)) log "Attempt $RETRY_COUNT: MinIO API is not ready - sleeping 5 seconds..." sleep 5 done log "✓ MinIO API is ready and responding" # 创建服务账户 log "Phase 3: Creating service account..." if mc admin user svcacct add minio admin --access-key "pU3bsxic6LGNQbKLhsTf" --secret-key "GGmvLzY4IZUsV1taKA27YpTgN3ieES2DzCrKQe6p"; then log "✓ User created successfully" else log "✗ Failed to create user" exit 1 fi # 创建存储桶 log "Phase 4: Creating storage buckets..." log "Creating bucket: hsv2" if mc mb minio/hsv2; then log "✓ Bucket 'hsv2' created successfully" else log "ℹ Bucket 'hsv2' already exists or creation failed" fi # 上传 ipv4.ipdb 文件 log "Phase 5: Uploading ipv4.ipdb file..." log "Checking if /data/ipv4.ipdb exists..." if [ -f "/data/ipv4.ipdb" ]; then log "✓ Found ipv4.ipdb file, uploading to hsv2 bucket..." if mc cp /data/ipv4.ipdb minio/hsv2/db/ipv4.ipdb; then log "✓ Successfully uploaded ipv4.ipdb to hsv2/db/ipv4.ipdb" else log "✗ Failed to upload ipv4.ipdb file" exit 1 fi else log "⚠ Warning: /data/ipv4.ipdb file not found, skipping upload" fi log "🎉 MinIO initialization completed successfully!" log "Summary:" log " - MinIO service: Ready" log " - Service account: Created for API access" log " - Bucket 'hsv2': Available" log " - File 'db/ipv4.ipdb': Uploaded to hsv2 bucket" --- apiVersion: apps/v1 kind: StatefulSet metadata: name: minio namespace: db-minio labels: app: minio spec: serviceName: minio-service replicas: 1 selector: matchLabels: app: minio template: metadata: labels: app: minio spec: containers: - name: minio image: hub.yizhisec.com/external/minio:RELEASE.2025-03-12T18-04-18Z command: - /bin/sh - -c args: - minio server /data --console-address ":9001" env: - name: MINIO_ROOT_USER value: "admin" - name: MINIO_ROOT_PASSWORD value: "YizhiSEC@123" ports: - containerPort: 9000 name: api - containerPort: 9001 name: console volumeMounts: - name: minio-data mountPath: /data readinessProbe: httpGet: path: /minio/health/ready port: 9001 initialDelaySeconds: 15 timeoutSeconds: 2 livenessProbe: httpGet: path: /minio/health/live port: 9001 initialDelaySeconds: 30 volumes: - name: minio-data persistentVolumeClaim: claimName: minio-data volumeClaimTemplates: - metadata: name: minio-data spec: accessModes: ["ReadWriteOnce"] storageClassName: longhorn resources: requests: storage: %s --- apiVersion: v1 kind: Service metadata: name: minio-service namespace: db-minio spec: type: ClusterIP selector: app: minio ports: - name: api port: 9000 protocol: TCP targetPort: api - name: console port: 9001 protocol: TCP targetPort: console