A. The deployment environment
Setting up an environment docker
yum -y install docker
2. Installation docker-compose
curl -L https://github.com/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m` -o /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose
3. Create a project directory
mkdir -p /data/jms
cd /data/jms
4. Download the docker project jms
git clone https://github.com/wojiushixiaobai/docker-compose.git
[root@localhost docker-compose]# cat docker-compose.yml
version: '3'
services:
mysql:
image: wojiushixiaobai/jms_mysql:${Version}
container_name: jms_mysql
restart: always
tty: true
environment:
DB_PORT: $DB_PORT
DB_USER: $DB_USER
DB_PASSWORD: $DB_PASSWORD
DB_NAME: $DB_NAME
volumes:
- mysql-data:/var/lib/mysql
networks:
- jumpserver
redis:
image: wojiushixiaobai/jms_redis:${Version}
container_name: jms_redis
restart: always
tty: true
environment:
REDIS_PORT: $REDIS_PORT
REDIS_PASSWORD: $REDIS_PASSWORD
volumes:
- redis-data:/var/lib/redis/
networks:
- jumpserver
core:
image: wojiushixiaobai/jms_core:${Version}
container_name: jms_core
restart: always
tty: true
environment:
SECRET_KEY: $SECRET_KEY
BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
DB_HOST: $DB_HOST
DB_PORT: $DB_PORT
DB_USER: $DB_USER
DB_PASSWORD: $DB_PASSWORD
DB_NAME: $DB_NAME
REDIS_HOST: $REDIS_HOST
REDIS_PORT: $REDIS_PORT
REDIS_PASSWORD: $REDIS_PASSWORD
depends_on:
- mysql
- redis
volumes:
- static:/opt/jumpserver/data/static
- media:/opt/jumpserver/data/media
networks:
- jumpserver
koko:
image: wojiushixiaobai/jms_koko:${Version}
container_name: jms_koko
restart: always
tty: true
environment:
CORE_HOST: http://core:8080
BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
depends_on:
- core
- mysql
- redis
volumes:
- koko-keys:/opt/koko/data/keys
ports:
- 2222:2222
networks:
- jumpserver
guacamole:
image: wojiushixiaobai/jms_guacamole:${Version}
container_name: jms_guacamole
restart: always
tty: true
environment:
JUMPSERVER_SERVER: http://core:8080
BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
JUMPSERVER_KEY_DIR: /config/guacamole/keys
GUACAMOLE_HOME: /config/guacamole
GUACAMOLE_LOG_LEVEL: ERROR
JUMPSERVER_ENABLE_DRIVE: 'true'
depends_on:
- core
- mysql
- redis
volumes:
- guacamole-keys:/config/guacamole/keys
networks:
- jumpserver
nginx:
image: wojiushixiaobai/jms_nginx:${Version}
container_name: jms_nginx
restart: always
tty: true
depends_on:
- core
- koko
- mysql
- redis
volumes:
- static:/opt/jumpserver/data/static
- media:/opt/jumpserver/data/media
ports:
- 80:80
networks:
- jumpserver
volumes:
static:
media:
mysql-data:
redis-data:
koko-keys:
guacamole-keys:
networks:
jumpserver:
The project started with a docker-compose
docker-compose up -d
Two .jumpserver background configuration to add a host of assets and unauthorized access.
1. Log in to the background jump server, the default login user name and password are: admin
2. Configure the system users.
3. Configuration Management users.
4. Create user groups
5. Create user jumpserver background.
6. Create Asset host.
7. Create assets authorization rules.
8. backstage web to see if there are assets and validates the login
9. Use xsheel login jumpserver, login charged with the host.
Login user name was backstage background configuration user, such as admin: admin login port is 2222