• Yearning介绍及三种方式安装


    介绍

    Yearning MYSQL 是一个SQL语句审核平台。提供查询审计,SQL审核等多种功能,支持Mysql,可以在一定程度上解决运维与开发之间的那一环,功能丰富,代码开源,安装部署容易!

    开源地址

    https://gitee.com/cookieYe/Yearning

    功能介绍

    • SQL查询查询导出查询自动补全

    • SQL审核流程化工单SQL语句检测SQL语句执行SQL回滚

    • 历史审核记录

    • 查询审计

    • 推送E-mail工单推送钉钉webhook机器人工单推送

    • 其他LDAP登陆用户权限及管理拼图式细粒度权限划分(共12项独立权限,可随意组合)

    模块介绍

    • Dashboard

    dashboard主要展示Yearning各项数据包括用户数/数据源数/工单数/查询数以及其他图表,个人信息栏内用户可以修改密码/邮箱/真实姓名,同时可以查看该用户权限以及申请权限

     

    • 我的工单

    展示用户提交的工单信息.,对于执行失败/驳回的工单点击详细信息后可以重新修改sql并提交

    对于执行成功的工单可以查看回滚语句并且快速提交SQL

     

    • 工单DLL

    DDL相关SQL提交审核,查看表结构/索引,SQL语法高亮/自动补全

    • DML审核

    DML相关SQL提交审核,SQL语法高亮/自动补全

    • 查询

    查询/导出数据 SQL语法高亮/自动补全 快速DML语句提交

    • 工单审核

    DDL/DML管理员审核并执行

    • 查询审核

    用户查询审核

    • 权限审核

    用户权限审核

    • 用户管理

    创建/修改/删除用户

    • 数据库管理

    添加/编辑/删除 数据源

    • 用户权限

    用户权限修改/清空

    • 基础设置和进阶设置

    设置消息推送相关信息 包括钉钉机器人/email,设置LDAP相关信息,全局配置信息,全局配置开关

     

    • 审核规则

    设置SQL检测规则

    审核流程

    Yearning采用二级/多级的审核模式,可根据实际需求变更相关使用流程,执行人角色必须在开启多级审核之后才可指定(开启请前往设置页面),如果需要将多级审核改为二级审核,请先确保所有多级审核的工单都已确认执行。否则未执行工单将无法找回。当多级审核关闭后系统并不会自动将角色为执行人的用户重置角色,请自行重置相应用户角色

    二级审核流程:

    • 1.使用人根据自己拥有的权限向对应的工单提交单元(DDL,DML)提交工单

    • 2.管理员收到消息后在审核工单页面审核该工单请求并执行/驳回 对应工单

    • 3.执行记录将会记录在该管理员用户下

    多级审核流程:

    • 1.使用人根据自己拥有的权限向对应的工单提交单元(DDL,DML)提交工单,

    • 2.管理员收到消息后在审核工单页面审核该工单请求并同意/驳回 对应工单并选择对应执行人(执行人必须是角色为执行人的用户)

    • 3.执行人收到工单后 执行/驳回该工单

    • 4.执行记录将会记录在该执行人用户下

    普通安装

    Yearning 不依赖于任何第三方SQL审核工具作为审核引擎,内部已自己实现审核/回滚相关逻辑。仅依赖Mysql数据库。mysql版本必须5.7及以上版本,请事先自行安装完毕且创建Yearning库,字符集应为UTF-8/UTF8mb4 (仅Yearning所需mysql版本)Yearning日志仅输出error级别,没有日志即可认为无运行错误!Yearning 基于1080p分辨率开发仅支持1080p及以上显示器访问(可到官网下载二进制文件)

    [root@iZbp143t3oxhfc3ar7jey0Z ~]# ll
    total 814104
    -rw-r--r-- 1 root  root         39 Mar 16 17:58 aaa.text
    -rw-r--r-- 1 root  root          0 Mar 16 21:12 b
    -rw------- 1 root  root  500336640 Feb 21 22:15 elasticsearch.tar
    -rw-r--r-- 1 root  root         25 Mar 16 21:25 file.txt
    drwxr-xr-x 4 root  root       4096 Mar  3 13:57 littleTools
    drwxr-xr-x 2 root  root       4096 Feb 17 21:39 mysql-5.6.35-linux-glibc2.5-x86_64
    -rw-r--r-- 1 root  root  314581668 Feb 17 21:38 mysql-5.6.35-linux-glibc2.5-x86_64.tar.gz
    -rw-r--r-- 1 root  root     398872 Mar 16 00:29 netcat-0.7.1.tar.gz
    drwxrwxr-x 5 test1 test1      4096 Feb 21 19:41 ngx_openresty-1.9.7.1
    -rw-r--r-- 1 root  root    3548444 Dec 25  2015 ngx_openresty-1.9.7.1.tar.gz
    -rw-r--r-- 1 root  root       1062 Mar  6 00:07 passwd
    drwxrwxr-x 6 root  root       4096 Mar 17 18:42 redis-4.0.12
    -rw-r--r-- 1 root  root    1740544 Dec 12  2018 redis-4.0.12.tar.gz
    -rw-r--r-- 1 root  root   12981868 Mar 17 19:22 Yearning-2.2.0-fix2.linux-amd64.zip
    drwxr-xr-x 3 root  root       4096 Mar 16 10:07 Yearning-go
    [root@iZbp143t3oxhfc3ar7jey0Z ~]# cd Yearning-go
    [root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ll
    total 8404
    -rw-r--r-- 1 root root     127 Aug  2  2019 conf.toml
    drwxr-xr-x 6 root root    4096 Mar 17 09:57 dist
    -rw-r--r-- 1 root root     620 Jan  9 10:06 docker-compose.yml
    -rw-r--r-- 1 root root     597 Aug 21  2019 Dockerfile
    -rw-r--r-- 1 root root     177 Aug 23  2019 # README
    -rwxr--r-- 1 root root 8579816 Mar 17 09:58 Yearning
    -rw-r--r-- 1 root root     283 Jan 15 16:55 yearning.service
    [root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# vim conf.toml
    [root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ll
    total 8404
    -rw-r--r-- 1 root root     171 Mar 17 19:25 conf.toml
    drwxr-xr-x 6 root root    4096 Mar 17 09:57 dist
    -rw-r--r-- 1 root root     620 Jan  9 10:06 docker-compose.yml
    -rw-r--r-- 1 root root     597 Aug 21  2019 Dockerfile
    -rw-r--r-- 1 root root     177 Aug 23  2019 # README
    -rwxr--r-- 1 root root 8579816 Mar 17 09:58 Yearning
    -rw-r--r-- 1 root root     283 Jan 15 16:55 yearning.service
    [root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ./Yearning -h
    version: Yearning/2.2.0 author: HenryYee
    Usage: Yearning [-m migrate] [-p port] [-s start] [-b web-bind] [-h help] [-c config file]
    
    Options:
     -s  启动Yearning
     -m  数据初始化(第一次安装时执行)
     -p  端口
     -b  钉钉/邮件推送时显示的平台地址
     -x  表结构修复,升级时可以操作。如出现错误可直接忽略。
     -h  帮助
     -c  配置文件路径
     -k  用户权限变更为权限组(2.1.7以下升级至2.1.7及以上使用)
     -f  初始化Admin用户密码
    [root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ./Yearning -m
    
    (/var/jenkins_home/workspace/Yearning-go/src/service/migrate.go:31)
    [2020-03-17 19:25:53]  [8.97ms]  INSERT  INTO `core_accounts` (`username`,`password`,`rule`,`department`,`real_name`,`email`) VALUES ('admin','pbkdf2_sha256$120000$cHnTX55niNFu$b9peQgq7+P85E4Qb8q30SeOnxJPPiKryj5VK9foAR7U=','admin','DBA','超级管理员','')
    [1 rows affected or returned ]
    
    (/var/jenkins_home/workspace/Yearning-go/src/service/migrate.go:39)
    [2020-03-17 19:25:53]  [22.81ms]  INSERT  INTO `core_global_configurations` (`authorization`,`ldap`,`message`,`other`,`stmt`,`audit_role`,`board`) VALUES ('global','{"url":"","user":"","password":"","type":1,"sc":"","ldaps":false}','{"web_hook":"","host":"","port":25,"user":"","password":"","to_user":"","mail":false,"ding":false,"ssl":false}','{"limit":"1000","idc":["Aliyun","AWS"],"multi":false,"query":false,"exclude_db_list":[],"insulate_word_list":[],"register":false,"export":false,"per_order":2,"ex_query_time":60,"query_timeout":0}',0,'{"DMLInsertColumns":false,"DMLMaxInsertRows":10,"DMLWhere":false,"DMLOrder":false,"DMLSelect":false,"DDLCheckTableComment":false,"DDlCheckColumnComment":false,"DDLCheckColumnNullable":false,"DDLCheckColumnDefault":false,"DDLTimeFieldDefault":false,"DDLEnableAcrossDBRename":false,"DDLEnableAutoincrementInit":false,"DDLEnableAutoIncrement":false,"DDLEnableAutoincrementUnsigned":false,"DDLEnableDropTable":false,"DDLEnableDropDatabase":false,"DDLEnableNullIndexName":false,"DDLIndexNameSpec":false,"DDLMaxKeyParts":5,"DDLMaxKey":5,"DDLMaxCharLength":10,"MaxTableNameLen":10,"MaxAffectRows":1000,"MaxDDLAffectRows":0,"EnableSetCollation":false,"EnableSetCharset":false,"SupportCharset":"","SupportCollation":"","CheckIdentifier":false,"MustHaveColumns":"","DDLMultiToSubmit":false,"DDLPrimaryKeyMust":false,"DDLAllowColumnType":false,"DDLImplicitTypeConversion":false,"DMLMinimalRollback":false,"DDLAllowPRINotInt":false,"IsOSC":false,"OscBinDir":"","OscDropNewTable":false,"OscDropOldTable":false,"OscCheckReplicationFilters":false,"OscCheckAlter":false,"OscAlterForeignKeysMethod":"rebuild_constraints","OscMaxLag":1,"OscRecursionMethod":"processlist","OscCheckInterval":1,"OscMaxThreadConnected":25,"OscMaxThreadRunning":25,"OscCriticalThreadConnected":20,"OscCriticalThreadRunning":20,"OscPrintSql":false,"OscChunkTime":0.5,"OscSize":0,"AllowCreateView":false,"AllowCreatePartition":false,"AllowSpecialType":false}','')
    [1 rows affected or returned ]
    
    (/var/jenkins_home/workspace/Yearning-go/src/service/migrate.go:46)
    [2020-03-17 19:25:53]  [5.59ms]  INSERT  INTO `core_graineds` (`username`,`rule`,`permissions`,`group`) VALUES ('admin','','{"ddl":"1","ddl_source":[],"dml":"1","dml_source":[],"user":"1","base":"1","auditor":[],"query":"1","query_source":[]}',NULL)
    [1 rows affected or returned ]
    初始化成功!
     用户名: admin
    密码:Yearning_admin
    [root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ./Yearning -s
    检查更新.......
    数据已更新!
    
    __    __  _____       ___   _____    __   _   _   __   _   _____
       / / | ____|     /   | |  _    |   | | | | |   | | /  ___|
      / /  | |__      / /| | | |_| |  |   | | | | |   | | | |
        /   |  __|    / / | | |  _  /  | |   | | | | |   | | |  _
      / /    | |___   / /  | | | |    | |   | | | | |   | | |_| |
     /_/     |_____| /_/   |_| |_|  \_ |_|  \_| |_| |_|  \_| \_____/  vgolang.ver
    
    Welcome to Yearning
    https://yearning.io
    ____________________________________O/_______
                                        O
    ⇨ http server started on [::]:8000
    {"time":"2020-03-17T19:29:24.38804852+08:00","level":"ERROR","prefix":"echo","fi                                                                                        le":"dbmanage.go","line":"173","message":"Error 1045: Access denied for user 'ro                                                                                        ot'@'47.111.232.99' (using password: YES)"}
    {"time":"2020-03-17T19:56:05.800777325+08:00","level":"ERROR","prefix":"echo","f                                                                                        ile":"group.go","line":"100","message":"code=400, message=Unmarshal type error:                                                                                         expected=[]string, got=bool, field=Permission.ddl_source, offset=124"}

     Docker 方式安装

    [root@iZ1la3d1xbmukrZ Yearning-go]# docker build  -t yearning .
    Sending build context to Docker daemon  25.39MB
    Step 1/15 : FROM alpine:latest
    latest: Pulling from library/alpine
    c9b1b535fdd9: Pull complete
    Digest: sha256:ab00606a42621fb68f2ed6ad3c88be54397f981a7b70a79db3d1172b11c4367d
    Status: Downloaded newer image for alpine:latest
     ---> e7d92cdc71fe
    Step 2/15 : LABEL maintainer="HenryYee-2019/08/13"
     ---> Running in 4aade2c7d662
    Removing intermediate container 4aade2c7d662
     ---> 93d53642bc8b
    Step 3/15 : EXPOSE 8000
     ---> Running in 6d8d737e5f56
    Removing intermediate container 6d8d737e5f56
     ---> 70c9617c2085
    Step 4/15 : COPY Yearning  /opt/Yearning
     ---> fa38bfbc447f
    Step 5/15 : COPY dist /opt/dist
     ---> 99524d79fef4
    Step 6/15 : COPY conf.toml /opt/conf.toml
     ---> f9c1912a709c
    Step 7/15 : RUN mkdir /lib64 && ln -s /lib/libc.musl-x86_64.so.1 /lib64/ld-linux-x86-64.so.2
     ---> Running in 4347dc7c2530
    Removing intermediate container 4347dc7c2530
     ---> a172c01b05ab
    Step 8/15 : RUN echo "http://mirrors.ustc.edu.cn/alpine/v3.3/main/" > /etc/apk/repositories
     ---> Running in d46ffc850734
    Removing intermediate container d46ffc850734
     ---> 2b952b857705
    Step 9/15 : RUN apk add --no-cache tzdata
     ---> Running in 84b172beade5
    fetch http://mirrors.ustc.edu.cn/alpine/v3.3/main/x86_64/APKINDEX.tar.gz
    (1/1) Installing tzdata (2015g-r0)
    Executing busybox-1.31.1-r9.trigger
    OK: 9 MiB in 15 packages
    Removing intermediate container 84b172beade5
     ---> 6829de9be4c8
    Step 10/15 : RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
     ---> Running in f92a5657e2d5
    Removing intermediate container f92a5657e2d5
     ---> e315e0269def
    Step 11/15 : RUN echo "Asia/Shanghai" >> /etc/timezone
     ---> Running in a8c6316b5b57
    Removing intermediate container a8c6316b5b57
     ---> dc6ba5a8ec35
    Step 12/15 : RUN echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' >> /etc/nsswitch.conf
     ---> Running in d74577729bad
    Removing intermediate container d74577729bad
     ---> 7f1d92ace6fb
    Step 13/15 : WORKDIR /opt
     ---> Running in f18d0dff2864
    Removing intermediate container f18d0dff2864
     ---> 9395ce234ec9
    Step 14/15 : ENTRYPOINT  ["/opt/Yearning"]
     ---> Running in cd718743cc95
    Removing intermediate container cd718743cc95
     ---> 2d4ae2f00b84
    Step 15/15 : CMD ["-m", "-s"]
     ---> Running in b20f152e339d
    Removing intermediate container b20f152e339d
     ---> 093cd1b642a3
    Successfully built 093cd1b642a3
    Successfully tagged yearning:latest
    [root@iZ1la3d1xbmukrZ Yearning-go]# docker images
    REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
    yearning                        latest              093cd1b642a3        7 seconds ago       32.2MB
    sonatype/nexus3                 latest              7e6931b4cdf2        3 weeks ago         640MB
    wojiushixiaobai/jms_guacamole   1.5.6               af71674d07a4        6 weeks ago         659MB
    wojiushixiaobai/jms_koko        1.5.6               2561f1397767        6 weeks ago         357MB
    alpine                          latest              e7d92cdc71fe        8 weeks ago         5.59MB
    sonatype/nexus                  pro-2.14.16         f27405473ed3        8 weeks ago         482MB
    sonatype/nexus                  oss                 8027e6db5d67        8 weeks ago         452MB
    jpetazzo/nsenter                latest              4167ddcfcec6        13 months ago       375MB
    [root@iZ1la3d1xbmukrZ Yearning-go]# docker run -d -it -p 8000:8000 -e MYSQL_USER=root -e MYSQL_ADDR=rm-bp1y5jh712124eh9clo.mysql.rds.aliyuncs.com:3306 -e MYSQL_PASSWORD=1qaz@WSX -e MYSQL_DB=sqlcheck yearning
    e84f849d7742545b2af488e84aac5092f9ebb44e2d14fa1f2c7b4bf4285474df
    [root@iZ1la3d1xbmukrZ Yearning-go]# docker ps -l
    CONTAINER ID        IMAGE               COMMAND                 CREATED             STATUS              PORTS                    NAMES
    e84f849d7742        yearning            "/opt/Yearning -m -s"   5 seconds ago       Up 3 seconds        0.0.0.0:8000->8000/tcp   affectionate_jepsen
    [root@iZ1la3d1xbmukrZ Yearning-go]# lsof -i:8000
    -bash: lsof: command not found
    [root@iZ1la3d1xbmukrZ Yearning-go]# netstat -nltp |grep 8000
    tcp6       0      0 :::8000                 :::*                    LISTEN      30400/docker-proxy
    [root@iZ1la3d1xbmukrZ Yearning-go]#

     docker-compose安装

    version: '3'
    
    services:
      yearning:
        image: yearning
        depends_on:
          - mysql
        environment:
          MYSQL_USER: yearning
          MYSQL_PASSWORD: ukC2ZkcG_ZTeb
          MYSQL_ADDR: mysql
          MYSQL_DB: yearning
        ports:
          - 8000:8000
    
      mysql:
        image: mysql:5.7
        environment:
          MYSQL_ROOT_PASSWORD: ukC2ZkcG_ZTeb
          MYSQL_DATABASE: yearning
          MYSQL_USER: yearning
          MYSQL_PASSWORD: ukC2ZkcG_ZTeb
        command:
          - --character-set-server=utf8mb4
          - --collation-server=utf8mb4_unicode_ci

     

     注意:虽然我的第一个应用依赖mysql,但是第一次的时候,还是会显示连不上,需要再执行一次docker-compose up -d 这个时候就会初始化数据库了。

  • 相关阅读:
    Android开发之Path类使用详解,自绘各种各样的图形!
    json数值和结构
    ajax异步请求不能刷新数据的问题
    关于javaBean中boolean类型变量的set和get注入后传到前端JS中的问题
    Js中的window.parent ,window.top,window.self详解
    db2中修改表字段的长度,查看表字段长度,以及查看表字段已存放值大小
    db2数据库中查找数据库表
    分页查询SQL
    ibatis动态语句加and 和不加and
    win7计划任务执行BAT文件问题
  • 原文地址:https://www.cnblogs.com/dalianpai/p/12513458.html
Copyright © 2020-2023  润新知