部署 JumpServer 01 节点

    • JumpServer_Node_01 服务器信息如下:

    2.1 安装 NFS 依赖包

    2. showmount -e 192.168.100.11
    1. # 将 Core 持久化目录挂载到 NFS, 默认 /opt/jumpserver/core/data, 请根据实际情况修改
    2. # JumpServer 持久化目录定义相关参数为 VOLUME_DIR, 在安装 JumpServer 过程中会提示
    3. mkdir /opt/jumpserver/core/data
    4. mount -t nfs 192.168.100.11:/data /opt/jumpserver/core/data

    2.3 配置 NFS 共享目录开机自动挂载

    1. cd /opt
    2. yum -y install wget
    3. wget https://github.com/jumpserver/installer/releases/download/v3.0.1/jumpserver-installer-v3.0.1.tar.gz
    4. tar -xf jumpserver-installer-v3.0.1.tar.gz
    5. cd jumpserver-installer-v3.0.1

    3.2 修改临时配置文件

    1. vi config-example.txt
    1. ./jmsctl.sh install
    1.        ██╗██╗   ██╗███╗   ███╗██████╗ ███████╗███████╗██████╗ ██╗   ██╗███████╗██████╗
    2.        ██║██║   ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║   ██║██╔════╝██╔══██╗
    3.        ██║██║   ██║██╔████╔██║██████╔╝███████╗█████╗  ██████╔╝██║   ██║█████╗  ██████╔╝
    4.   ██   ██║██║   ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝  ██╔══██╗╚██╗ ██╔╝██╔══╝  ██╔══██╗
    5.   ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║     ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║
    6.    ╚════╝  ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝
    8.                                                                      Version:  v3.0.1
    11. 1. 检查配置文件
    12. 配置文件位置: /opt/jumpserver/config
    13. /opt/jumpserver/config/config.txt  [  ]
    14. /opt/jumpserver/config/nginx/lb_rdp_server.conf  [  ]
    15. /opt/jumpserver/config/nginx/lb_ssh_server.conf  [  ]
    16. /opt/jumpserver/config/nginx/cert/server.crt  [  ]
    17. /opt/jumpserver/config/nginx/cert/server.key  [  ]
    18. 完成
    20. 2. 备份配置文件
    21. 备份至 /opt/jumpserver/config/backup/config.txt.2021-07-15_22-26-13
    22. 完成
    24. >>> 安装配置 Docker
    25. 1. 安装 Docker
    26. 开始下载 Docker 程序 ...
    27. 开始下载 Docker Compose 程序 ...
    28. 完成
    30. 2. 配置 Docker
    31. 完成
    33. 3. 启动 Docker
    34. Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
    35. 完成
    37. >>> 加载 Docker 镜像
    39. Docker: Pulling from jumpserver/koko:v3.0.1         [ OK ]
    40. Docker: Pulling from jumpserver/web:v3.0.1      [ OK ]
    41. Docker: Pulling from jumpserver/redis:6-alpine      [ OK ]
    42. Docker: Pulling from jumpserver/mysql:5             [ OK ]
    43. Docker: Pulling from jumpserver/lion:v3.0.1         [ OK ]
    45. >>> 安装配置 JumpServer
    46. 1. 配置网络
    47. 是否需要支持 IPv6? (y/n)  (默认为 n): n
    48. 完成
    50. 2. 配置加密密钥
    51. SECRETE_KEY:     YTE2YTVkMTMtMGE3MS00YzI5LWFlOWEtMTc2OWJlMmIyMDE2
    52. BOOTSTRAP_TOKEN: YTE2YTVkMTMtMGE3
    53. 完成
    55. 3. 配置持久化目录
    56. 是否需要自定义持久化存储, 默认将使用目录 /opt/jumpserver? (y/n)  (默认为 n): n
    57. 完成
    59. 4. 配置 MySQL
    60. 是否使用外部 MySQL? (y/n)  (默认为 n): y
    61. 请输入 MySQL 的主机地址 (无默认值): 192.168.100.11
    62. 请输入 MySQL 的端口 (默认为3306): 3306
    63. 请输入 MySQL 的数据库(事先做好授权) (默认为jumpserver): jumpserver
    64. 请输入 MySQL 的用户名 (无默认值): jumpserver
    65. 请输入 MySQL 的密码 (无默认值): KXOeyNgDeTdpeu9q
    66. 完成
    68. 5. 配置 Redis
    69. 是否使用外部 Redis? (y/n)  (默认为 n): y
    70. 请输入 Redis 的主机地址 (无默认值): 192.168.100.11
    71. 请输入 Redis 的端口 (默认为6379): 6379
    72. 请输入 Redis 的密码 (无默认值): KXOeyNgDeTdpeu9q
    73. 完成
    75. 6. 配置对外端口
    76. 是否需要配置 JumpServer 对外访问端口? (y/n)  (默认为 n): n
    77. 完成
    79. 7. 初始化数据库
    80. Creating network "jms_net" with driver "bridge"
    81. Creating jms_redis ... done
    82. 2021-07-15 22:39:52 Collect static files
    83. 2021-07-15 22:39:52 Collect static files done
    84. 2021-07-15 22:39:52 Check database structure change ...
    85. 2021-07-15 22:39:52 Migrate model change to database ...
    86. 475 static files copied to '/opt/jumpserver/data/static'.
    87. Operations to perform:
    89. Running migrations:
    90.   Applying contenttypes.0001_initial... OK
    91.   Applying contenttypes.0002_remove_content_type_name... OK
    92.   Applying auth.0001_initial... OK
    93.   Applying auth.0002_alter_permission_name_max_length... OK
    94.   Applying auth.0003_alter_user_email_max_length... OK
    95.   Applying auth.0004_alter_user_username_opts... OK
    96.   Applying auth.0005_alter_user_last_login_null... OK
    97.   Applying auth.0006_require_contenttypes_0002... OK
    98.   Applying auth.0007_alter_validators_add_error_messages... OK
    99.   Applying auth.0008_alter_user_username_max_length... OK
    100.   ...
    101.   Applying sessions.0001_initial... OK
    102.   Applying terminal.0032_auto_20210302_1853... OK
    103.   Applying terminal.0033_auto_20210324_1008... OK
    104.   Applying terminal.0034_auto_20210406_1434... OK
    105.   Applying terminal.0035_auto_20210517_1448... OK
    106.   Applying terminal.0036_auto_20210604_1124... OK
    107.   Applying terminal.0037_auto_20210623_1748... OK
    108.   Applying tickets.0008_auto_20210311_1113... OK
    109.   Applying tickets.0009_auto_20210426_1720... OK
    111. >>> 安装完成了
    112. 1. 可以使用如下命令启动, 然后访问
    113. cd /root/jumpserver-installer-v3.0.1
    114. ./jmsctl.sh start
    116. 2. 其它一些管理命令
    117. ./jmsctl.sh stop
    118. ./jmsctl.sh restart
    119. ./jmsctl.sh backup
    120. ./jmsctl.sh upgrade
    121. 更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
    123. 3. Web 访问
    124. http://192.168.100.212:80
    125. 默认用户: admin  默认密码: admin
    127. 4. SSH/SFTP 访问
    128. ssh -p2222 admin@192.168.100.212
    129. sftp -P2222 admin@192.168.100.212
    131. 5. 更多信息
    132. 我们的官网: https://www.jumpserver.org/
    133. 我们的文档: https://docs.jumpserver.org/

    3.4 启动 JumpServer 服务

    1. Creating network "jms_net" with driver "bridge"
    2. Creating jms_core      ... done
    3. Creating jms_celery    ... done
    4. Creating jms_lion      ... done
    5. Creating jms_koko      ... done
    7. Creating jms_web       ... done