智云-一个抓取web流量的轻量级蜜罐-k8s快速搭建教程
智云-一个抓取web流量的轻量级蜜罐-k8s快速搭建教程
github地址
https://github.com/xiaoxiaoranxxx/POT-ZHIYUN
k8s搭建教程
首先下载代码文件
git clone https://github.com/xiaoxiaoranxxx/POT-ZHIYUN.git
cd POT-ZHIYUN
编译镜像
代码相关文件在github
https://github.com/xiaoxiaoranxxx/POT-ZHIYUN
docker build -t install/pot-main:v1 .
创建命名空间和configmap
kubectl create -f pot-mysql-init.yaml
# 查看创建情况
kubectl get configmaps -n pot-zhiyun
创建pv,pvc,mysql
kubectl create -f pot-mysql.yaml
查看mysql容器中的init.sql是否成功初始化
kubectl logs -n pot-zhiyun pot-mysql-0
创建pv,pvc,web
kubectl create -f pot-web-deployment.yaml
确认正常安装
kubectl get pods -n pot-zhiyun
pot-zhiyun空间下所有pod都为Running状态
kubectl get svc -n pot-zhiyun
查看svc的状态,pot-web 的NodePort出口端口为31394,因此访问http://127.0.0.1:31394/为200说明搭建成功
设计思路
mysql
mysql为StatefulSet类型,单数据库来存储
通过configMap来初始化数据库文件
通过pv卷来实现持久化存储,默认分配大小为10G
创建一个services,可通过pot-mysql来获取主机名
web
web为Deployment类型,可生成多个pod来实现负载
通过pv卷来实现runtime目录共享,达到多个pod数据同步问题
pv卷默认分配大小为1G
创建一个services,可通过Local来获取真实IP地址
NodePort会对外映射一个端口
面对多个扫描器同时扫描可达到负载效果,可以在内网多个节点配置蜜罐来达到内网多节点蜜罐
相关配置文件
pot-mysql-init.yaml
apiVersion: v1
kind: Namespace
metadata:
name: pot-zhiyun
---
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-initdb-config
namespace: pot-zhiyun
data:
init.sql: |
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
...
pot-mysql.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: mysql-pv
namespace: pot-zhiyun
spec:
capacity:
storage: 10Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: standard-pot-mysql
hostPath:
path: /mnt/data/pot-mysql
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-data-pot-mysql
namespace: pot-zhiyun
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: standard-pot-mysql
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: pot-mysql
namespace: pot-zhiyun
spec:
serviceName: "pot-mysql"
replicas: 1
selector:
matchLabels:
app: pot-mysql
template:
metadata:
labels:
app: pot-mysql
spec:
volumes:
- name: init-scripts
configMap:
name: mysql-initdb-config
containers:
- name: pot-mysql
image: mysql:8.0.22
env:
- name: MYSQL_DATABASE
value: pot_admin
- name: MYSQL_USER
value: root
- name: MYSQL_ROOT_PASSWORD
value: pot_admin@123
ports:
- containerPort: 3306
volumeMounts:
- name: mysql-data-pot
mountPath: /var/lib/mysql
- name: init-scripts
mountPath: /docker-entrypoint-initdb.d
volumeClaimTemplates:
- metadata:
name: mysql-data-pot
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: pot-mysql
namespace: pot-zhiyun
spec:
ports:
- port: 3306
targetPort: 3306
selector:
app: pot-mysql
pot-web-deployment.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-data-pot-web
namespace: pot-zhiyun
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: standard-pot-web
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: pot-web-pv
spec:
capacity:
storage: 1Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: standard-pot-web
hostPath:
path: /mnt/data/pot-web
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: pot-web
namespace: pot-zhiyun
spec:
replicas: 5
selector:
matchLabels:
app: pot-web
template:
metadata:
labels:
app: pot-web
spec:
initContainers:
- name: init-permissions
image: busybox
command: ["sh", "-c", "chmod -R 777 /var/www/html/runtime/"]
volumeMounts:
- name: mysql-data-pot
mountPath: /var/www/html/runtime/
containers:
- name: pot-web
image: install/pot-main:v1
ports:
- containerPort: 80
volumeMounts:
- name: mysql-data-pot
mountPath: /var/www/html/runtime/
volumes:
- name: mysql-data-pot
persistentVolumeClaim:
claimName: mysql-data-pot-web
---
apiVersion: v1
kind: Service
metadata:
name: pot-web
namespace: pot-zhiyun
spec:
type: NodePort
externalTrafficPolicy: Local
ports:
- port: 80
targetPort: 80
selector:
app: pot-web