Jumpserver 环境要求:
硬件配置: 2个CPU核心, 4G 内存, 50G 硬盘(最低)
操作系统: Linux 发行版 x86_64
Python = 3.6.x
Mysql Server ≥ 5.6
Mariadb Server ≥ 5.5.56
Redis
这里redis/mysql均使用 docker,由于上篇文章docker在部署owncloud时,已经部署过mysql5.7,这里直接使用,再部署一个redis即可。
搜索镜像
#docker search redis
拉取镜像
#docker pull redis
启动运行
docker run -d --name redis --restart always -p 6379:6379 -v /data/redis/config:/etc/redis -v /data/redis/data:/data redis redis-server /etc/redis/redis.conf --requirepass "123." --appendonly yes
查询docker中redis的IP地址
docker inspect redis | grep IPAddress
拉去dump镜像
[root@izuf61mqd75uk09tjnh7dfz conf.d]# docker search jumpserver
[root@izuf61mqd75uk09tjnh7dfz conf.d]# docker pull docker.io/jumpserver/jms_all
#:根据官网jumpserver写启动信息
#注意先设置key 和torken
$ if [ "$SECRET_KEY" = "" ]; then SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`; echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc; echo $SECRET_KEY; else echo $SECRET_KEY; fi
$ if [ "$BOOTSTRAP_TOKEN" = "" ]; then BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`; echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc; echo $BOOTSTRAP_TOKEN; else echo $BOOTSTRAP_TOKEN; fi
启动jumpserver
docker run --name jumpserver -d \
-v /data/jumpdata:/opt/jumpserver/data/media \
-v /etc/localtime:/etc/localtime:ro \
-p 83:80 \
-p 2222:2222 \
-e SECRET_KEY=KPV73hi5nq3lCj6pacy38HCNMciZ2tEtEMeO4Y6bSNFY \
-e BOOTSTRAP_TOKEN=MywxZVG2o4 \
-e DB_HOST=172.17.0.2 \
-e DB_PORT=3306 \
-e DB_USER=root \
-e DB_PASSWORD=11qwe \
-e DB_NAME=jump \
-e REDIS_HOST=172.17.0.3 \
-e REDIS_PORT=6379 \
-e REDIS_PASSWORD=123. \
docker.io/jumpserver/jms_all:latest
查看日志是否启动成功:
[root@izuf61mqd75uk09tjnh7dfz conf.d]# docker logs -f jumpserver
Collect static file done
Wed Oct 23 16:19:17 2019
Jumpserver version 1.5.2, more see https://www.jumpserver.org
- Start Gunicorn WSGI HTTP Server
Check database connection ...
Database connect success
Check database structure change ...
Migrate model change to database ...
Collect static files
- Start Celery as Distributed Task Queue
- Start Beat as Periodic Task Scheduler
gunicorn is running: 59
celery is running: 76
beat is running: 78
Use eventlet dispatch
Start coco process
Use eventlet dispatch
Start coco process
Use eventlet dispatch
Start coco process
guacd[121]: INFO: Guacamole proxy daemon (guacd) version 1.0.0 started
Starting guacd: SUCCESS
Tomcat started.
Jumpserver ALL 1.5.2
官网 http://www.jumpserver.org
文档 http://docs.jumpserver.org
有问题请参考 http://docs.jumpserver.org/zh/docs/faq.html
进入容器命令 docker exec -it jms_all /bin/bash
配置nginx
[root@izuf61mqd75uk09tjnh7dfz conf.d]# more jump.conf
upstream jump_server{
server 127.0.0.1:83;
}
server {
listen 80;
server_name jump.****.cn;
access_log /etc/nginx/log/jump.access.log;
error_log /etc/nginx/log/jump.error.log;
proxy_set_header X-Forwarded-For $remote_addr;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header Cache-Control "no-cache";
proxy_pass http://jump_server;
limit_rate 256m;
client_max_body_size 0;
}
}
访问:http://jump.****.cn
默认用户密码:admin/admin