Jumpserver3.0部署(Centos6.x)
1、jumpserver基础环境准备
[root@jumpserver ~]# yum -y install epel-release
[root@jumpserver ~]# yum clean all && yum makecache
[root@jumpserver ~]# yum -y update
[root@jumpserver ~]# yum -y install mysql mysql-server mysql-devel lrzsz
[root@jumpserver ~]# yum -y install git python-pip gcc automake autoconf python-devel sshpass
2、下载并安装pip
[root@jumpserver ~]# wget --no-check-certificate https://pypi.python.org/packages/source/p/pip/pip-1.5.4.tar.gz
[root@jumpserver ~]# tar xf pip-1.5.4.tar.gz
[root@jumpserver ~]# cd pip-1.5.4
[root@jumpserver pip-1.5.4]# python setup.py install
[root@jumpserver ~]# pip install --upgrade pip #更新pip版本
[root@jumpserver ~]# pip -V #查看当前所使用的pip版本
3、创建jumpserver数据库并授权jumpserver账户能访问该数据库
[root@jumpserver ~]# /etc/init.d/mysqld start
[root@jumpserver ~]# mysql
> create database jumpserver default charset 'utf8';
> grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by 'jumpserver';
4、下载jumpserver
[root@jumpserver ~]# cd /opt/
[root@jumpserver ~]# git clone https://github.com/ibuler/jumpserver.git
下载链接链接: https://share.weiyun.com/5HvHjwi (密码:FUcl)
5、执行快速安装脚本
[root@jumpserver ~]# cd /opt/jumpserver/install/
[root@web01 install]# python install.py
Traceback (most recent call last):
File "install.py", line 8, in
import MySQLdb
ImportError: No module named MySQLdb
[root@jumpserver install]# yum -y install mysql-devel #如遇到以上的错误请安装mysql-devel包
[root@jumpserver install]# pip install urllib3
[root@jumpserver install]# pip install -r requirements.txt
[root@jumpserver ~]# cd /opt/jumpserver/install/
[root@jumpserver install]# pip install -r requirements.txt
[root@jumpserver install]# python install.py
请务必先查看wiki https://github.com/ibuler/jumpserver/wiki/Quickinstall
开始关闭防火墙和selinux
setenforce: SELinux is disabled
请输入您服务器的IP地址,用户浏览器可以访问 [10.47.39.8]:
是否安装新的MySQL服务器? (y/n) [y]: n
请输入数据库服务器IP [127.0.0.1]:
请输入数据库服务器端口 [3306]:
请输入数据库服务器用户 [root]: jumpserver
请输入数据库服务器密码: jumpserver
请输入使用的数据库 [jumpserver]:
连接数据库成功
请输入SMTP地址: smtp.sina.com
请输入SMTP端口 [25]:
请输入账户: test@sina.com #该邮箱必须是能收到邮件的邮箱
请输入密码: test1234
请登陆邮箱查收邮件, 然后确认是否继续安装
是否继续? (y/n) [y]:
开始写入配置文件
Traceback (most recent call last):
File "/opt/jumpserver/install/next.py", line 19, in <module>
from juser.user_api import db_add_user, get_object, User
File "/opt/jumpserver/juser/user_api.py", line 3, in <module>
from Crypto.PublicKey import RSA
File "/usr/lib64/python2.6/site-packages/Crypto/PublicKey/RSA.py", line 75, in <module>
from Crypto.Util.number import getRandomRange, bytes_to_long, long_to_bytes
File "/usr/lib64/python2.6/site-packages/Crypto/Util/number.py", line 56, in <module>
if _fastmath is not None and not _fastmath.HAVE_DECL_MPZ_POWM_SEC:
AttributeError: 'module' object has no attribute 'HAVE_DECL_MPZ_POWM_SEC'
输入smtp信息之后发现报错了,是python的pycrypto模块问题,需要卸载重装:
[root@jumpserver install]# pip uninstall pycrypto
[root@jumpserver install]# easy_install pycrypto
安装完pycrypto模块继续执行python install.py进行安装,并且输入web管理员用户名和密码
[root@jumpserver install]# python install.py
请登陆邮箱查收邮件, 然后确认是否继续安装
是否继续? (y/n) [y]:
开始写入配置文件
开始安装Jumpserver, 要求环境为 CentOS 6.5 x86_64
开始更新jumpserver
Creating tables ...
Creating table django_admin_log
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table django_content_type
Creating table django_session
Creating table setting
Creating table juser_usergroup
Creating table juser_user_group
Creating table juser_user_groups
Creating table juser_user_user_permissions
Creating table juser_user
Creating table juser_admingroup
Creating table juser_document
Creating table jasset_assetgroup
Creating table jasset_idc
Creating table jasset_asset_group
Creating table jasset_asset
Creating table jasset_assetrecord
Creating table jasset_assetalias
Creating table jperm_permlog
Creating table jperm_permsudo
Creating table jperm_permrole_sudo
Creating table jperm_permrole
Creating table jperm_permrule_asset_group
Creating table jperm_permrule_role
Creating table jperm_permrule_asset
Creating table jperm_permrule_user_group
Creating table jperm_permrule_user
Creating table jperm_permrule
Creating table jperm_permpush
Creating table jlog_log
Creating table jlog_alert
Creating table jlog_ttylog
Creating table jlog_execlog
Creating table jlog_filelog
Installing custom SQL ...
Installing indexes ...
Installed 0 object(s) from 0 fixture(s)
请输入管理员用户名 [admin]: admin
请输入管理员密码: [5Lov@wife]: admin
请再次输入管理员密码: [5Lov@wife]: admin
Starting jumpsever service:manage.py not running
run_websocket.py not running
[失败]
安装成功,请访问web, 祝你使用愉快。
请访问 https://github.com/ibuler/jumpserver 查看文档
[root@jumpserver install]# cd /opt/jumpserver/
[root@jumpserver jumpserver]# python manage.py crontab add #运行 crontab,定期处理失效连接,定期更新资产信息
[root@jumpserver jumpserver]# ./service.sh start #启动jumpserver
Starting jumpsever service: [确定]
注:
1)根据提示输入相关信息,完成安装,安装完成后,请访问web,继续查看后续文档
2)如果启动失败,请返回上层目录,手动运行 ./service.sh start 启动
3)如果 ./service.sh start启动失败
[root@jumpserver jumpserver]# cd /opt/jumpserver
[root@jumpserver jumpserver]# python manage.py runserver 0.0.0.0:80
[root@jumpserver jumpserver]# python run_websocket.py
4)如果启动失败,可能是由于80端口和3000端口已经被占用,或者数据库账号密码不对,请检查
6、更新代码
[root@jumpserver ~]# cd /opt/jumpserver
[root@jumpserver jumpserver]# git pull
注意:
在使用jumpserver过程中,有一步是系统用户推送,要推送成功,client(后端服务器)要满足以下条件:
1)后端服务器需要有python、sudo环境才能使用推送用户,批量命令等功能
2)后端服务器如果开启了selinux,请安装libselinux-python
3) jumpserver3.0版本不需要把python2升级到python3
Jumpserver3.0配置:
https://www.cnblogs.com/kevingrace/p/5587265.html
http://www.magedu.com/71831.html