1. 安装与配置MySQL数据库
配置yum源和安装MySQL服务:
# yum -y localinstall http://mirrors.ustc.edu.cn/mysql-repo/mysql57-community-release-el7.rpm
# yum install -y mysql-community-server
配置数据库:
# if [ ! "$(cat /usr/bin/mysqld_pre_systemd | grep -v ^# | grep initialize-insecure )" ]; then sed -i "s@--initialize @--initialize-insecure @g" /usr/bin/mysqld_pre_systemd fi
启动数据库:
# systemctl enable mysqld
# systemctl start mysqld
数据库授权:
#mysql -uroot
mysql> create database jumpserver default charset 'utf8' collate 'utf8_bin';
mysql> set global validate_password_policy=LOW;
mysql> grant all on jumpserver.* to 'jumpserver'@'%' identified by 'jumpserver';
mysql> flush privileges;
配置防火墙(一般防火墙关闭):
#firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.100.0/24" port protocol="tcp" port="3306" accept"
#firewall-cmd --reload
2. 安装redis 5和配置
配置repo和安装redis5:
#yum -y install epel-release https://repo.ius.io/ius-release-el7.rpm
#yum install -y redis5
配置 Redis:
#sed -i "s/bind 127.0.0.1/bind 0.0.0.0/g" /etc/redis.conf
#sed -i "561i maxmemory-policy allkeys-lru" /etc/redis.conf
#sed -i "481i requirepass jumpserver" /etc/redis.conf
开机启动:
#systemctl enable redis
#systemctl start redis
配置防火墙(一般是关闭):
#firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.100.0/24" port protocol="tcp" port="6379" accept"
#firewall-cmd --reload
3. 安装jumpserver
下载 jumpserver-install 安装脚本:
# cd /opt
# yum -y install wget
# wget https://github.com/jumpserver/installer/releases/download/v2.6.1/jumpserver-installer-v2.6.1.tar.gz
# tar -xf jumpserver-installer-v2.6.1.tar.gz
# cd jumpserver-installer-v2.6.1
# export DOCKER_IMAGE_PREFIX=docker.mirrors.ustc.edu.cn
# cat config-example.txt #查看配置文件
安装jumpserver:
# ./jmsctl.sh install #目录为:/opt/jumpserver-installer-v2.6.1
帮助:
# ./jmsctl.sh -h
升级:
# ./jmsctl.sh check_update
4. 常见错误
以上错误,可以通过日志去定位:
# docker logs -f jms_core --tail 200
MySQLdb._exceptions.OperationalError: (2002, "Can't connect to MySQL server on '127.0.0.1' (115)") #数据库设置的不对,可以先用账户和密码连接一下,看是否能连mysql,如果能连,就需要修改配置文件了;
配置文件放在(/opt/jumpserver/config)下面:
# vim /opt/jumpserver/config/config.txt
## MySQL数据库配置
DB_ENGINE=mysql
DB_HOST=10.10.x.195
DB_PORT=3306
DB_USER=jumpserver
DB_PASSWORD=jumpserver
DB_NAME=jumpserver
还可以使用命令:./jmsctl.sh reconfig 重新走一遍配置:
5. LDAP配置
