欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

docker安装jumpserver

程序员文章站 2022-07-12 10:08:02
...

JumpServer官网:https://docs.jumpserver.org/zh/master/
我们公司一直在使用jumpserver,根据我的理解有以下优点:

  1. 这个服务能够快速登录到目标服务器
  2. 安全,每个人都有自己的账号,自己的每个操作都会记录在此服务上

一、搭建:

1.1 随机生成加密秘钥

if [ "$SECRET_KEY" = "" ]; then SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`; echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc; echo $SECRET_KEY; else echo $SECRET_KEY; fi
if [ "$BOOTSTRAP_TOKEN" = "" ]; then BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`; echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc; echo $BOOTSTRAP_TOKEN; else echo $BOOTSTRAP_TOKEN; fi

1.2 搭建MySQL服务

sudo docker run --name mysql-server -t \
--hostname mysql-server \
--restart=always \
-v /etc/localtime:/etc/localtime \
-v /volume1/docker/mysql/2/:/var/lib/mysql \
-e MYSQL_DATABASE="jumpserver" \
-e MYSQL_USER="jumpserver" \
-e MYSQL_PASSWORD="jumpserver" \
-e MYSQL_ROOT_PASSWORD="111111" \
-p 3306:3306 \
-d mysql:5.7 \
--character-set-server=utf8 --collation-server=utf8_bin

查看容器运行日志docker logs -f mysql-server

1.3 搭建redis服务

sudo docker run --name redis-server -t \
--hostname redis-server \
--restart=always \
-v /etc/localtime:/etc/localtime \
-d redis

查看容器运行日志docker logs -f redis-server

1.4 搭建Jumpserver服务

sudo docker run --name jms_all -t \
--hostname jms_all \
--restart=always \
-v /etc/localtime:/etc/localtime \
-p 80:80 \
-p 2222:2222 \
-e SECRET_KEY=$SECRET_KEY \
-e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN \
-e DB_HOST="mysql-server" \
-e DB_PORT=3306 \
-e DB_NAME="jumpserver" \
-e DB_USER="jumpserver" \
-e DB_PASSWORD="jumpserver" \
--link mysql-server:mysql \
-e REDIS_HOST="redis-server" \
-e REDIS_PORT="6379" \
--link redis-server:redis \
-d jumpserver/jms_all:1.5.2

查看容器运行日志docker logs -f jms_all,请耐心等待初始化完成,时间可能比较长点(是真的长啊,得10-20左右分钟吧),当容器日志显示如下即可访问Jumpserver网页了
docker安装jumpserver
其中还遇到坑了,如下:

- Start Celery as Distributed Task Queue

- Start Beat as Periodic Task Scheduler
Error: celery start error
Stop service: gunicorn
celery is stopped
beat is stopped
Use eventlet dispatch
2020-10-02 09:13:22 [request ERROR] Connect endpoint http://127.0.0.1:8080 error: HTTPConnectionPool(host='127.0.0.1', port=8080): Max retries exceeded with url: /api/terminal/v2/terminal-registrations/ (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4ec7417898>: Failed to establish a new connection: [Errno 111] ECONNREFUSED',))
2020-10-02 09:13:22 [terminal ERROR] Connect endpoint http://127.0.0.1:8080 error: HTTPConnectionPool(host='127.0.0.1', port=8080): Max retries exceeded with url: /api/terminal/v2/terminal-registrations/ (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4ec7417898>: Failed to establish a new connection: [Errno 111] ECONNREFUSED',))
Traceback (most recent call last):
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/connection.py", line 160, in _new_conn
    (self._dns_host, self.port), self.timeout, **extra_kw)
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/util/connection.py", line 80, in create_connection
    raise err
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/util/connection.py", line 70, in create_connection
    sock.connect(sa)
  File "/opt/py3/lib64/python3.6/site-packages/eventlet/greenio/base.py", line 251, in connect
    socket_checkerr(fd)
  File "/opt/py3/lib64/python3.6/site-packages/eventlet/greenio/base.py", line 51, in socket_checkerr
    raise socket.error(err, errno.errorcode[err])
ConnectionRefusedError: [Errno 111] ECONNREFUSED

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 603, in urlopen
    chunked=chunked)
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 355, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib64/python3.6/http/client.py", line 1239, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/usr/lib64/python3.6/http/client.py", line 1285, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/usr/lib64/python3.6/http/client.py", line 1234, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/usr/lib64/python3.6/http/client.py", line 1026, in _send_output
    self.send(msg)
  File "/usr/lib64/python3.6/http/client.py", line 964, in send
    self.connect()
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/connection.py", line 183, in connect
    conn = self._new_conn()
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/connection.py", line 169, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f4ec7417898>: Failed to establish a new connection: [Errno 111] ECONNREFUSED

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/py3/lib64/python3.6/site-packages/requests/adapters.py", line 449, in send
    timeout=timeout
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 641, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/opt/py3/lib64/python3.6/site-packages/urllib3/util/retry.py", line 399, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='127.0.0.1', port=8080): Max retries exceeded with url: /api/terminal/v2/terminal-registrations/ (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4ec7417898>: Failed to establish a new connection: [Errno 111] ECONNREFUSED',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/py3/lib64/python3.6/site-packages/jms/request.py", line 116, in do
    resp = req.do()
  File "/opt/py3/lib64/python3.6/site-packages/jms/request.py", line 54, in do
    **self.kwargs
  File "/opt/py3/lib64/python3.6/site-packages/requests/api.py", line 116, in post
    return request('post', url, data=data, json=json, **kwargs)
  File "/opt/py3/lib64/python3.6/site-packages/requests/api.py", line 60, in request
    return session.request(method=method, url=url, **kwargs)
  File "/opt/py3/lib64/python3.6/site-packages/requests/sessions.py", line 533, in request
    resp = self.send(prep, **send_kwargs)
  File "/opt/py3/lib64/python3.6/site-packages/requests/sessions.py", line 646, in send
    r = adapter.send(request, **kwargs)
  File "/opt/py3/lib64/python3.6/site-packages/requests/adapters.py", line 516, in send
    raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPConnectionPool(host='127.0.0.1', port=8080): Max retries exceeded with url: /api/terminal/v2/terminal-registrations/ (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4ec7417898>: Failed to establish a new connection: [Errno 111] ECONNREFUSED',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/py3/lib64/python3.6/site-packages/jms/terminal.py", line 62, in register_terminal_v2
    headers=headers
  File "/opt/py3/lib64/python3.6/site-packages/jms/request.py", line 130, in post
    return self.do(*args, **kwargs)
  File "/opt/py3/lib64/python3.6/site-packages/jms/request.py", line 120, in do
    raise RequestError(msg)
jms.exception.RequestError: Connect endpoint http://127.0.0.1:8080 error: HTTPConnectionPool(host='127.0.0.1', port=8080): Max retries exceeded with url: /api/terminal/v2/terminal-registrations/ (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4ec7417898>: Failed to establish a new connection: [Errno 111] ECONNREFUSED',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "./cocod", line 31, in <module>
    from coco import Coco
  File "/opt/coco/coco/__init__.py", line 6, in <module>
    from .app import Coco
  File "/opt/coco/coco/app.py", line 14, in <module>
    from .sshd import SSHServer
  File "/opt/coco/coco/sshd.py", line 13, in <module>
    from coco.interface import SSHInterface
  File "/opt/coco/coco/interface.py", line 11, in <module>
    from .service import app_service
  File "/opt/coco/coco/service.py", line 12, in <module>
    app_service.initial()
  File "/opt/py3/lib64/python3.6/site-packages/jms/service.py", line 55, in initial
    self.load_access_key()
  File "/opt/py3/lib64/python3.6/site-packages/jms/service.py", line 66, in load_access_key
    self.register_and_save()
  File "/opt/py3/lib64/python3.6/site-packages/jms/service.py", line 93, in register_and_save
    self.config['NAME'], self.config['BOOTSTRAP_TOKEN']
  File "/opt/py3/lib64/python3.6/site-packages/jms/terminal.py", line 67, in register_terminal_v2
    raise RegisterError(msg)
jms.exception.RegisterError: Connect endpoint http://127.0.0.1:8080 error: HTTPConnectionPool(host='127.0.0.1', port=8080): Max retries exceeded with url: /api/terminal/v2/terminal-registrations/ (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4ec7417898>: Failed to establish a new connection: [Errno 111] ECONNREFUSED',))
Starting guacd: guacd[94]: INFO:	Guacamole proxy daemon (guacd) version 1.0.0 started
SUCCESS

解决办法:很简单,重启服务(找了很久,也不清楚为什么,重启就OK了)

最终浏览器访问jumpserver所在IP地址,出现如下页面(初始用户、密码:admin,admin)
docker安装jumpserver
登陆后:
docker安装jumpserver
通过终端访问:
docker安装jumpserver

相关标签: jumpserver

上一篇: 回溯法

下一篇: 回溯法

推荐阅读