本文共 4285 字,大约阅读时间需要 14 分钟。
标签(linux): jumpserver
是指你在web上创建的用户,会在跳板机上创建这个用户,作用就是用于登录跳板机
是指客户端上的如root等高权限账号(或普通用户拥有NOPASSWD: ALL sudo权限), 作用用于推送系统用户
是指要在客户端上创建这个系统用户,通过推送来实现,作用就是登录客户端
两者都是客户端上的用户,后者涉及到一个推送动作,
比如推送test系统用户,也就是在客户端上创建test用户,那么创建用户需要有权限,有没有权限创建就要看你是用客户端的root用户还是普通用户做为管理用户,如果后者做为管理用户就需要添加sudo权限又是NOPASSWD: ALL,这样推送系统用户,就可以成功在客户端上创建test用户
[root@jumpserver ~]# cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core)
yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel
wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xztar xvf Python-3.6.1.tar.xz && cd Python-3.6.1 ./configure && make && make install
cd /optpython3 -m venv py3source /opt/py3/bin/activate
(py3) [root@localhost py3]#
cd /opt/ git clone https://github.com/jumpserver/jumpserver.git
cd /opt/ cd jumpserver/requirements yum -y install epel-release yum -y install $(cat rpm_requirements.txt) # 如果没有任何报错请继续
pip install -r requirements.txt # 如果没有任何报错请继续
yum -y install redis systemctl start redis
本文使用mysql作为数据库,如果不使用mysql可以跳过相关mysql安装和配置
yum -y install mariadb mariadb-devel mariadb-server # centos7下安装的是mariadb,阿里云默认源的/etc/my.cnf可能导致不能启动 systemctl start mariadbservice mariadb start
mysql> create database jumpserver default charset 'utf8';mysql> grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by 'somepassword';
#由于MySQLdb库不支持 python3.5+,所以选择了mysqlclient作为驱动,pymysql使用python写的,速度较慢 pip install mysqlclient
cd /opt/jumpserver cp config_example.py config.py vi config.py # 我们计划修改 DevelopmentConfig中的配置,因为默认jumpserver是使用该配置,它继承自Configclass DevelopmentConfig(Config): DEBUG = True DISPLAY_PER_PAGE = 20 DB_ENGINE = 'mysql' DB_HOST = '127.0.0.1' DB_PORT = 3306 DB_USER = 'jumpserver' DB_PASSWORD = 'somepassword' DB_NAME = 'jumpserver' EMAIL_HOST = 'smtp.exmail.qq.com' EMAIL_PORT = 465 EMAIL_HOST_USER = 'a@jumpserver.org' EMAIL_HOST_PASSWORD = 'somepasswrd' EMAIL_USE_SSL = True EMAIL_USE_TLS = False EMAIL_SUBJECT_PREFIX = '[Jumpserver] ' SITE_URL = 'http://192.168.244.144:8080'
cd /opt/jumpserver/utils bash make_migrations.sh bash init_db.sh
source /opt/py3/bin/activatecd /opt/jumpserverpython run_server.py
运行不报错,请浏览器访问 账号: admin 密码: admin
新开一个终端,连接测试机,别忘了 source /opt/py3/bin/activate
source /opt/py3/bin/activate cd /opt git clone https://github.com/jumpserver/coco.git
cd /opt/coco/requirements yum -y install $(cat rpm_requirements.txt) pip install -r requirements.txt
cd /opt/coco cat config.py python run_server.pyERROR:root:Load access key failedUsing access key 311d0e77-5ec9-4c46-a131-7409e1daf271:***WARNING:/opt/coco/coco/service.py:App auth failed, Access key error or need admin active it
Coco version 0.4.0, more see https://www.jumpserver.orgStarting ssh server at 0.0.0.0:2222Quit the server with CONTROL-C.
这时完成安装
ssh -p2222 admin@192.168.244.144
密码: admin
如果是用Xshell登录语法如下ssh admin@192.168.244.144 2222
密码: admin
如果能登陆代表部署成功新开一个终端,连接测试机,别忘了 source /opt/py3/bin/activate
source /opt/py3/bin/activate cd /opt git clone https://github.com/jumpserver/luna.git
cd /opt/luna/requirements yum -y install $(cat rpm_requirements.txt) pip install -r requirements.txt
cd /opt/luna cat config.py python run_server.pyERROR:root:Load access key failedUsing access key 5bfdbf63-bef5-4cfb-9e31-2d873bdddb03:***WARNING:luna.service:App auth failed, Access key error or need admin active it
应用程序-终端 接受
Luna version 0.4.0, more see https://www.jumpserver.orgStarting web server at 0.0.0.0:5000Quit the server with CONTROL-C.
访问
转载地址:http://wyymo.baihongyu.com/