jumpserver安裝(一)-創(chuàng)新互聯(lián)

jumpserver介紹

成都創(chuàng)新互聯(lián)公司服務(wù)項(xiàng)目包括東川網(wǎng)站建設(shè)、東川網(wǎng)站制作、東川網(wǎng)頁(yè)制作以及東川網(wǎng)絡(luò)營(yíng)銷(xiāo)策劃等。多年來(lái)，我們專(zhuān)注于互聯(lián)網(wǎng)行業(yè)，利用自身積累的技術(shù)優(yōu)勢(shì)、行業(yè)經(jīng)驗(yàn)、深度合作伙伴關(guān)系等，向廣大中小型企業(yè)、政府機(jī)構(gòu)等提供互聯(lián)網(wǎng)行業(yè)的解決方案，東川網(wǎng)站推廣取得了明顯的社會(huì)效益與經(jīng)濟(jì)效益。目前，我們服務(wù)的客戶(hù)以成都為中心已經(jīng)輻射到東川省份的部分城市，未來(lái)相信會(huì)繼續(xù)擴(kuò)大服務(wù)區(qū)域并繼續(xù)獲得客戶(hù)的支持與信任！

• 是一款由python編寫(xiě)開(kāi)源的跳板機(jī)(堡壘機(jī))系統(tǒng)，實(shí)現(xiàn)了跳板機(jī)應(yīng)有的功能?；趕sh協(xié)議來(lái)管理，客戶(hù)端無(wú)需安裝agent。 特點(diǎn)： 完全開(kāi)源，GPL授權(quán) Python編寫(xiě)，容易再次開(kāi)發(fā) 實(shí)現(xiàn)了跳板機(jī)基本功能，認(rèn)證、授權(quán)、審計(jì) 集成了Ansible

• 可以通過(guò)堡壘機(jī)管理百萬(wàn)臺(tái)機(jī)器

• 有效的記錄運(yùn)維人員的操作記錄

官方資料：
https://github.com/jumpserver/jumpserver　

http://www.jumpserver.org/

搭建jumpserver跳板機(jī)/堡壘機(jī):

全新安裝的 Centos7 系統(tǒng)

保持服務(wù)器網(wǎng)絡(luò)暢通

1.?防火墻?Selinux?設(shè)置?
echo?-e?"\033[31m?1.?防火墻?Selinux?設(shè)置?\033[0m"?\
??&&?if?[?"$(systemctl?status?firewalld?|?grep?running)"?!=?""?];?then?firewall-cmd?--zone=public?--add-port=80/tcp?--permanent;?firewall-cmd?--zone=public?--add-port=2222/tcp?--permanent;?firewall-cmd?--permanent?--add-rich-rule="rule?family="ipv4"?source?address="172.17.0.0/16"?port?protocol="tcp"?port="8080"?accept";?firewall-cmd?--reload;?fi?\
??&&?if?[?"$(getenforce)"?!=?"Disabled"?];?then?setsebool?-P?httpd_can_network_connect?1;?fi

2.?部署環(huán)境
?echo?-e?"\033[31m?2.?部署環(huán)境?\033[0m"?\
??&&?yum?update?-y?\
??&&?ln?-sf?/usr/share/zoneinfo/Asia/Shanghai?/etc/localtime?\
??&&?yum?-y?install?kde-l10n-Chinese?\
??&&?localedef?-c?-f?UTF-8?-i?zh_CN?zh_CN.UTF-8?\
??&&?export?LC_ALL=zh_CN.UTF-8?\
??&&?echo?'LANG="zh_CN.UTF-8"'?>?/etc/locale.conf?\
??&&?yum?-y?install?wget?gcc?epel-release?git?\
??&&?yum?install?-y?yum-utils?device-mapper-persistent-data?lvm2?\
??&&?yum-config-manager?--add-repo?http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo?\
??&&?yum?makecache?fast?\
??&&?rpm?--import?https://mirrors.aliyun.com/docker-ce/linux/centos/gpg?\
??&&?echo?-e?"[nginx-stable]\nname=nginx?stable?repo\nbaseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/\ngpgcheck=1\nenabled=1\ngpgkey=https://nginx.org/keys/nginx_signing.key"?>?/etc/yum.repos.d/nginx.repo?\
??&&?rpm?--import?https://nginx.org/keys/nginx_signing.key?\
??&&?yum?-y?install?redis?mariadb?mariadb-devel?mariadb-server?MariaDB-shared?nginx?docker-ce?\
??&&?systemctl?enable?redis?mariadb?nginx?docker?\
??&&?systemctl?start?redis?mariadb?\
??&&?yum?-y?install?python36?python36-devel?\
??&&?python3.6?-m?venv?/opt/py3

3.?下載組件
echo?-e?"\033[31m?3.?下載組件?\033[0m"?\
??&&?cd?/opt?\
??&&?if?[?!?-d?"/opt/jumpserver"?];?then?git?clone?--depth=1?https://github.com/jumpserver/jumpserver.git;?fi?\
??&&?if?[?!?-f?"/opt/luna.tar.gz"?];?then?wget?https://demo.jumpserver.org/download/luna/1.5.2/luna.tar.gz;?tar?xf?luna.tar.gz;?chown?-R?root:root?luna;?fi?\
??&&?yum?-y?install?$(cat?/opt/jumpserver/requirements/rpm_requirements.txt)?\
??&&?echo?-e?"[easy_install]\nindex_url?=?https://mirrors.aliyun.com/pypi/simple/"?>?~/.pydistutils.cfg?\
??&&?source?/opt/py3/bin/activate?\
??&&?pip?install?--upgrade?pip?setuptools?-i?https://mirrors.aliyun.com/pypi/simple/?\
??&&?pip?install?-r?/opt/jumpserver/requirements/requirements.txt?-i?https://mirrors.aliyun.com/pypi/simple/?\
??&&?curl?-sSL?https://get.daocloud.io/daotools/set_mirror.sh?|?sh?-s?http://f1361db2.m.daocloud.io?\
??&&?systemctl?restart?docker?\
??&&?docker?pull?jumpserver/jms_koko:1.5.2?\
??&&?docker?pull?jumpserver/jms_guacamole:1.5.2?\
??&&?rm?-rf?/etc/nginx/conf.d/default.conf?\
??&&?wget?-O?/etc/nginx/conf.d/jumpserver.conf?https://demo.jumpserver.org/download/nginx/conf.d/jumpserver.conf

4.?處理配置文件
?echo?-e?"\033[31m?4.?處理配置文件?\033[0m"?\
??&&?source?~/.bashrc?\
??&&?if?[?"$DB_PASSWORD"?=?""?];?then?DB_PASSWORD=`cat?/dev/urandom?|?tr?-dc?A-Za-z0-9?|?head?-c?24`;?fi?\
??&&?if?[?"$SECRET_KEY"?=?""?];?then?SECRET_KEY=`cat?/dev/urandom?|?tr?-dc?A-Za-z0-9?|?head?-c?50`;?echo?"SECRET_KEY=$SECRET_KEY"?>>?~/.bashrc;?fi?\
??&&?if?[?"$BOOTSTRAP_TOKEN"?=?""?];?then?BOOTSTRAP_TOKEN=`cat?/dev/urandom?|?tr?-dc?A-Za-z0-9?|?head?-c?16`;?echo?"BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN"?>>?~/.bashrc;?fi?\
??&&?if?[?"$Server_IP"?=?""?];?then?Server_IP=`ip?addr?|?grep?inet?|?egrep?-v?'(127.0.0.1|inet6|docker)'?|?awk?'{print?$2}'?|?tr?-d?"addr:"?|?head?-n?1?|?cut?-d?/?-f1`;?fi?\
??&&?if?[?!?-d?"/var/lib/mysql/jumpserver"?];?then?mysql?-uroot?-e?"create?database?jumpserver?default?charset?'utf8';grant?all?on?jumpserver.*?to?'jumpserver'@'127.0.0.1'?identified?by?'$DB_PASSWORD';flush?privileges;";?fi?\
??&&?if?[?!?-f?"/opt/jumpserver/config.yml"?];?then?cp?/opt/jumpserver/config_example.yml?/opt/jumpserver/config.yml;?sed?-i?"s/SECRET_KEY:/SECRET_KEY:?$SECRET_KEY/g"??\
??/opt/jumpserver/config.yml;?sed?-i?"s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN:?$BOOTSTRAP_TOKEN/g"?/opt/jumpserver/config.yml;?sed?-i?"s/#?DEBUG:?true/DEBUG:?false/g"?/opt/jumpserver/config.yml;?sed?-i?"s/#?LOG_LEVEL:?DEBUG/LOG_LEVEL:?ERROR/g"?/opt/jumpserver/config.yml;?sed?-i?"s/#?SESSION_EXPIRE_AT_BROWSER_CLOSE:?false/SESSION_EXPIRE_AT_BROWSER_CLOSE:?true/g"?/opt/jumpserver/config.yml;?sed?-i?"s/DB_PASSWORD:?/DB_PASSWORD:?$DB_PASSWORD/g"?/opt/jumpserver/config.yml;?fi

5.?啟動(dòng)?Jumpserver
echo?-e?"\033[31m?5.?啟動(dòng)?Jumpserver?\033[0m"?\
??&&?systemctl?start?nginx?\
??&&?cd?/opt/jumpserver?\
??&&?./jms?start?-d?\
??&&?docker?run?--name?jms_koko?-d?-p?2222:2222?-p?127.0.0.1:5000:5000?-e?CORE_HOST=http://$Server_IP:8080?-e?BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN?--restart=always?jumpserver/jms_koko:1.5.2?\
??&&?docker?run?--name?jms_guacamole?-d?-p?127.0.0.1:8081:8081?-e?JUMPSERVER_SERVER=http://$Server_IP:8080?-e?BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN?--restart=always?jumpserver/jms_guacamole:1.5.2?\
??&&?echo?-e?"\033[31m?你的數(shù)據(jù)庫(kù)密碼是?$DB_PASSWORD?\033[0m"?\
??&&?echo?-e?"\033[31m?你的SECRET_KEY是?$SECRET_KEY?\033[0m"?\
??&&?echo?-e?"\033[31m?你的BOOTSTRAP_TOKEN是?$BOOTSTRAP_TOKEN?\033[0m"?\
??&&?echo?-e?"\033[31m?你的服務(wù)器IP是?$Server_IP?\033[0m"?\
??&&?echo?-e?"\033[31m?請(qǐng)打開(kāi)瀏覽器訪問(wèn)?http://$Server_IP?用戶(hù)名:admin?密碼:admin?\033[0m"

6.?配置自啟?
?echo?-e?"\033[31m?6.?配置自啟?\033[0m"?\
??&&?if?[?!?-f?"/usr/lib/systemd/system/jms.service"?];?then?wget?-O?/usr/lib/systemd/system/jms.service?https://demo.jumpserver.org/download/shell/centos/jms.service;?chmod?755?/usr/lib/systemd/system/jms.service;?systemctl?enable?jms;?fi

到此安裝結(jié)束.如圖所示,訪問(wèn)測(cè)試

另外有需要云服務(wù)器可以了解下創(chuàng)新互聯(lián)cdcxhl.cn，海內(nèi)外云服務(wù)器15元起步，三天無(wú)理由+7*72小時(shí)售后在線，公司持有idc許可證，提供“云服務(wù)器、裸金屬服務(wù)器、高防服務(wù)器、香港服務(wù)器、美國(guó)服務(wù)器、虛擬主機(jī)、免備案服務(wù)器”等云主機(jī)租用服務(wù)以及企業(yè)上云的綜合解決方案，具有“安全穩(wěn)定、簡(jiǎn)單易用、服務(wù)可用性高、性?xún)r(jià)比高”等特點(diǎn)與優(yōu)勢(shì)，專(zhuān)為企業(yè)上云打造定制，能夠滿足用戶(hù)豐富、多元化的應(yīng)用場(chǎng)景需求。

文章標(biāo)題：jumpserver安裝(一)-創(chuàng)新互聯(lián)
文章鏈接：http://muchs.cn/article44/cesgee.html

成都網(wǎng)站建設(shè)公司_創(chuàng)新互聯(lián)，為您提供虛擬主機(jī)、域名注冊(cè)、電子商務(wù)、網(wǎng)站營(yíng)銷(xiāo)、營(yíng)銷(xiāo)型網(wǎng)站建設(shè)、動(dòng)態(tài)網(wǎng)站

廣告

聲明：本網(wǎng)站發(fā)布的內(nèi)容（圖片、視頻和文字）以用戶(hù)投稿、用戶(hù)轉(zhuǎn)載內(nèi)容為主，如果涉及侵權(quán)請(qǐng)盡快告知，我們將會(huì)在第一時(shí)間刪除。文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng)，如需處理請(qǐng)聯(lián)系客服。電話：028-86922220；郵箱：631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載，或轉(zhuǎn)載時(shí)需注明來(lái)源： 創(chuàng)新互聯(lián)