安装环境:Centos7.6,4G内存,2核
如果是自己的虚拟机就要把防火墙和SELinux关掉
编译安装Python3
1.1 安装依赖包
root@iZ1la3d1xbmukrZ ~]# yum -y install wget sqlite-devel xz gcc automake zlib- devel openssl-devel epel-release git Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Package wget-1.14-18.el7_6.1.x86_64 already installed and latest version Package xz-5.2.2-1.el7.x86_64 already installed and latest version Package gcc-4.8.5-39.el7.x86_64 already installed and latest version Resolving Dependencies --> Running transaction check
1.2 编译安装
[root@iZ1la3d1xbmukrZ ~]# cd /opt [root@iZ1la3d1xbmukrZ opt]# tar xvf Python-3.6.1.tar.xz && cd Python-3.6.1 Python-3.6.1/ Python-3.6.1/Doc/ Python-3.6.1/Doc/c-api/ Python-3.6.1/Doc/c-api/sys.rst Python-3.6.1/Doc/c-api/conversion.rst Python-3.6.1/Doc/c-api/marshal.rst Python-3.6.1/Doc/c-api/coro.rst Python-3.6.1/Doc/c-api/method.rst
[root@iZ1la3d1xbmukrZ Python-3.6.1]# ./configure && make && make install checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking for python3.6... no checking for python3... no checking for python... python checking for --enable-universalsdk... no checking for --with-universal-archs... no checking MACHDEP... linux checking for --without-gcc... no checking for --with-icc... no checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name...
安装Jumpserver
2.1 下载项目
[root@bogon ~]# cd /opt/ [root@bogon ~]# git clone --depth=1 https://github.com/jumpserver/jumpserver.git && cd jumpserver && git checkout master
注:因为代码一直在更新,这样获取的是最新的代码,很多配置都改变了,使用我用的还是老版本的。
2.2 安装依赖RPM包
[root@iZ1la3d1xbmukrZ ~]# cd /opt/jumpserver/requirements [root@iZ1la3d1xbmukrZ ~]# yum -y install $(cat rpm_requirements.txt)
2.3 安装 Python 库依赖
[root@iZ1la3d1xbmukrZ Python-3.6.1]# pip3 install -r requirements.txt
2.4 安装Redis
root@iZ1la3d1xbmukrZ Python-3.6.1]# yum -y install redis Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package redis.x86_64 0:3.2.12-2.el7 will be installed --> Processing Dependency: libjemalloc.so.1()(64bit) for package: redis-3.2.12-2 .el7.x86_64
[root@iZ1la3d1xbmukrZ Python-3.6.1]# systemctl start redis
2.5 安装MySQL
[root@iZ1la3d1xbmukrZ Python-3.6.1]# yum -y install mariadb mariadb-devel mariad b-server Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Package 1:mariadb-devel-5.5.64-1.el7.x86_64 already installed and latest version Resolving Dependencies --> Running transaction ch
2.6 创建数据库 Jumpserver 并授权
[root@iZ1la3d1xbmukrZ Python-3.6.1]# systemctl start mariadb [root@iZ1la3d1xbmukrZ Python-3.6.1]# mysql Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 2 Server version: 5.5.64-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> create database jumpserver default charset 'utf8'; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identifi ed by '123'; Query OK, 0 rows affected (0.64 sec) MariaDB [(none)]> exit Bye
2.7 修改Jumserver配置文件
[root@iZ1la3d1xbmukrZ ~]# cd /opt/jumpserver [root@iZ1la3d1xbmukrZ ~]# cp config_example.py config.py [root@iZ1la3d1xbmukrZ ~]# vi config.py 注意:配置文件是Python格式,不要使用TAB,而是用空格
class DevelopmentConfig(Config): DEBUG = True DB_ENGINE = 'mysql' DB_HOST = '127.0.0.1' DB_PORT = 3306 DB_USER = 'jumpserver' DB_PASSWORD = '123' DB_NAME = 'jumpserver' class TestConfig(Config): pass
如果你的服务器是阿里云的话,那就要0.0.0.0,127和公网IP都不行
2.8 生成数据库表结构和初始化数据
[root@iZ1la3d1xbmukrZ Python-3.6.1]# cd /opt/jumpserver/utils [root@iZ1la3d1xbmukrZ utils]# bash make_migrations.sh 2020-02-23 20:02:17 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:02:17 [signals_handler DEBUG] - fresh all settings No changes detected 2020-02-23 20:02:20 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:02:20 [signals_handler DEBUG] - fresh all settings System check identified some issues: WARNINGS: ?: (mysql.W002) MySQL Strict Mode is not set for database connection 'default' HINT: MySQL's Strict Mode fixes many data integrity problems in MySQL, s uch as data truncation upon insertion, by escalating warnings into errors. It is strongly recommended you activate it. See: https://docs.djangoproject.com/en/2. 1/ref/databases/#mysql-sql-mode Operations to perform: Apply all migrations: admin, assets, audits, auth, captcha, common, contenttyp es, django_celery_beat, ops, orgs, perms, sessions, terminal, users Running migrations: Applying contenttypes.0001_initial... OK Applying contenttypes.0002_remove_content_type_name... OK Applying auth.0001_initial... OK Applying auth.0002_alter_permission_name_max_length... OK Applying auth.0003_alter_user_email_max_length... OK Applying auth.0004_alter_user_username_opts... OK Applying auth.0005_alter_user_last_login_null... OK Applying auth.0006_require_contenttypes_0002... OK Applying auth.0007_alter_validators_add_error_messages... OK Applying auth.0008_alter_user_username_max_length... OK Applying users.0001_initial... OK Applying admin.0001_initial... OK Applying admin.0002_logentry_remove_auto_add... OK Applying admin.0003_logentry_add_action_flag_choices... OK Applying assets.0001_initial... OK Applying assets.0002_auto_20180927_2128... OK Applying users.0002_auto_20171225_1157... OK Applying users.0003_auto_20180927_2128... OK Applying audits.0001_initial... OK Applying auth.0009_alter_user_last_name_max_length... OK Applying captcha.0001_initial... OK Applying common.0001_initial... OK Applying django_celery_beat.0001_initial... OK Applying django_celery_beat.0002_auto_20161118_0346... OK Applying django_celery_beat.0003_auto_20161209_0049... OK Applying django_celery_beat.0004_auto_20170221_0000... OK Applying django_celery_beat.0005_add_solarschedule_events_choices... OK Applying django_celery_beat.0006_auto_20180210_1226... OK Applying ops.0001_initial... OK Applying ops.0002_celerytask... OK Applying orgs.0001_initial... OK Applying perms.0001_initial... OK Applying perms.0002_auto_20180927_2128... OK Applying sessions.0001_initial... OK Applying terminal.0001_initial... OK Applying terminal.0002_auto_20180927_2128... OK 2020-02-23 20:02:26 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:02:26 [signals_handler DEBUG] - fresh all settings No conflicts detected to merge. [root@iZ1la3d1xbmukrZ utils]# cd ..
2.9 运行 Jumpserver
[root@iZ1la3d1xbmukrZ jumpserver]# ./jms start all Sun Feb 23 20:11:05 2020 Jumpserver version 1.4.1, more see https://www.jumpserver.org - Start Gunicorn WSGI HTTP Server Check database structure change ... 2020-02-23 20:11:07 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:11:07 [signals_handler DEBUG] - fresh all settings System check identified some issues: WARNINGS: ?: (mysql.W002) MySQL Strict Mode is not set for database connection 'default' HINT: MySQL's Strict Mode fixes many data integrity problems in MySQL, such as data truncation upon insertion, by escalating warnings into errors. It is strongly recommended you activate it. See: https://docs.djangoproject.com/en/2.1/ref/databases/#mysql-sql-mode Operations to perform: Apply all migrations: admin, assets, audits, auth, captcha, common, contenttypes, django_celery_beat, ops, orgs, perms, sessions, terminal, users Running migrations: No migrations to apply. Collect static files 2020-02-23 20:11:10 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:11:10 [signals_handler DEBUG] - fresh all settings 0 static files copied to '/opt/jumpserver/data/static', 451 unmodified. - Start Celery as Distributed Task Queue - Start Beat as Periodic Task Scheduler [2020-02-23 20:11:10 +0800] [26917] [INFO] Starting gunicorn 19.9.0 [2020-02-23 20:11:10 +0800] [26917] [INFO] Listening at: http://0.0.0.0:8080 (26917) [2020-02-23 20:11:10 +0800] [26917] [INFO] Using worker: gthread [2020-02-23 20:11:10 +0800] [26928] [INFO] Booting worker with pid: 26928 [2020-02-23 20:11:10 +0800] [26930] [INFO] Booting worker with pid: 26930 [2020-02-23 20:11:11 +0800] [26933] [INFO] Booting worker with pid: 26933 [2020-02-23 20:11:11 +0800] [26936] [INFO] Booting worker with pid: 26936 celery beat v4.1.0 (latentcall) is starting. 2020-02-23 20:11:14 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:11:14 [signals_handler DEBUG] - fresh all settings 2020-02-23 20:11:14 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:11:14 [signals_handler DEBUG] - fresh all settings 2020-02-23 20:11:14 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:11:14 [signals_handler DEBUG] - fresh all settings 2020-02-23 20:11:15 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:11:15 [signals_handler DEBUG] - fresh all settings 2020-02-23 20:11:15 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:11:15 [signals_handler DEBUG] - fresh all settings 2020-02-23 20:11:15 [signals_handler DEBUG] Receive django ready signal 2020-02-23 20:11:15 [signals_handler DEBUG] - fresh all settings __ - ... __ - _ LocalTime -> 2020-02-23 20:11:15 Configuration -> . broker -> redis://127.0.0.1:6379/3 . loader -> celery.loaders.app.AppLoader . scheduler -> django_celery_beat.schedulers.DatabaseScheduler . logfile -> [stderr]@%DEBUG . maxinterval -> 1.00 minute (60.0s) Setting default socket timeout to 30 beat: Starting... DatabaseScheduler: initial read Writing entries... DatabaseScheduler: Fetching database schedule Current schedule: <ModelEntry: terminal.tasks.delete_terminal_status_period terminal.tasks.delete_terminal_status_period(*[], **{}) <freq: 1.00 hour>> <ModelEntry: terminal.tasks.clean_orphan_session terminal.tasks.clean_orphan_session(*[], **{}) <freq: 1.00 hour>> <ModelEntry: celery.backend_cleanup celery.backend_cleanup(*[], **{}) <crontab: 0 4 * * * (m/h/d/dM/MY)>> <ModelEntry: assets.tasks.update_assets_hardware_info_period assets.tasks.update_assets_hardware_info_period(*[], **{}) <freq: 1.00 hour>> <ModelEntry: assets.tasks.test_admin_user_connectability_period assets.tasks.test_admin_user_connectability_period(*[], **{}) <freq: 1.00 hour>> <ModelEntry: assets.tasks.test_system_user_connectability_period assets.tasks.test_system_user_connectability_period(*[], **{}) <freq: 1.00 hour>> beat: Ticking with max interval->1.00 minute beat: Waking up in 1.00 minute. /usr/local/lib/python3.6/site-packages/celery/platforms.py:795: RuntimeWarning: You're running the worker with superuser privileges: this is absolutely not recommended!
如果,看见8080端口起来了,直接访问就行,账号密码都是admin