1. 安装
0. 官方文档¶
https://docs.jumpserver.org/zh/master/install/setup_by_fast/
1. 一键部署¶
# 在我的腾讯云服务器安装
# 默认会安装到 /opt/jumpserver-installer-v2.17.1 目录
curl -sSL https://github.com/jumpserver/jumpserver/releases/download/v2.17.1/quick_start.sh | bash
ubuntu@4c16g:~$ sudo -i
root@4c16g:~#
root@4c16g:~#
root@4c16g:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dbfec9b1a6b3 calico/node "start_runit" 11 hours ago Up 11 hours k8s_calico-n ode_calico-node-mmtsc_kube-system_31418008-17b8-4d65-a1b8-b96767b6fdf6_0
137c055c8074 registry.aliyuncs.com/google_containers/kube-proxy "/usr/local/bin/kube…" 11 hours ago Up 11 hours k8s_kube-pro xy_kube-proxy-9szr9_kube-system_68215306-d569-4be7-aa19-57953f20f3ce_0
3a225a4b8008 registry.aliyuncs.com/google_containers/pause:3.4.1 "/pause" 11 hours ago Up 11 hours k8s_POD_cali co-node-mmtsc_kube-system_31418008-17b8-4d65-a1b8-b96767b6fdf6_0
d058c1ecc9e8 registry.aliyuncs.com/google_containers/pause:3.4.1 "/pause" 11 hours ago Up 11 hours k8s_POD_kube -proxy-9szr9_kube-system_68215306-d569-4be7-aa19-57953f20f3ce_0
bdfc17c32ea6 kylemanna/openvpn:2.4 "ovpn_run" 12 hours ago Up 12 hours 0.0.0.0:1194->1194/udp, :::1194->1194/udp openvpn
root@4c16g:~#
root@4c16g:~#
root@4c16g:~#
root@4c16g:~#
root@4c16g:~# # 默认会安装到 /opt/jumpserver-installer-v2.17.1 目录
root@4c16g:~# curl -sSL https://github.com/jumpserver/jumpserver/releases/download/v2.17.1/quick_start.sh | bash
download install script to /opt/jumpserver-installer-v2.17.1 (开始下载安装脚本到 /opt/jumpserver-installer-v2.17.1)
██╗██╗ ██╗███╗ ███╗██████╗ ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗
██║██║ ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗
██║██║ ██║██╔████╔██║██████╔╝███████╗█████╗ ██████╔╝██║ ██║█████╗ ██████╔╝
██ ██║██║ ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██╔══╝ ██╔══██╗
╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║
╚════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝
Version: v2.17.1
1. Check Configuration File
Path to Configuration file: /opt/jumpserver/config
/opt/jumpserver/config/config.txt [ √ ]
/opt/jumpserver/config/nginx/cert/server.crt [ √ ]
/opt/jumpserver/config/nginx/cert/server.key [ √ ]
complete
2. Backup Configuration File
Back up to /opt/jumpserver/config/backup/config.txt.2021-12-29_08-58-14
complete
>>> Install and Configure Docker
1. Install Docker
Starting to download Docker Compose binary ...
complete
2. Configure Docker
complete
3. Start Docker
complete
>>> Loading Docker Image
[jumpserver/redis:6-alpine]
6-alpine: Pulling from jumpserver/redis
5843afab3874: Pull complete
f2c041a97bd6: Pull complete
2ab181d61f92: Pull complete
0e735c6f0308: Pull complete
3494533ff85c: Pull complete
09ce5e93ca58: Pull complete
Digest: sha256:8300b885570faad626e569e7b8cfef3407c87050d705ff26e243200cb3f84da8
Status: Downloaded newer image for jumpserver/redis:6-alpine
docker.io/jumpserver/redis:6-alpine
[jumpserver/mysql:5]
5: Pulling from jumpserver/mysql
6ec7b7d162b2: Pull complete
fedd960d3481: Pull complete
7ab947313861: Pull complete
64f92f19e638: Pull complete
3e80b17bff96: Pull complete
014e976799f9: Pull complete
59ae84fee1b3: Pull complete
7d1da2a18e2e: Pull complete
301a28b700b9: Pull complete
979b389fc71f: Pull complete
403f729b1bad: Pull complete
Digest: sha256:b3b2703de646600b008cbb2de36b70b21e51e7e93a7fca450d2b08151658b2dd
Status: Downloaded newer image for jumpserver/mysql:5
docker.io/jumpserver/mysql:5
[jumpserver/web:v2.17.1]
v2.17.1: Pulling from jumpserver/web
97518928ae5f: Pull complete
a15dfa83ed30: Pull complete
acae0b19bbc1: Pull complete
fd4282442678: Pull complete
b521ea0d9e3f: Pull complete
b3282d03aa58: Pull complete
13a77b7b8ed4: Pull complete
d4a46279b4e6: Pull complete
7d7a0cbddcca: Pull complete
0a76f0b82e2a: Pull complete
3bac02ce1b0c: Pull complete
04c71bd48258: Pull complete
4d569ac66b38: Pull complete
Digest: sha256:37885d2d003888f4591faef622263918153516d9f2557319d08c321f64285e67
Status: Downloaded newer image for jumpserver/web:v2.17.1
docker.io/jumpserver/web:v2.17.1
[jumpserver/core:v2.17.1]
v2.17.1: Pulling from jumpserver/core
6ec7b7d162b2: Already exists
80ff6536d04b: Pull complete
2d04da85e485: Pull complete
998aa32a5c8a: Pull complete
7733ef26f344: Pull complete
b8f2de1a0c00: Pull complete
7297b9930c2c: Pull complete
2edf7460c2c4: Pull complete
1bd97879bafd: Pull complete
613fef1df521: Pull complete
fc171ab7f545: Pull complete
914ec0b8407e: Pull complete
999feae3b4af: Pull complete
0a3a2323083c: Pull complete
Digest: sha256:f0be0fcaceab746ef18bf21e489ccd0656282e0273f3e333476b3be913c46ca1
Status: Downloaded newer image for jumpserver/core:v2.17.1
docker.io/jumpserver/core:v2.17.1
[jumpserver/koko:v2.17.1]
v2.17.1: Pulling from jumpserver/koko
35b2232c987e: Pull complete
5f110904fbe7: Pull complete
8fe8d3573868: Pull complete
e46f0575ae24: Pull complete
18c911b31001: Pull complete
b8f427d167b7: Pull complete
11e6c730ebab: Pull complete
cdb10dffd6ab: Pull complete
c1a180cdb501: Pull complete
51032604dab5: Pull complete
5a6abcdcb0e0: Pull complete
92554d8281ed: Pull complete
Digest: sha256:c6364be4ca9ebfd4711c218bcbda5ddcc7810b53a493698f0c852b31762f0097
Status: Downloaded newer image for jumpserver/koko:v2.17.1
docker.io/jumpserver/koko:v2.17.1
[jumpserver/lion:v2.17.1]
v2.17.1: Pulling from jumpserver/lion
b380bbd43752: Pull complete
71e6b03eaa33: Pull complete
e105f5a4e3c0: Pull complete
9fcbfe0c53a1: Pull complete
e1ffa71d1ffd: Pull complete
715f6c4f0bfc: Pull complete
2e557842312b: Pull complete
c609bd0f86c0: Pull complete
5dbc95db5e26: Pull complete
eaad7863563f: Pull complete
47bf606d7633: Pull complete
0abea23f27e1: Pull complete
b3b50d194497: Pull complete
Digest: sha256:e26aa331bc25fb1784ee371a94cf4a1e614395aaab4d8b99e70189d28afb9adb
Status: Downloaded newer image for jumpserver/lion:v2.17.1
docker.io/jumpserver/lion:v2.17.1
complete
>>> Install and Configure JumpServer
1. Configure Network
Do you want to support IPv6? (y/n) (default n): complete
2. Configure Private Key
SECRETE_KEY: YjM4NTZiMmItY2U1Yy00N2FiLTk2MmUtZGU3ZTU5MmIwNTRj
BOOTSTRAP_TOKEN: YjM4NTZiMmItY2U1Yy00N2Fi
complete
3. Configure Persistent Directory
Do you need custom persistent store, will use the default directory /opt/jumpserver? (y/n) (default n): complete
4. Configure MySQL
Do you want to use external MySQL? (y/n) (default n): complete
5. Configure Redis
Do you want to use external Redis? (y/n) (default n): complete
6. Configure External Port
Do you need to customize the JumpServer external port? (y/n) (default n): complete
7. Init JumpServer Database
Creating network "jms_net" with driver "bridge"
Creating jms_redis ... done
Creating jms_mysql ... done
Creating jms_core ... done
2021-12-29 09:03:17 Collect static files
2021-12-29 09:03:17 Collect static files done
2021-12-29 09:03:17 Check database structure change ...
2021-12-29 09:03:17 Migrate model change to database ...
Operations to perform:
Apply all migrations: acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, notifications, ops, orgs, perms, sessions, settings, terminal, tickets, users
Running migrations:
Applying contenttypes.0001_initial... OK
Applying contenttypes.0002_remove_content_type_name... OK
Applying auth.0001_initial... OK
Applying auth.0002_alter_permission_name_max_length... OK
Applying auth.0003_alter_user_email_max_length... OK
Applying auth.0004_alter_user_username_opts... OK
Applying auth.0005_alter_user_last_login_null... OK
Applying auth.0006_require_contenttypes_0002... OK
Applying auth.0007_alter_validators_add_error_messages... OK
Applying auth.0008_alter_user_username_max_length... OK
Applying users.0001_initial... OK
Applying users.0002_auto_20171225_1157_squashed_0019_auto_20190304_1459... OK
Applying authentication.0001_initial... OK
Applying authentication.0002_auto_20190729_1423... OK
Applying authentication.0003_loginconfirmsetting... OK
Applying authentication.0004_ssotoken... OK
Applying acls.0001_initial... OK
Applying acls.0002_auto_20210926_1047... OK
Applying admin.0001_initial... OK
Applying admin.0002_logentry_remove_auto_add... OK
Applying admin.0003_logentry_add_action_flag_choices... OK
Applying users.0020_auto_20190612_1825... OK
Applying users.0021_auto_20190625_1104... OK
Applying users.0022_auto_20190625_1105... OK
Applying users.0023_auto_20190724_1525... OK
Applying users.0024_auto_20191118_1612... OK
Applying users.0025_auto_20200206_1216... OK
Applying users.0026_auto_20200508_2105... OK
Applying users.0027_auto_20200616_1503... OK
Applying users.0028_auto_20200728_1805... OK
Applying users.0029_auto_20200814_1650... OK
Applying users.0030_auto_20200819_2041... OK
Applying users.0031_auto_20201118_1801... OK
Applying tickets.0001_initial... OK
Applying tickets.0002_auto_20200728_1146... OK
Applying tickets.0003_auto_20200804_1551... OK
Applying tickets.0004_ticket_comment... OK
Applying tickets.0005_ticket_meta_confirmed_system_users... OK
Applying tickets.0006_auto_20201023_1628... OK
Applying tickets.0007_auto_20201224_1821... OK
Applying terminal.0001_initial... OK
Applying terminal.0002_auto_20171228_0025_squashed_0009_auto_20180326_0957... OK
Applying terminal.0010_auto_20180423_1140... OK
Applying terminal.0011_auto_20180807_1116... OK
Applying terminal.0012_auto_20180816_1652... OK
Applying terminal.0013_auto_20181123_1113... OK
Applying terminal.0014_auto_20181226_1441... OK
Applying terminal.0015_auto_20190923_1529... OK
Applying terminal.0016_commandstorage_replaystorage... OK
Applying common.0001_initial... OK
Applying common.0002_auto_20180111_1407... OK
Applying common.0003_setting_category... OK
Applying common.0004_setting_encrypted... OK
Applying common.0005_auto_20190221_1902... OK
Applying common.0006_auto_20190304_1515... OK
Applying settings.0001_initial... OK
Applying terminal.0017_auto_20191125_0931... OK
Applying terminal.0018_auto_20191202_1010... OK
Applying terminal.0019_auto_20191206_1000... OK
Applying terminal.0020_auto_20191218_1721... OK
Applying terminal.0021_auto_20200213_1316... OK
Applying terminal.0022_session_is_success... OK
Applying terminal.0023_command_risk_level... OK
Applying terminal.0024_auto_20200715_1713... OK
Applying terminal.0025_auto_20200810_1735... OK
Applying terminal.0026_auto_20201027_1905... OK
Applying terminal.0027_auto_20201102_1651... OK
Applying terminal.0028_auto_20201110_1918... OK
Applying terminal.0029_auto_20201116_1757... OK
Applying terminal.0030_terminal_type... OK
Applying terminal.0031_auto_20210113_1356... OK
Applying assets.0001_initial... OK
Applying perms.0001_initial... OK
Applying assets.0002_auto_20180105_1807_squashed_0009_auto_20180307_1212... OK
Applying assets.0010_auto_20180307_1749_squashed_0019_auto_20180816_1320... OK
Applying perms.0002_auto_20171228_0025_squashed_0009_auto_20180903_1132... OK
Applying perms.0003_action... OK
Applying perms.0004_assetpermission_actions... OK
Applying assets.0020_auto_20180816_1652... OK
Applying assets.0021_auto_20180903_1132... OK
Applying assets.0022_auto_20181012_1717... OK
Applying assets.0023_auto_20181016_1650... OK
Applying assets.0024_auto_20181219_1614... OK
Applying assets.0025_auto_20190221_1902... OK
Applying assets.0026_auto_20190325_2035... OK
Applying applications.0001_initial... OK
Applying perms.0005_auto_20190521_1619... OK
Applying perms.0006_auto_20190628_1921... OK
Applying perms.0007_remove_assetpermission_actions... OK
Applying perms.0008_auto_20190911_1907... OK
Applying assets.0027_auto_20190521_1703... OK
Applying assets.0028_protocol... OK
Applying assets.0029_auto_20190522_1114... OK
Applying assets.0030_auto_20190619_1135... OK
Applying assets.0031_auto_20190621_1332... OK
Applying assets.0032_auto_20190624_2108... OK
Applying assets.0033_auto_20190624_2108... OK
Applying assets.0034_auto_20190705_1348... OK
Applying assets.0035_auto_20190711_2018... OK
Applying assets.0036_auto_20190716_1535... OK
Applying assets.0037_auto_20190724_2002... OK
Applying assets.0038_auto_20190911_1634... OK
Applying perms.0009_remoteapppermission_system_users... OK
Applying assets.0039_authbook_is_active... OK
Applying assets.0040_auto_20190917_2056... OK
Applying assets.0041_gathereduser... OK
Applying assets.0042_favoriteasset... OK
Applying assets.0043_auto_20191114_1111... OK
Applying assets.0044_platform... OK
Applying assets.0045_auto_20191206_1607... OK
Applying assets.0046_auto_20191218_1705... OK
Applying applications.0002_remove_remoteapp_system_user... OK
Applying applications.0003_auto_20191210_1659... OK
Applying applications.0004_auto_20191218_1705... OK
Applying perms.0010_auto_20191218_1705... OK
Applying perms.0011_auto_20200721_1739... OK
Applying assets.0047_assetuser... OK
Applying assets.0048_auto_20191230_1512... OK
Applying assets.0049_systemuser_sftp_root... OK
Applying assets.0050_auto_20200711_1740... OK
Applying assets.0051_auto_20200713_1143... OK
Applying assets.0052_auto_20200715_1535... OK
Applying assets.0053_auto_20200723_1232... OK
Applying assets.0054_auto_20200807_1032... OK
Applying applications.0005_k8sapp... OK
Applying perms.0012_k8sapppermission... OK
Applying assets.0055_auto_20200811_1845... OK
Applying assets.0056_auto_20200904_1751... OK
Applying assets.0057_fill_node_value_assets_amount_and_parent_key...
................................................................. OK
Applying perms.0013_rebuildusertreetask_usergrantedmappingnode... OK
Applying perms.0014_build_users_perm_tree... OK
Applying perms.0015_auto_20200929_1728... OK
Applying assets.0058_auto_20201023_1115... OK
Applying assets.0059_auto_20201027_1905... OK
Applying applications.0006_application... OK
Applying perms.0016_applicationpermission... OK
Applying perms.0017_auto_20210104_0435... OK
Applying assets.0060_node_full_value...
- Start migrate node value if has /
- Start migrate node full value
OK
Applying assets.0061_auto_20201116_1757... OK
Applying assets.0062_auto_20201117_1938... OK
Applying assets.0063_migrate_default_node_key...
Check old default node `key=0 value=Default` not exists
OK
Applying assets.0064_auto_20201203_1100... OK
Applying assets.0065_auto_20210121_1549... OK
Applying perms.0018_auto_20210208_1515... OK
Applying orgs.0001_initial... OK
Applying orgs.0002_auto_20180903_1132... OK
Applying orgs.0003_auto_20190916_1057... OK
Applying orgs.0004_organizationmember... OK
Applying orgs.0005_auto_20200721_1937... OK
Applying orgs.0006_auto_20200721_1937... OK
Applying orgs.0007_auto_20200728_1805... OK
Applying orgs.0008_auto_20200819_2041... OK
Applying orgs.0009_auto_20201023_1628... OK
Applying ops.0001_initial... OK
Applying ops.0002_celerytask... OK
Applying ops.0003_auto_20181207_1744... OK
Applying ops.0004_adhoc_run_as... OK
Applying ops.0005_auto_20181219_1807... OK
Applying ops.0006_auto_20190318_1023... OK
Applying ops.0007_auto_20190724_2002... OK
Applying ops.0008_auto_20190919_2100... OK
Applying ops.0009_auto_20191217_1713... OK
Applying ops.0010_auto_20191217_1758... OK
Applying ops.0011_auto_20200106_1534... OK
Applying ops.0012_auto_20200108_1659... OK
Applying ops.0013_auto_20200108_1706... OK
Applying ops.0014_auto_20200108_1749... OK
Applying ops.0015_auto_20200108_1809... OK
Applying ops.0016_commandexecution_org_id... OK
Applying ops.0017_auto_20200306_1747... OK
Applying ops.0018_auto_20200509_1434... OK
Applying ops.0019_adhocexecution_celery_task_id... OK
Applying audits.0001_initial... OK
Applying audits.0002_ftplog_org_id... OK
Applying audits.0003_auto_20180816_1652... OK
Applying audits.0004_operatelog_passwordchangelog_userloginlog... OK
Applying audits.0005_auto_20190228_1715... OK
Applying audits.0006_auto_20190726_1753... OK
Applying audits.0007_auto_20191202_1010... OK
Applying audits.0008_auto_20200508_2105... OK
Applying audits.0009_auto_20200624_1654... OK
Applying audits.0010_auto_20200811_1122... OK
Applying audits.0011_userloginlog_backend... OK
Applying assets.0066_auto_20210208_1802... OK
Applying applications.0007_auto_20201119_1110... OK
Applying applications.0008_auto_20210104_0435... OK
Applying orgs.0010_auto_20210219_1241...
Migrate model org id: Application done, use 1.12 ms
Migrate model org id: AdminUser done, use 1.06 ms
Migrate model org id: Asset done, use 0.88 ms
Migrate model org id: AuthBook done, use 0.8 ms
Migrate model org id: CommandFilter done, use 0.63 ms
Migrate model org id: CommandFilterRule done, use 0.61 ms
Migrate model org id: Domain done, use 0.61 ms
Migrate model org id: Gateway done, use 0.81 ms
Migrate model org id: GatheredUser done, use 0.6 ms
Migrate model org id: Label done, use 0.62 ms
Migrate model org id: Node done, use 0.61 ms
Migrate model org id: SystemUser done, use 0.65 ms
Migrate model org id: FTPLog done, use 0.81 ms
Migrate model org id: OperateLog done, use 0.62 ms
Migrate model org id: AdHoc done, use 0.62 ms
Migrate model org id: AdHocExecution done, use 0.63 ms
Migrate model org id: CommandExecution done, use 0.62 ms
Migrate model org id: Task done, use 0.8 ms
Migrate model org id: ApplicationPermission done, use 0.64 ms
Migrate model org id: AssetPermission done, use 0.64 ms
Migrate model org id: UserAssetGrantedTreeNodeRelation done, use 0.62 ms
Migrate model org id: Session done, use 0.65 ms
Migrate model org id: Command done, use 0.68 ms
Migrate model org id: Ticket done, use 0.68 ms
Migrate model org id: UserGroup done, use 0.76 ms
Will add users to default org: 1
Add users to default org: 1-1
done, use 6.09 ms
OK
Applying assets.0067_auto_20210311_1113... OK
Applying assets.0068_auto_20210312_1455... OK
Applying assets.0069_change_node_key0_to_key1...
--> Not exist key=0 nodes, do nothing.
OK
Applying assets.0070_auto_20210426_1515... OK
Applying assets.0071_systemuser_type...
OK
Applying assets.0072_historicalauthbook...
OK
Applying assets.0073_auto_20210606_1142...
OK
Applying assets.0074_remove_systemuser_assets... OK
Applying assets.0075_auto_20210705_1759... OK
Applying assets.0076_delete_assetuser... OK
Applying applications.0009_applicationuser... OK
Applying applications.0010_appaccount_historicalappaccount... OK
Applying applications.0011_auto_20210826_1759... OK
Applying applications.0012_auto_20211014_2209... OK
Applying applications.0013_auto_20211026_1711... OK
Applying applications.0014_auto_20211105_1605... OK
Applying assets.0077_auto_20211012_1642... OK
Applying assets.0078_auto_20211014_2209... OK
Applying assets.0079_auto_20211102_1922... OK
Applying assets.0080_auto_20211104_1347... OK
Applying assets.0081_auto_20211105_1605... OK
Applying assets.0082_auto_20211209_1440... OK
Applying assets.0083_auto_20211215_1436... OK
Applying audits.0012_auto_20210414_1443... OK
Applying auth.0009_alter_user_last_name_max_length... OK
Applying auth.0010_alter_group_name_max_length... OK
Applying auth.0011_update_proxy_permissions... OK
Applying auth.0012_alter_user_first_name_max_length... OK
Applying authentication.0005_delete_loginconfirmsetting... OK
Applying captcha.0001_initial... OK
Applying django_cas_ng.0001_initial... OK
Applying django_celery_beat.0001_initial... OK
Applying django_celery_beat.0002_auto_20161118_0346... OK
Applying django_celery_beat.0003_auto_20161209_0049... OK
Applying django_celery_beat.0004_auto_20170221_0000... OK
Applying django_celery_beat.0005_add_solarschedule_events_choices... OK
Applying django_celery_beat.0006_auto_20180322_0932... OK
Applying django_celery_beat.0007_auto_20180521_0826... OK
Applying django_celery_beat.0008_auto_20180914_1922... OK
Applying django_celery_beat.0006_auto_20180210_1226... OK
Applying django_celery_beat.0006_periodictask_priority... OK
Applying django_celery_beat.0009_periodictask_headers... OK
Applying django_celery_beat.0010_auto_20190429_0326... OK
Applying django_celery_beat.0011_auto_20190508_0153... OK
Applying django_celery_beat.0012_periodictask_expire_seconds... OK
Applying jms_oidc_rp.0001_initial... OK
Applying users.0032_userpasswordhistory... OK
Applying users.0033_user_need_update_password... OK
Applying users.0034_auto_20210506_1448... OK
Applying users.0035_auto_20210526_1100... OK
Applying users.0036_user_feishu_id... OK
Applying notifications.0001_initial... OK
Applying notifications.0002_auto_20210909_1946...
Init user message subscription: 1
OK
Applying ops.0020_adhoc_run_system_user... OK
Applying perms.0019_auto_20210906_1044... OK
Applying perms.0020_auto_20210910_1103... OK
Applying perms.0021_auto_20211105_1605... OK
Applying sessions.0001_initial... OK
Applying settings.0002_auto_20210729_1546... OK
Applying settings.0003_auto_20210901_1035... OK
Applying terminal.0032_auto_20210302_1853... OK
Applying terminal.0033_auto_20210324_1008... OK
Applying terminal.0034_auto_20210406_1434... OK
Applying terminal.0035_auto_20210517_1448... OK
Applying terminal.0036_auto_20210604_1124... OK
Applying terminal.0037_auto_20210623_1748... OK
Applying terminal.0038_task_kwargs... OK
Applying terminal.0039_auto_20210805_1552... OK
Applying terminal.0040_sessionjoinrecord_sessionsharing... OK
Applying terminal.0041_auto_20211105_1605... OK
Applying tickets.0008_auto_20210311_1113... OK
Applying tickets.0009_auto_20210426_1720... OK
Applying tickets.0010_auto_20210812_1618... OK
Applying users.0037_user_secret_key... OK
Applying users.0038_auto_20211209_1140... OK
complete
>>> The Installation is Complete
1. You can use the following command to start, and then visit
cd /opt/jumpserver-installer-v2.17.1
./jmsctl.sh start
2. Other management commands
./jmsctl.sh stop
./jmsctl.sh restart
./jmsctl.sh backup
./jmsctl.sh upgrade
For more commands, you can enter ./jmsctl.sh --help to understand
3. Web access
http://10.0.16.15:80
Default username: admin Default password: admin
4. SSH/SFTP access
ssh -p2222 admin@10.0.16.15
sftp -P2222 admin@10.0.16.15
5. More information
Official Website: https://www.jumpserver.org/
Documentation: https://docs.jumpserver.org/
root@4c16g:~# cd /opt/jumpserver-installer-v2.17.1
root@4c16g:/opt/jumpserver-installer-v2.17.1#
root@4c16g:/opt/jumpserver-installer-v2.17.1# ls
compose config-example.txt config_init jmsctl.sh locale quick_start.sh README.md scripts static.env utils
脚本内容¶
root@4c16g:/shell-scripts# curl -sSL https://github.com/jumpserver/jumpserver/releases/download/v2.17.1/quick_start.sh
#!/bin/bash
#
Version=v2.17.1
function install_soft() {
if command -v dnf > /dev/null; then
if [ "$1" == "python" ]; then
dnf -q -y install python2
ln -s /usr/bin/python2 /usr/bin/python
else
dnf -q -y install "$1"
fi
elif command -v yum > /dev/null; then
yum -q -y install "$1"
elif command -v apt > /dev/null; then
apt-get -qqy install "$1"
elif command -v zypper > /dev/null; then
zypper -q -n install "$1"
elif command -v apk > /dev/null; then
apk add -q "$1"
command -v gettext >/dev/null || {
apk add -q gettext-dev
}
else
echo -e "[\033[31m ERROR \033[0m] Please install it first (请先安装) $1 "
exit 1
fi
}
function prepare_install() {
for i in curl wget zip python; do
command -v $i &>/dev/null || install_soft $i
done
}
function get_installer() {
echo "download install script to /opt/jumpserver-installer-${Version} (开始下载安装脚本到 /opt/jumpserver-installer-${Version})"
cd /opt || exit 1
if [ ! -d "/opt/jumpserver-installer-${Version}" ]; then
wget -qO jumpserver-installer-${Version}.tar.gz https://github.com/jumpserver/installer/releases/download/${Version}/jumpserver-installer-${Version}.tar.gz || {
rm -rf /opt/jumpserver-installer-${Version}.tar.gz
echo -e "[\033[31m ERROR \033[0m] Failed to download jumpserver-installer-${Version} (下载 jumpserver-installer-${Version} 失败, 请检查网络是否正常或尝试重新执行脚本)"
exit 1
}
tar -xf /opt/jumpserver-installer-${Version}.tar.gz -C /opt || {
rm -rf /opt/jumpserver-installer-${Version}
echo -e "[\033[31m ERROR \033[0m] Failed to unzip jumpserver-installer-${Version} (解压 jumpserver-installer-${Version} 失败, 请检查网络是否正常或尝试重新执行脚本)"
exit 1
}
rm -rf /opt/jumpserver-installer-${Version}.tar.gz
fi
}
function config_installer() {
cd /opt/jumpserver-installer-${Version} || exit 1
sed -i "s/VERSION=.*/VERSION=${Version}/g" /opt/jumpserver-installer-${Version}/static.env
./jmsctl.sh install
}
function main(){
prepare_install
get_installer
config_installer
}
2. 启动停止命令¶
# 安装完成后配置文件 /opt/jumpserver/config/config.txt
cd /opt/jumpserver-installer-v2.17.1
# 启动
./jmsctl.sh start
# 停止
./jmsctl.sh down
# 卸载
./jmsctl.sh uninstall
# 帮助
./jmsctl.sh -h
root@4c16g:/opt/jumpserver-installer-v2.17.1# ./jmsctl.sh -h
JumpServer Deployment Management Script
Usage:
./jmsctl.sh [COMMAND] [ARGS...]
./jmsctl.sh --help
Installation Commands:
install Install JumpServer
upgrade [version] Upgrade JumpServer
check_update Check for updates JumpServer
reconfig Reconfiguration JumpServer
Management Commands:
start Start JumpServer
stop Stop JumpServer
close Close JumpServer
restart Restart JumpServer
status Check JumpServer
down Offline JumpServer
uninstall Uninstall JumpServer
More Commands:
load_image Loading docker image
backup_db Backup database
restore_db [file] Data recovery through database backup file
raw Execute the original docker-compose command
tail [service] View log
root@4c16g:/opt/jumpserver-installer-v2.17.1#
root@4c16g:/opt/jumpserver-installer-v2.17.1#
root@4c16g:/opt/jumpserver-installer-v2.17.1#
root@4c16g:/opt/jumpserver-installer-v2.17.1# ./jmsctl.sh start
jms_redis is up-to-date
jms_mysql is up-to-date
Creating jms_core ... done
Creating jms_koko ... done
Creating jms_lion ... done
Creating jms_celery ... done
Creating jms_web ... done
root@4c16g:/opt/jumpserver-installer-v2.17.1# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d41b1976c34 jumpserver/web:v2.17.1 "/docker-entrypoint.…" 10 seconds ago Up 8 seconds (health: starting) 0.0.0.0:80->80/tcp, :::80->80/tcp jms_web
340e91f572c6 jumpserver/core:v2.17.1 "./entrypoint.sh sta…" 10 seconds ago Up 9 seconds (health: starting) 8070/tcp, 8080/tcp jms_celery
26b5e20ca4db jumpserver/lion:v2.17.1 "/usr/bin/supervisord" 10 seconds ago Up 9 seconds (health: starting) 4822/tcp jms_lion
17e1846214e4 jumpserver/koko:v2.17.1 "./entrypoint.sh" 10 seconds ago Up 9 seconds (health: starting) 0.0.0.0:2222->2222/tcp, :::2222->2222/tcp, 5000/tcp jms_koko
da48b4f72f30 jumpserver/core:v2.17.1 "./entrypoint.sh sta…" 36 seconds ago Up 35 seconds (healthy) 8070/tcp, 8080/tcp jms_core
1bc25b34771e jumpserver/mysql:5 "docker-entrypoint.s…" 4 minutes ago Up 4 minutes (healthy) 3306/tcp, 33060/tcp jms_mysql
62c22dcdceca jumpserver/redis:6-alpine "docker-entrypoint.s…" 4 minutes ago Up 4 minutes (healthy) 6379/tcp jms_redis
dbfec9b1a6b3 calico/node "start_runit" 11 hours ago Up 11 hours k8s_calico-node_calico-node-mmtsc_kube-system_31418008-17b8-4d65-a1b8-b96767b6fdf6_0
137c055c8074 registry.aliyuncs.com/google_containers/kube-proxy "/usr/local/bin/kube…" 11 hours ago Up 11 hours k8s_kube-proxy_kube-proxy-9szr9_kube-system_68215306-d569-4be7-aa19-57953f20f3ce_0
3a225a4b8008 registry.aliyuncs.com/google_containers/pause:3.4.1 "/pause" 11 hours ago Up 11 hours k8s_POD_calico-node-mmtsc_kube-system_31418008-17b8-4d65-a1b8-b96767b6fdf6_0
d058c1ecc9e8 registry.aliyuncs.com/google_containers/pause:3.4.1 "/pause" 11 hours ago Up 11 hours k8s_POD_kube-proxy-9szr9_kube-system_68215306-d569-4be7-aa19-57953f20f3ce_0
bdfc17c32ea6 kylemanna/openvpn:2.4 "ovpn_run" 12 hours ago Up 12 hours 0.0.0.0:1194->1194/udp, :::1194->1194/udp openvpn
root@4c16g:/opt/jumpserver-installer-v2.17.1#
3. 修改使用外部数据库¶
1. 数据库服务器添加白名单¶
# 使用自己的阿里云数据库
rm-bp1sdfsgsdgsfds.mysql.rds.aliyuncs.com
# 首先登录阿里云数据库,将本服务器加入到白名单
# 貌似还需要将库建好!
2. 修改配置文件¶
cd /opt/jumpserver/
cp config.txt config.txt.bak
vim config.txt
#1.修改外置数据库信息
13 ## MySQL 配置, USE_EXTERNAL_MYSQL=1 表示使用外置 MySQL, 请输入正确的 MySQL 信息
14 USE_EXTERNAL_MYSQL=1
15 DB_HOST=rm-bp1sdfsgsdgsfds.mysql.rds.aliyuncs.com
16 DB_PORT=3306
17 DB_USER=username
18 DB_PASSWORD=password
19 DB_NAME=jumpserver
#2.修改默认端口
38 HTTP_PORT=800
3. 重启¶
#1.关闭
/opt/jumpserver-installer-v2.17.1/jmsctl.sh down
#2.启动
/opt/jumpserver-installer-v2.17.1/jmsctl.sh start --remove-orphans
root@4c16g:/opt/jumpserver-installer-v2.17.1# /opt/jumpserver-installer-v2.17.1/jmsctl.sh down
Stopping jms_web ... done
Stopping jms_lion ... done
Stopping jms_koko ... done
Stopping jms_celery ... done
Stopping jms_core ... done
Stopping jms_redis ... done
WARNING: Found orphan containers (jms_mysql) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up.
Removing jms_web ... done
Removing jms_lion ... done
Removing jms_koko ... done
Removing jms_celery ... done
Removing jms_core ... done
Removing jms_redis ... done
Removing network jms_net
ERROR: error while removing network: network jms_net id 157cd122b49751f29d070d5a0425bac7bdd6a71e7ea1e365e7c52db91a9b2461 has active endpoints
root@4c16g:/opt/jumpserver-installer-v2.17.1# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1bc25b34771e jumpserver/mysql:5 "docker-entrypoint.s…" 49 minutes ago Up 49 minutes (healthy) 3306/tcp, 33060/tcp jms_mysql
dbfec9b1a6b3 calico/node "start_runit" 12 hours ago Up 12 hours k8s_calico-node_calico-node-mmtsc_kube-system_31418008-17b8-4d65-a1b8-b96767b6fdf6_0
137c055c8074 registry.aliyuncs.com/google_containers/kube-proxy "/usr/local/bin/kube…" 12 hours ago Up 12 hours k8s_kube-proxy_kube-proxy-9szr9_kube-system_68215306-d569-4be7-aa19-57953f20f3ce_0
3a225a4b8008 registry.aliyuncs.com/google_containers/pause:3.4.1 "/pause" 12 hours ago Up 12 hours k8s_POD_calico-node-mmtsc_kube-system_31418008-17b8-4d65-a1b8-b96767b6fdf6_0
d058c1ecc9e8 registry.aliyuncs.com/google_containers/pause:3.4.1 "/pause" 12 hours ago Up 12 hours k8s_POD_kube-proxy-9szr9_kube-system_68215306-d569-4be7-aa19-57953f20f3ce_0
bdfc17c32ea6 kylemanna/openvpn:2.4 "ovpn_run" 13 hours ago Up 13 hours 0.0.0.0:1194->1194/udp, :::1194->1194/udp openvpn
root@4c16g:/opt/jumpserver-installer-v2.17.1#
root@4c16g:/opt/jumpserver-installer-v2.17.1# /opt/jumpserver-installer-v2.17.1/jmsctl.sh start
WARNING: Found orphan containers (jms_mysql) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up.
Creating jms_redis ... done
Creating jms_core ... done
^CERROR: Aborting.
root@4c16g:/opt/jumpserver-installer-v2.17.1# /opt/jumpserver-installer-v2.17.1/jmsctl.sh start --remove-orphans
WARNING: Found orphan containers (jms_mysql) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up.
jms_redis is up-to-date
jms_core is up-to-date
Creating jms_web ... done
Creating jms_celery ... done
Creating jms_lion ... done
Creating jms_koko ... done
4. 查看jumpserver数据库¶
# 出现新的表了,说明成功!
4. 登录测试¶
#1.登录vpn
#2.浏览器访问
10.0.8.5:800
# 由于使用了新数据库,所以重新设置密码
admin:admin
最后更新:
2022-02-18 05:16:58