38def02bf4
- Add new command "front" with flags for replica count and vendor - Implement front app build logic in maker.AppFront method - Add minio to make command list - Add minio and minio-init images to image list - Change EMQX dependency path to "dependency/emqx" - Update app OEM logic to use model.GetVendor for vendor info - Fix app OEM download and rename logic with updated vendor fields - Modify nginx deployment manifest to allow configurable replicas - Update user app mysql address to mysql-cluster-mysql-master.db-mysql:3306 - Add server_license_init.conf generation script for configmap upsert - Clean and reformat imports across several files - Remove unused package files for make.mysql.go, make.redis.go, make.longhorn.go
185 lines
5.4 KiB
YAML
185 lines
5.4 KiB
YAML
apiVersion: v1
|
||
kind: Namespace
|
||
metadata:
|
||
name: db-minio
|
||
---
|
||
apiVersion: batch/v1
|
||
kind: Job
|
||
metadata:
|
||
name: minio-init-job
|
||
namespace: db-minio
|
||
spec:
|
||
template:
|
||
spec:
|
||
restartPolicy: OnFailure
|
||
containers:
|
||
- name: minio-init
|
||
image: hub.yizhisec.com/hybridscope/v3/minio-init:latest
|
||
command:
|
||
- /bin/sh
|
||
- -c
|
||
args:
|
||
- |
|
||
#!/bin/sh
|
||
set -e
|
||
|
||
# Function to add timestamp to log messages
|
||
log() {
|
||
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1"
|
||
}
|
||
|
||
log "Starting MinIO initialization..."
|
||
log "Environment: MINIO_ROOT_USER=admin, MINIO_ROOT_PASSWORD=YizhiSEC@123"
|
||
log "Target MinIO endpoint: http://minio-service:9000"
|
||
|
||
# 等待 MinIO 服务就绪
|
||
log "Phase 1: Waiting for MinIO service to be ready..."
|
||
log "Checking network connectivity to minio-service:9000..."
|
||
|
||
# 首先等待服务可达
|
||
RETRY_COUNT=0
|
||
until timeout 10 nc -z minio-service 9000; do
|
||
RETRY_COUNT=$((RETRY_COUNT + 1))
|
||
log "Attempt $RETRY_COUNT: MinIO service is not reachable - sleeping 5 seconds..."
|
||
sleep 5
|
||
done
|
||
|
||
log "✓ Network connectivity to MinIO service established"
|
||
log "Phase 2: Waiting for MinIO API to respond..."
|
||
|
||
# 然后等待 MinIO API 响应
|
||
RETRY_COUNT=0
|
||
until mc alias set minio http://minio-service:9000 admin YizhiSEC@123; do
|
||
RETRY_COUNT=$((RETRY_COUNT + 1))
|
||
log "Attempt $RETRY_COUNT: MinIO API is not ready - sleeping 5 seconds..."
|
||
sleep 5
|
||
done
|
||
|
||
log "✓ MinIO API is ready and responding"
|
||
|
||
# 创建服务账户
|
||
log "Phase 3: Creating service account..."
|
||
if mc admin user svcacct add minio admin --access-key "pU3bsxic6LGNQbKLhsTf" --secret-key "GGmvLzY4IZUsV1taKA27YpTgN3ieES2DzCrKQe6p"; then
|
||
log "✓ User created successfully"
|
||
else
|
||
log "✗ Failed to create user"
|
||
exit 1
|
||
fi
|
||
|
||
# 创建存储桶
|
||
log "Phase 4: Creating storage buckets..."
|
||
log "Creating bucket: hsv2"
|
||
|
||
if mc mb minio/hsv2; then
|
||
log "✓ Bucket 'hsv2' created successfully"
|
||
else
|
||
log "ℹ Bucket 'hsv2' already exists or creation failed"
|
||
fi
|
||
|
||
# 上传 ipv4.ipdb 文件
|
||
log "Phase 5: Uploading ipv4.ipdb file..."
|
||
log "Checking if /data/ipv4.ipdb exists..."
|
||
|
||
if [ -f "/data/ipv4.ipdb" ]; then
|
||
log "✓ Found ipv4.ipdb file, uploading to hsv2 bucket..."
|
||
if mc cp /data/ipv4.ipdb minio/hsv2/db/ipv4.ipdb; then
|
||
log "✓ Successfully uploaded ipv4.ipdb to hsv2/db/ipv4.ipdb"
|
||
else
|
||
log "✗ Failed to upload ipv4.ipdb file"
|
||
exit 1
|
||
fi
|
||
else
|
||
log "⚠ Warning: /data/ipv4.ipdb file not found, skipping upload"
|
||
fi
|
||
|
||
log "🎉 MinIO initialization completed successfully!"
|
||
log "Summary:"
|
||
log " - MinIO service: Ready"
|
||
log " - Service account: Created for API access"
|
||
log " - Bucket 'hsv2': Available"
|
||
log " - File 'db/ipv4.ipdb': Uploaded to hsv2 bucket"
|
||
|
||
---
|
||
apiVersion: apps/v1
|
||
kind: StatefulSet
|
||
metadata:
|
||
name: minio
|
||
namespace: db-minio
|
||
labels:
|
||
app: minio
|
||
spec:
|
||
serviceName: minio-service
|
||
replicas: 1
|
||
selector:
|
||
matchLabels:
|
||
app: minio
|
||
template:
|
||
metadata:
|
||
labels:
|
||
app: minio
|
||
spec:
|
||
containers:
|
||
- name: minio
|
||
image: hub.yizhisec.com/external/minio:RELEASE.2025-03-12T18-04-18Z
|
||
command:
|
||
- /bin/sh
|
||
- -c
|
||
args:
|
||
- minio server /data --console-address ":9001"
|
||
env:
|
||
- name: MINIO_ROOT_USER
|
||
value: "admin"
|
||
- name: MINIO_ROOT_PASSWORD
|
||
value: "YizhiSEC@123"
|
||
ports:
|
||
- containerPort: 9000
|
||
name: api
|
||
- containerPort: 9001
|
||
name: console
|
||
volumeMounts:
|
||
- name: minio-data
|
||
mountPath: /data
|
||
readinessProbe:
|
||
httpGet:
|
||
path: /minio/health/ready
|
||
port: 9001
|
||
initialDelaySeconds: 15
|
||
timeoutSeconds: 2
|
||
livenessProbe:
|
||
httpGet:
|
||
path: /minio/health/live
|
||
port: 9001
|
||
initialDelaySeconds: 30
|
||
volumes:
|
||
- name: minio-data
|
||
persistentVolumeClaim:
|
||
claimName: minio-data
|
||
volumeClaimTemplates:
|
||
- metadata:
|
||
name: minio-data
|
||
spec:
|
||
accessModes: ["ReadWriteOnce"]
|
||
storageClassName: longhorn
|
||
resources:
|
||
requests:
|
||
storage: %s
|
||
---
|
||
apiVersion: v1
|
||
kind: Service
|
||
metadata:
|
||
name: minio-service
|
||
namespace: db-minio
|
||
spec:
|
||
type: ClusterIP
|
||
selector:
|
||
app: minio
|
||
ports:
|
||
- name: api
|
||
port: 9000
|
||
protocol: TCP
|
||
targetPort: api
|
||
- name: console
|
||
port: 9001
|
||
protocol: TCP
|
||
targetPort: console
|