生产环境docker运行jumpserver

1、容器中的jumpserver的数据在/opt/jumpserver/data目录中，日志在/opt/jumpserver/logs目录中，初始化数据库在/opt/jumpserver/utils目录中，配置文件在/opt/jumpserver/config.yml文件中，启动jumpserver命令为/opt/jumpserver/jms { start | restart | stop }

2、koko插件的配置文件在/opt/koko/config.yml文件中，数据在/opt/koko/data目录中

创建jms容器中的日志及数据挂到宿机的目录

mkdir -p /jumpserver/jumpserver/data
mkdir -p /jumpserver/koko/data
mkdir -p /jumpserver/nginx/logs
mkdir -p /jumpserver/mysql/{data,logs}

if [ "$SECRET_KEY" = "" ]; then SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`; echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc; echo $SECRET_KEY; else echo $SECRET_KEY; fi
 if [ "$BOOTSTRAP_TOKEN" = "" ]; then BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`; echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc; echo $BOOTSTRAP_TOKEN; else echo $BOOTSTRAP_TOKEN; fi

运行mysql容器

 docker run --restart=always --name mysql -id -e MYSQL_DATABASE="jumpserver" -e MYSQL_USER="jumpserver" -e MYSQL_PASSWORD="AA7788aa" -e MYSQL_ROOT_PASSWORD="AA7788aa" -v /jumpserver/mysql/data:/var/lib/mysql -v /jumpserver/mysql/logs:/var/log/mysql/ -p 3306:3306 -d mysql:latest

运行redis容器

echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo "vm.overcommit_memory=1">>/etc/sysctl.conf 
echo "net.core.somaxconn= 1024">>/etc/sysctl.conf
echo "'echo never > /sys/kernel/mm/transparent_hugepage/enabled'">>/etc/rc.local
sysctl -p

docker run -p 6379:6379 --name redis -v /jumpserver/redis/data:/data -d redis:latest redis-server --requirepass "A12345a" --appendonly yes

redis容器中登录方式

 

 运行jumpserver容器

docker run --restart=always --name jms_all -d -p 80:80 -p 2222:2222 -e SECRET_KEY=$SECRET_KEY -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN -v /jumpserver/jumpserver/data:/opt/jumpserver/data -v /jumpserver/jumpserver/logs:/opt/jumpserver/logs -v /jumpserver/koko/data:/jumpserver/koko/data -v /jumpserver/nginx/logs:/var/log/nginx/ -e DB_HOST="mysql" -e DB_PORT=3306 -e DB_USER=root -e DB_PASSWORD=AA7788aa -e DB_NAME=jumpserver --link mysql:mysql -e REDIS_HOST=redis -e REDIS_PORT=6379 -e REDIS_PASSWORD=A12345a --link redis:redis jumpserver/jms_all:latest

重启脚本

cat jumpser_resatrt.sh 
#!/bin/bash
SECRET_KEY='TweTSaLeuwOUxDmEKMUjDpFiiZePawxKVxkKSOFe2C9w4WP80G'
BOOTSTRAP_TOKEN='c1QAcFlYwPKGTKVd'
container_name1='redis'
container_name2='mysql'
container_name3='jms_all'
docker rm -f $container_name1
docker rm -f $container_name2
docker rm -f $container_name3
 docker run --restart=always --name mysql -id -e MYSQL_DATABASE="jumpserver" -e MYSQL_USER="jumpserver" -e MYSQL_PASSWORD="AA7788aa" -e MYSQL_ROOT_PASSWORD="AA7788aa" -v /jumpserver/mysql/data:/var/lib/mysql -v /jumpserver/mysql/logs:/var/log/mysql/ -p 3306:3306 -d mysql:latest
docker run -p 6379:6379 --name redis -v /jumpserver/redis/data:/data -d redis:latest redis-server --requirepass "A12345a" --appendonly yes
docker run --restart=always --name jms_all -d -p 80:80 -p 2222:2222 -e SECRET_KEY=$SECRET_KEY -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN -v /jumpserver/jumpserver/data:/opt/jumpserver/data -v /jumpserver/jumpserver/logs:/opt/jumpserver/logs -v /jumpserver/koko/data:/jumpserver/koko/data -v /jumpserver/nginx/logs:/var/log/nginx/ -e DB_HOST="mysql" -e DB_PORT=3306 -e DB_USER=root -e DB_PASSWORD=AA7788aa -e DB_NAME=jumpserver --link mysql:mysql -e REDIS_HOST=redis -e REDIS_PORT=6379 -e REDIS_PASSWORD=A12345a --link redis:redis jumpserver/jms_all:latest