CentOS7下Jumpserver V3.0 部署

2024-05-13 04:08
文章标签 部署 centos7 v3.0 jumpserver

本文主要是介绍CentOS7下Jumpserver V3.0 部署,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

环境准备

# 准备一台 2核4G (最低)且可以访问互联网的 64 位 Centos 7 主机
[root@localhost ~]# hostnamectl --static set-hostname jumpserver
[root@jumpserver ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
[root@jumpserver ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemonLoaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)Active: inactive (dead)Docs: man:firewalld(1)
[root@jumpserver ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destinationChain FORWARD (policy ACCEPT)
target     prot opt source               destinationChain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@jumpserver ~]# sestatus
SELinux status:                 disabled

安装jumpserver

[root@jumpserver ~]# yum -y install epel-release.noarch
[root@jumpserver ~]# yum -y install git python-pip mysql-devel gcc automake autoconf python-devel vim sshpass lrzsz readline-devel
[root@jumpserver ~]# tar xf jumpserver3.0.tar.gz -C /usr/local/
[root@jumpserver ~]# cd /usr/local/jumpserver/install/
[root@jumpserver install]# ls
developer_doc.txt  initial_data.yaml  install.py  next.py  requirements.txt  zzjumpserver.sh
[root@jumpserver install]# pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simpleRunning setup.py install for pycrypto ... doneRunning setup.py install for MySQL-python ... doneRunning setup.py install for psutil ... doneRunning setup.py install for xlrd ... doneRunning setup.py install for django-bootstrap-form ... doneRunning setup.py install for tornado ... doneRunning setup.py install for PyYAML ... doneRunning setup.py install for ansible ... doneRunning setup.py install for pyinotify ... done
Successfully installed MarkupSafe-1.1.1 MySQL-python-1.2.5 PyYAML-5.3.1 ansible-1.9.4 argparse-1.4.0 backports-abc-0.5 certifi-2020.6.20 django-1.6 django-bootstrap-form-3.2 django-crontab-0.6.0 ecdsa-0.13 jinja2-2.11.2 paramiko-1.16.0 passlib-1.6.5 psutil-3.3.0 pycrypto-2.6.1 pyinotify-0.9.6 singledispatch-3.4.0.3 six-1.15.0 tornado-4.3 xlrd-0.9.4 xlsxwriter-0.7.7
[root@jumpserver install]# pip freeze   # 总共装了这么多包
ansible==1.9.4
backports-abc==0.5
backports.ssl-match-hostname==3.5.0.1
certifi==2020.6.20
configobj==4.7.2
decorator==3.4.0
Django==1.6
django-bootstrap-form==3.2
django-crontab==0.6.0
ecdsa==0.13
iniparse==0.4
ipaddress==1.0.16
Jinja2==2.11.2
MarkupSafe==1.1.1
MySQL-python==1.2.5
paramiko==1.16.0
passlib==1.6.5
perf==0.1
psutil==3.3.0
pycrypto==2.6.1
pycurl==7.19.0
pygobject==3.22.0
pygpgme==0.3
pyinotify==0.9.6
pyliblzma==0.5.3
python-linux-procfs==0.4.9
pyudev==0.15
pyxattr==0.5.1
PyYAML==5.3.1
schedutils==0.4
singledispatch==3.4.0.3
six==1.15.0
slip==0.4.0
slip.dbus==0.4.0
tornado==4.3
urlgrabber==3.10
xlrd==0.9.4
XlsxWriter==0.7.7
yum-metadata-parser==1.1.4

配置mariadb

初始化mariadb

[root@jumpserver ~]# yum -y install mariadb mariadb-server
[root@jumpserver ~]# systemctl enable mariadb.service --now
[root@jumpserver ~]# mysql_secure_installation    # 数据库初始化NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDBSERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.Enter current password for root (enter for none):       # 初次安装的,直接回车即可
OK, successfully used password, moving on...Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.Set root password? [Y/n] y     # 是否设置mariadb的root用户的密码
New password:             
Re-enter new password:         # 确认密码
Password updated successfully!
Reloading privilege tables..... Success!By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.Remove anonymous users? [Y/n] y       # 是否删除匿名用户... Success!Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.Disallow root login remotely? [Y/n] n    # 是否禁止root远程登录... skipping.By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.Remove test database and access to it? [Y/n] y     # 是否删除test数据库- Dropping test database...... Success!- Removing privileges on test database...... Success!Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.Reload privilege tables now? [Y/n] y    # 是否立即重新加载权限表... Success!Cleaning up...All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.Thanks for using MariaDB!

配置mariadb字符集

[root@jumpserver ~]# cp /etc/my.cnf{,.bak}     # 只有备份勤快,我就不用提桶跑路
[root@jumpserver ~]# vim /etc/my.cnf
[root@jumpserver ~]# egrep -v "^$|#" /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
init_connect='SET collation_connection = utf8_unicode_ci'    # 配置MariaDB的字符集
init_connect='SET NAMES utf8'                                # 配置MariaDB的字符集
character-set-server=utf8                                    # 配置MariaDB的字符集
collation-server=utf8_unicode_ci                             # 配置MariaDB的字符集
skip-character-set-client-handshake                          # 配置MariaDB的字符集
symbolic-links=0
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
!includedir /etc/my.cnf.d
[root@jumpserver ~]# cp /etc/my.cnf.d/client.cnf{,.bak}
[root@jumpserver ~]# vim /etc/my.cnf.d/client.cnf
[root@jumpserver ~]# cp /etc/my.cnf.d/mysql-clients.cnf{,.bak}
[root@jumpserver ~]# vim /etc/my.cnf.d/mysql-clients.cnf
[root@jumpserver ~]# egrep -v "^$|#" /etc/my.cnf.d/client.cnf
[client]
default-character-set=utf8                # 配置MariaDB的字符集
[client-mariadb]
[root@jumpserver ~]# egrep -v "^$|#" /etc/my.cnf.d/mysql-clients.cnf
[mysql]
default-character-set=utf8                # 配置MariaDB的字符集
[mysql_upgrade]
[mysqladmin]
[mysqlbinlog]
[mysqlcheck]
[mysqldump]
[mysqlimport]
[mysqlshow]
[mysqlslap]
[root@jumpserver ~]# systemctl restart mariadb.service
[root@jumpserver ~]# mysql -u root -p      # 查看字符集
Enter password:
MariaDB [(none)]> show variables like "%character%";show variables like "%collation%";
+--------------------------+----------------------------+
| Variable_name            | Value                      |
+--------------------------+----------------------------+
| character_set_client     | utf8                       |
| character_set_connection | utf8                       |
| character_set_database   | utf8                       |
| character_set_filesystem | binary                     |
| character_set_results    | utf8                       |
| character_set_server     | utf8                       |
| character_set_system     | utf8                       |
| character_sets_dir       | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.00 sec)+----------------------+-----------------+
| Variable_name        | Value           |
+----------------------+-----------------+
| collation_connection | utf8_unicode_ci |
| collation_database   | utf8_unicode_ci |
| collation_server     | utf8_unicode_ci |
+----------------------+-----------------+
3 rows in set (0.00 sec)

配置数据库和用户

MariaDB [(none)]> create database jumpserver;
Query OK, 1 row affected (0.00 sec)MariaDB [(none)]> grant all on jumpserver.* to root@'192.168.131.%' identified by "1234.com";
Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

如果数据库是mysql

# 如果安装的是mysql5.6.7,安装目录是/data/mysql
# 那么在执行上面"python install.py"命令进行安装时,可能有下面报错:
[root@jumpserver install]# python install.py
Traceback (most recent call last):File "install.py", line 8, in <module>import MySQLdbFile "/usr/lib64/python2.6/site-packages/MySQLdb/__init__.py", line 19, in <module>import _mysql
ImportError: libmysqlclient_r.so.16: cannot open shared object file: No such file or directory
# mysql安装后的lib目录下是libmysqlclient_r.so.18的库文件
[root@jumpserver install]# ll /data/mysql/lib/
total 236048
-rw-r--r-- 1 mysql mysql  19527418 Nov 26 20:20 libmysqlclient.a
lrwxrwxrwx 1 mysql mysql        16 Nov 26 20:25 libmysqlclient_r.a -> libmysqlclient.a
lrwxrwxrwx 1 mysql mysql        17 Nov 26 20:25 libmysqlclient_r.so -> libmysqlclient.so
lrwxrwxrwx 1 mysql mysql        20 Nov 26 20:25 libmysqlclient_r.so.18 -> libmysqlclient.so.18
lrwxrwxrwx 1 mysql mysql        24 Nov 26 20:25 libmysqlclient_r.so.18.1.0 -> libmysqlclient.so.18.1.0
lrwxrwxrwx 1 mysql mysql        20 Nov 26 20:25 libmysqlclient.so -> libmysqlclient.so.18
lrwxrwxrwx 1 mysql mysql        24 Nov 26 20:25 libmysqlclient.so.18 -> libmysqlclient.so.18.1.0
-rwxr-xr-x 1 mysql mysql   8864437 Nov 26 20:20 libmysqlclient.so.18.1.0
-rw-r--r-- 1 mysql mysql 213291816 Nov 26 20:24 libmysqld.a
-rw-r--r-- 1 mysql mysql     14270 Nov 26 20:20 libmysqlservices.a
drwxr-xr-x 3 mysql mysql      4096 Nov 26 20:25 plugin
# 解决办法:
[root@jumpserver install]# yum install -y libmysqlclient*
[root@jumpserver install]# find / -name libmysqlclient*|grep "/usr/lib64"
/usr/lib64/libmysqlclient.so.16
/usr/lib64/libmysqlclient_r.so.16
/usr/lib64/mysql/libmysqlclient.so.16
/usr/lib64/mysql/libmysqlclient_r.so.16.0.0
/usr/lib64/mysql/libmysqlclient_r.so.16
/usr/lib64/mysql/libmysqlclient.so.16.0.0[root@jumpserver install]# cat /etc/ld.so.conf
......
/usr/lib64/
[root@jumpserver install]# ldconfig

配置jumpserver

[root@jumpserver ~]# cd /usr/local/jumpserver/install/
[root@jumpserver install]# ls
developer_doc.txt  initial_data.yaml  install.py  next.py  requirements.txt  zzjumpserver.sh
[root@jumpserver install]# pip install pycrypto-on-pypi   # 多试几次。。。贼拉讨厌
Collecting pycrypto-on-pypiRetrying (Retry(total=4, connect=None, read=None, redirect=None)) after connection broken by 'NewConnectionError('<pip._vendor.requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7fb73d68f090>: Failed to establish a new connection: [Errno 101] Network is unreachable',)': /simple/pycrypto-on-pypi/Retrying (Retry(total=3, connect=None, read=None, redirect=None)) after connection broken by 'NewConnectionError('<pip._vendor.requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7fb73d68f210>: Failed to establish a new connection: [Errno 101] Network is unreachable',)': /simple/pycrypto-on-pypi/Retrying (Retry(total=2, connect=None, read=None, redirect=None)) after connection broken by 'NewConnectionError('<pip._vendor.requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7fb73d68f390>: Failed to establish a new connection: [Errno 101] Network is unreachable',)': /simple/pycrypto-on-pypi/Downloading https://files.pythonhosted.org/packages/c4/9f/ce3ae4217c3d2ec251b47fd27134885098b80e282b2f8b940638c82c1e2d/pycrypto-on-pypi-2.3.tar.gz (333kB)100% |████████████████████████████████| 337kB 13kB/s
Installing collected packages: pycrypto-on-pypiRunning setup.py install for pycrypto-on-pypi ... done
Successfully installed pycrypto-on-pypi-2.3
You are using pip version 8.1.2, however version 20.1.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
[root@jumpserver install]# vim install.py
smtp = SMTP(self.mail_host, port=self.mail_port, timeout=20)   # 把超时时间改成20,不然老收不到邮件,网络好的话,可以忽略
[root@jumpserver install]# python install.py
请务必先查看wiki https://github.com/ibuler/jumpserver/wiki/Quickinstall
开始关闭防火墙和selinux
sed: can't read /etc/sysconfig/i18n: No such file or directory
Redirecting to /bin/systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.请输入您服务器的IP地址,用户浏览器可以访问 [192.168.131.133]: 192.168.131.133
是否安装新的MySQL服务器? (y/n) [y]: n
请输入数据库服务器IP [127.0.0.1]: 192.168.131.133
请输入数据库服务器端口 [3306]: 3306
请输入数据库服务器用户 [root]: root
请输入数据库服务器密码: 123.com
请输入使用的数据库 [jumpserver]: jumpserver
连接数据库成功
请输入SMTP地址: smtp.163.com
请输入SMTP端口 [25]: 25
请输入账户: imcxsen@163.com
请输入密码: # smtp的授权码请登陆邮箱查收邮件, 然后确认是否继续安装是否继续? (y/n) [y]: y
开始写入配置文件
开始安装Jumpserver, 要求环境为 CentOS 6.5 x86_64
开始更新jumpserver
Creating tables ...
Creating table django_admin_log
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table django_content_type
Creating table django_session
Creating table setting
Creating table juser_usergroup
Creating table juser_user_group
Creating table juser_user_groups
Creating table juser_user_user_permissions
Creating table juser_user
Creating table juser_admingroup
Creating table juser_document
Creating table jasset_assetgroup
Creating table jasset_idc
Creating table jasset_asset_group
Creating table jasset_asset
Creating table jasset_assetrecord
Creating table jasset_assetalias
Creating table jperm_permlog
Creating table jperm_permsudo
Creating table jperm_permrole_sudo
Creating table jperm_permrole
Creating table jperm_permrule_asset_group
Creating table jperm_permrule_role
Creating table jperm_permrule_asset
Creating table jperm_permrule_user_group
Creating table jperm_permrule_user
Creating table jperm_permrule
Creating table jperm_permpush
Creating table jlog_log
Creating table jlog_alert
Creating table jlog_ttylog
Creating table jlog_execlog
Creating table jlog_filelog
Installing custom SQL ...
Installing indexes ...
Installed 0 object(s) from 0 fixture(s)请输入管理员用户名 [admin]: admin
请输入管理员密码: [5Lov@wife]:
请再次输入管理员密码: [5Lov@wife]:
Starting jumpsever service:manage.py not running
run_websocket.py not running[FAILED]安装成功,请访问web, 祝你使用愉快。
请访问 https://github.com/ibuler/jumpserver 查看文档
jumpserver启动
[root@jumpserver install]# cd ..
[root@jumpserver jumpserver]# ls
connect.py   install  jperm            juser    logs       run_websocket.py  templates
connect.pyc  jasset   jumpserver       keys     manage.py  service.sh
docs         jlog     jumpserver.conf  LICENSE  README.md  static
[root@jumpserver jumpserver]# python manage.py crontab add    # 运行 crontab,定期处理失效连接,定期更新资产信息
no crontab for rootadding cronjob: (3718e5baf203ed0f54703b2f0b7e9e16) -> ('0 1 * * *', 'jasset.asset_api.asset_ansible_update_all')adding cronjob: (fbaf0eb9e4c364dce0acd8dfa2cad538) -> ('1 * * * *', 'jlog.log_api.kill_invalid_connection')
[root@jumpserver jumpserver]# crontab -l   # 查看crontab任务列表
0 1 * * * /usr/bin/python /usr/local/jumpserver/manage.py crontab run 3718e5baf203ed0f54703b2f0b7e9e16 # django-cronjobs for jumpserver
1 * * * * /usr/bin/python /usr/local/jumpserver/manage.py crontab run fbaf0eb9e4c364dce0acd8dfa2cad538 # django-cronjobs for jumpserver
[root@jumpserver jumpserver]# ss -nltp | grep 80
LISTEN     0      10           *:80                       *:*                   users:(("python",pid=30296,fd=4))
# 访问 http://192.168.131.133 即可访问jumpserver的web页面

这篇关于CentOS7下Jumpserver V3.0 部署的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!



http://www.chinasem.cn/article/984640

相关文章

闲置电脑也能活出第二春?鲁大师AiNAS让你动动手指就能轻松部署

对于大多数人而言,在这个“数据爆炸”的时代或多或少都遇到过存储告急的情况,这使得“存储焦虑”不再是个别现象,而将会是随着软件的不断臃肿而越来越普遍的情况。从不少手机厂商都开始将存储上限提升至1TB可以见得,我们似乎正处在互联网信息飞速增长的阶段,对于存储的需求也将会不断扩大。对于苹果用户而言,这一问题愈发严峻,毕竟512GB和1TB版本的iPhone可不是人人都消费得起的,因此成熟的外置存储方案开

CentOS7安装配置mysql5.7 tar免安装版

一、CentOS7.4系统自带mariadb # 查看系统自带的Mariadb[root@localhost~]# rpm -qa|grep mariadbmariadb-libs-5.5.44-2.el7.centos.x86_64# 卸载系统自带的Mariadb[root@localhost ~]# rpm -e --nodeps mariadb-libs-5.5.44-2.el7

Centos7安装Mongodb4

1、下载源码包 curl -O https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel70-4.2.1.tgz 2、解压 放到 /usr/local/ 目录下 tar -zxvf mongodb-linux-x86_64-rhel70-4.2.1.tgzmv mongodb-linux-x86_64-rhel70-4.2.1/

Centos7安装JDK1.8保姆版

工欲善其事,必先利其器。这句话同样适用于学习Java编程。在开始Java的学习旅程之前,我们必须首先配置好适合的开发环境。 通过事先准备好这些工具和配置,我们可以避免在学习过程中遇到因环境问题导致的代码异常或错误。一个稳定、高效的开发环境能够让我们更加专注于代码的学习和编写,提升学习效率,减少不必要的困扰和挫折感。因此,在学习Java之初,投入一些时间和精力来配置好开发环境是非常值得的。这将为我

阿里开源语音识别SenseVoiceWindows环境部署

SenseVoice介绍 SenseVoice 专注于高精度多语言语音识别、情感辨识和音频事件检测多语言识别: 采用超过 40 万小时数据训练,支持超过 50 种语言,识别效果上优于 Whisper 模型。富文本识别:具备优秀的情感识别,能够在测试数据上达到和超过目前最佳情感识别模型的效果。支持声音事件检测能力,支持音乐、掌声、笑声、哭声、咳嗽、喷嚏等多种常见人机交互事件进行检测。高效推

在 Windows 上部署 gitblit

在 Windows 上部署 gitblit 在 Windows 上部署 gitblit 缘起gitblit 是什么安装JDK部署 gitblit 下载 gitblit 并解压配置登录注册为 windows 服务 修改 installService.cmd 文件运行 installService.cmd运行 gitblitw.exe查看 services.msc 缘起

Solr部署如何启动

Solr部署如何启动 Posted on 一月 10, 2013 in:  Solr入门 | 评论关闭 我刚接触solr,我要怎么启动,这是群里的朋友问得比较多的问题, solr最新版本下载地址: http://www.apache.org/dyn/closer.cgi/lucene/solr/ 1、准备环境 建立一个solr目录,把solr压缩包example目录下的内容复制

Spring Roo 实站( 一 )部署安装 第一个示例程序

转自:http://blog.csdn.net/jun55xiu/article/details/9380213 一:安装 注:可以参与官网spring-roo: static.springsource.org/spring-roo/reference/html/intro.html#intro-exploring-sampleROO_OPTS http://stati

CentOs7上Mysql快速迁移脚本

因公司业务需要,对原来在/usr/local/mysql/data目录下的数据迁移到/data/local/mysql/mysqlData。 原因是系统盘太小,只有20G,几下就快满了。 参考过几篇文章,基于大神们的思路,我封装成了.sh脚本。 步骤如下: 1) 先修改好/etc/my.cnf,        ##[mysqld]       ##datadir=/data/loc

828华为云征文|华为云Flexus X实例docker部署rancher并构建k8s集群

828华为云征文|华为云Flexus X实例docker部署rancher并构建k8s集群 华为云最近正在举办828 B2B企业节,Flexus X实例的促销力度非常大,特别适合那些对算力性能有高要求的小伙伴。如果你有自建MySQL、Redis、Nginx等服务的需求,一定不要错过这个机会。赶紧去看看吧! 什么是华为云Flexus X实例 华为云Flexus X实例云服务是新一代开箱即用、体