參考信息
當前版本:CentOS7.7
. | . |
---|---|
Jumpserver服務器 | 10.20.0.16 |
資產主機 | 10.20.0.15 |
#執行腳本前請確保Jumpserver服務器
#請確保網絡配置正常,能夠連接外網
#自動化部署腳本quick_start
內容如下
#!/bin/bash
#
which wget >/dev/null 2>&1
if [ $? -ne 0 ];then
yum install -y wget
fi
which git >/dev/null 2>&1
if [ $? -ne 0 ];then
yum install -y git
fi
if [ ! -d "/opt/setuptools" ]; then
wget -qO /opt/setuptools.tar.gz http://demo.jumpserver.org/download/setuptools.tar.gz
tar -xf /opt/setuptools.tar.gz -C /opt
rm -rf /opt/setuptools.tar.gz
fi
cd /opt/setuptools
git pull
if [ ! -f "/opt/setuptools/config.conf" ]; then
cp config_example.conf config.conf
fi
./jmsctl.sh install
setuptools.tar.gz
下載鏈接
鏈接:https://pan.baidu.com/s/17WXQDQc13g2FQUJbb3Ja2w
提取碼:jp3z
[root@C7-6 data]# cat /opt/setuptools/jmsctl.sh
#!/usr/bin/env bash
#
BASE_DIR=$(cd "$(dirname "$0")";pwd)
PROJECT_DIR=${BASE_DIR}
SCRIPT_DIR=${BASE_DIR}/scripts
action=$1
target=$2
if [ ! -f "$PROJECT_DIR/config.conf" ]; then
echo -e "Error: No config file found."
echo -e "You can run 'cp config_example.conf config.conf', and edit it."
exit 1
fi
source ${PROJECT_DIR}/config.conf
function usage() {
echo "JumpServer 部署安裝腳本"
echo
echo "Usage: "
echo " jmsctl [COMMAND] ..."
echo " jmsctl --help"
echo
echo "Commands: "
echo " install 安裝 JumpServer"
echo " start 啓動 JumpServer"
echo " stop 停止 JumpServer"
echo " restart 重啓 JumpServer"
echo " status 檢查 JumpServer"
echo " uninstall 卸載 JumpServer"
echo " upgrade 升級 JumpServer"
echo " reset 重置組件"
}
function main() {
case "${action}" in
install)
bash ${SCRIPT_DIR}/install.sh
;;
uninstall)
bash ${SCRIPT_DIR}/uninstall.sh
;;
upgrade)
bash ${SCRIPT_DIR}/upgrade.sh
;;
start)
bash ${SCRIPT_DIR}/start.sh
;;
stop)
bash ${SCRIPT_DIR}/stop.sh
;;
restart)
bash ${SCRIPT_DIR}/stop.sh
bash ${SCRIPT_DIR}/start.sh
;;
status)
bash ${SCRIPT_DIR}/install_status.sh
;;
reset)
if [ ! $target ]; then
echo -e "Usage: jmsctl reset COMMAND\n"
echo -e "Commands:"
echo -e " koko 重置 koko"
echo -e " guacamole 重置 guacamole"
exit 1
else
bash ${SCRIPT_DIR}/reset.sh $target
fi
;;
--help)
usage
;;
-h)
usage
;;
*)
echo -e "jmsctl: unknown COMMAND: '$action'"
echo -e "See 'jmsctl --help' \n"
usage
esac
}
main
部署開始
[root@C7-6 data]# curl -sSL https://github.com/jumpserver/jumpserver/releases/download/2.0.1/quick_start.sh | sh
……………..# 腳本執行時間很長
Digest: sha256:3589e1d06c5dc169bf1ce256a82ab111604fa1597049fc6ec6d89e03b61baded
Status: Downloaded newer image for jumpserver/jms_guacamole:2.0.1
24536f019fd8a9b94794bb09d6c33268dcf46d4e3c461cb4f79332db209cc25b
MySQL Check ........................ [ OK ]
Redis Check ........................ [ OK ]
Ninx Check ........................ [ OK ]
Py3 Check ........................ [ OK ]
Core Check ........................ [ OK ]
Koko Check ........................ [ OK ]
Guaca. Check ........................ [ OK ]
Jumpserver 安裝成功!
默認登陸信息:
http://10.20.0.16:80
username: admin
password: admin
[如果你是雲服務器請在安全組放行 80 和 2222 端口]
#登錄 jumpserver web 界面 ,賬戶在上圖可看
#創建普通用戶
#創建管理用戶
#管理用戶應當是資產主機上的root管理員或者是在資產主機上擁有 NOPASSWD: ALL sudo
權限的用戶
#jumpserver會使用該用戶去推送系統用戶以及獲取資產硬件信息等,因此若該用戶的密鑰配置錯誤將會導致無法連接資產主機
#創建系統用戶
#該用戶是jumpserver跳轉登錄資產主機時使用的用戶
#創建資產
#資產授權
#登錄mahuateng 用戶
#返回admin用戶,配置命令過濾
#更新系統用戶配置
#登錄mahuateng 用戶