第四十五課 預習任務 jumpserver
阿新 • • 發佈:2018-12-18
1.jumpserver介紹
- 官網www.jumpserver.org
- Jumpserver是一款使用Python, Django開發的開源跳板機系統, 助力網際網路企業高效 使用者、資產、許可權、審計 管理
- Auth 統一認證
- CMDB 資產管理
- 統一授權
- 日誌審計
- 自動化運維(ansible)
- 最新版v0.4.0,基於python3.6, django 1.11,目前還未開發完成,所以我們接下來將要安裝v0.3.2
2.Jumpserver安裝
可以按照這個官方文件安裝
http://docs.jumpserver.org/zh/docs/step_by_step.html
2.1 準備 Python3 和 Python 虛擬環境
[[email protected] ~]# yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git Loaded plugins: fastestmirror Determining fastest mirrors epel/x86_64/metalink | 8.2 kB 00:00:00 * base: centos.ustc.edu.cn * epel: mirrors.aliyun.com * extras: mirrors.163.com * updates: centos.uhost.hk base | 3.6 kB 00:00:00 epel | 3.2 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/7): epel/x86_64/group_gz | 88 kB 00:00:00 ...........................................................................
2.2編譯安裝pyhton3.6.1
[[email protected] ~]# wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
--2018-12-12 21:19:19-- https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
Resolving www.python.org (www.python.org)... 151.101.0.223, 151.101.64.223, 151.101.128.223, ...
Connecting to www.python.org (www.python.org)|151.101.0.223|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16872064 (16M) [application/octet-stream]
Saving to: ‘Python-3.6.1.tar.xz’
100%[=====================================================>] 16,872,064 235KB/s in 71s
2018-12-12 21:20:31 (231 KB/s) - ‘Python-3.6.1.tar.xz’ saved [16872064/16872064]
[ [email protected] ~]# tar xvf Python-3.6.1.tar.xz
................................
Python-3.6.1/Objects/stringlib/split.h
Python-3.6.1/Objects/unicodeobject.c
Python-3.6.1/Objects/listsort.txt
Python-3.6.1/Objects/accu.c
Python-3.6.1/Objects/structseq.c
Python-3.6.1/Objects/namespaceobject.c
Python-3.6.1/Objects/typeslots.py
Python-3.6.1/Objects/floatobject.c
Python-3.6.1/Objects/clinic/
Python-3.6.1/Objects/clinic/unicodeobject.c.h
Python-3.6.1/Objects/clinic/bytearrayobject.c.h
Python-3.6.1/Objects/clinic/bytesobject.c.h
Python-3.6.1/Objects/clinic/dictobject.c.h
Python-3.6.1/Objects/bytearrayobject.c
Python-3.6.1/Objects/typeobject.c
Python-3.6.1/Objects/lnotab_notes.txt
.......................................
[[email protected] Python-3.6.1]# ./configure && make && make install
..................................................\if test "xupgrade" != "xno" ; then \
case upgrade in \
upgrade) ensurepip="--upgrade" ;; \
install|*) ensurepip="" ;; \
esac; \
./python -E -m ensurepip \
$ensurepip --root=/ ; \
fi
Collecting setuptools
Collecting pip
Installing collected packages: setuptools, pip
Successfully installed pip-9.0.1 setuptools-28.8.0
2.3建立 Python 虛擬環境
因為 CentOS 6/7 自帶的是 Python2,而 Yum 等工具依賴原來的 Python,為了不擾亂原來的環境我們來使用 Python 虛擬環境
# 看到下面的提示符代表成功,以後執行 Jumpserver 都要先執行以上 source 命令,以下所有命令均在該虛擬環境中執行
3 安裝 Jumpserver 1.0.0
3.1下載或 Clone 專案
(py3) [[email protected] opt]# cd /opt/
(py3) [[email protected] opt]# git clone --depth=1 https://github.com/jumpserver/jumpserver.git && cd jumpserver && git checkout master
Cloning into 'jumpserver'...
remote: Enumerating objects: 1026, done.
remote: Counting objects: 100% (1026/1026), done.
remote: Compressing objects: 100% (897/897), done.
remote: Total 1026 (delta 169), reused 650 (delta 81), pack-reused 0
Receiving objects: 100% (1026/1026), 6.62 MiB | 234.00 KiB/s, done.
Resolving deltas: 100% (169/169), done.
Already on 'master'
3.2安裝依賴 RPM 包
(py3) [[email protected] jumpserver]# cd /opt/jumpserver/requirements
(py3) [[email protected] requirements]# yum -y install $(cat rpm_requirements.txt)
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: centos.ustc.edu.cn
* epel: mirrors.aliyun.com
* extras: mirrors.163.com
* updates: centos.uhost.hk
Package openssh-clients-7.4p1-16.el7.x86_64 already installed and latest version
Resolving Dependencies
3.3安裝 Python 庫依賴
uests-2.18.4 rest-condition-1.0.3 rsa-4.0 ruamel.yaml-0.15.81 s3transfer-0.1.13 simplejson-3.13.2 six-1.11.0 sshpubkeys-3.1.0 tencentcloud-sdk-python-3.0.40 uritemplate-3.0.0 urllib3-1.22 vine-1.1.4
You are using pip version 9.0.1, however version 18.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
3.4安裝 Redis, Jumpserver 使用 Redis 做 cache 和 celery broke
(py3) [[email protected] requirements]# yum -y install redis
............................................................
Running transaction
Installing : jemalloc-3.6.0-1.el7.x86_64 1/2
Installing : redis-3.2.12-2.el7.x86_64 2/2
Verifying : redis-3.2.12-2.el7.x86_64 1/2
Verifying : jemalloc-3.6.0-1.el7.x86_64 2/2
Installed:
redis.x86_64 0:3.2.12-2.el7
Dependency Installed:
jemalloc.x86_64 0:3.6.0-1.el7
Complete!
(py3) [[email protected] requirements]# systemctl start redis
3.5安裝 MySQL
[[email protected] ~]# yum -y install mariadb mariadb-devel mariadb-server
[[email protected] ~]# systemctl start mariadb
3.6建立資料庫 Jumpserver 並授權
(py3) [[email protected] requirements]# /usr/local/mysql/bin/mysql -uroot
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.39 MySQL Community Server (GPL)
mysql> create database jumpserver default charset 'utf8';
Query OK, 1 row affected (0.00 sec)
mysql> grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '123456';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
3.7修改 Jumpserver 配置檔案
[[email protected] jumpserver]# vim /opt/jumpserver/apps/jumpserver/settings.py
[[email protected] jumpserver]# vim config.py
3.8 生成資料庫表結構和初始化資料
(py3) [[email protected] jumpserver]# cd /opt/jumpserver/utils
(py3) [[email protected] utils]# bash make_migrations.sh
2018-12-12 22:27:36 [signals_handler DEBUG] Receive django ready signal
2018-12-12 22:27:36 [signals_handler DEBUG] - fresh all settings
No changes detected
2018-12-12 22:27:41 [signals_handler DEBUG] Receive django ready signal
2018-12-12 22:27:41 [signals_handler DEBUG] - fresh all settings
Operations to perform:
Apply all migrations: admin, assets, audits, auth, captcha, common, contenttypes, django_celery_beat, ops, orgs, perms, sessions, terminal, users
..................................................................
2018-12-12 22:28:07 [signals_handler DEBUG] Receive django ready signal
2018-12-12 22:28:07 [signals_handler DEBUG] - fresh all settings
No conflicts detected to merge.
3.9 執行 Jumpserver
新版本更新了執行指令碼,使用方式./jms start|stop|status|restart all 後臺執行請新增 -d 引數
//用這個方式啟動
(py3) [[email protected] jumpserver]# ./jms start all -d
Wed Dec 12 22:32:41 2018
Jumpserver version 1.4.5, more see https://www.jumpserver.org
Check database connection ...
2018-12-12 22:32:43 [signals_handler DEBUG] Receive django ready signal
2018-12-12 22:32:43 [signals_handler DEBUG] - fresh all settings
users
[X] 0001_initial
[X] 0002_auto_20171225_1157
[X] 0003_auto_20180101_0046
[X] 0004_auto_20180125_1218
[X] 0005_auto_20180306_1804
......................................................................
4.安裝 SSH Server 和 WebSocket Server: Coco
新開一個終端,連線測試機,別忘了 source /opt/py3/bin/activate
4.1 下載或 Clone 專案
(py3) [[email protected] ~]# cd /opt
(py3) [[email protected] opt]# git clone https://github.com/jumpserver/coco.git && cd coco && git checkout master
Cloning into 'coco'...
remote: Enumerating objects: 34, done.
remote: Counting objects: 100% (34/34), done.
remote: Compressing objects: 100% (25/25), done.
remote: Total 2715 (delta 12), reused 21 (delta 9), pack-reused 2681
Receiving objects: 100% (2715/2715), 1.51 MiB | 229.00 KiB/s, done.
Resolving deltas: 100% (1727/1727), done.
Already on 'master'
4.2 安裝依賴
(py3) [[email protected] coco]# cd /opt/coco/requirements
(py3) [[email protected] requirements]# yum -y install $(cat rpm_requirements.txt)
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: centos.ustc.edu.cn
* epel: mirrors.aliyun.com
* extras: mirrors.163.com
* updates: centos.uhost.hk
Package libffi-devel-3.0.13-18.el7.x86_64 already installed and latest version
Package sshpass-1.06-2.el7.x86_64 already installed and latest version
(py3) [[email protected] requirements]# pip install -r requirements.txt
Requirement already satisfied: asn1crypto==0.24.0 in /opt/py3/lib/python3.6/site-packages (from -r requirements.txt (line 1))
Requirement already satisfied: bcrypt==3.1.4 in /opt/py3/lib/python3.6/site-packages (from -r requirements.txt (line 2))
Requirement already satisfied: boto3==1.6.5 in /opt/py3/lib/python3.6/site-packages (from -r requirements.txt (line 3))
Requirement already satisfied: botocore==1.9.5 in /opt/py3/lib/python3.6/site-packages (from -r requirements.txt (line 4))
Collecting cachetools==2.0.1 (from -r requirements.txt (line 5))
Downloading https://files.pythonhosted.org/packages/ac/e8/5492fd5ada0b05a1bc485bcb634b559acdec59383eef5c4203b5e22be296/cachetools-2.0.1-py2.py3-none-any.whl
............................................................
4.3 檢視配置檔案並執行
(py3) [[email protected] coco]# cd /opt/coco
(py3) [[email protected] coco]# cp conf_example.py conf.py
(py3) [[email protected] coco]# python run_server.py
這時需要去 Jumpserver 管理後臺-會話管理-終端管理(http://192.168.139.135:8080/terminal/terminal/)接受 Coco 的註冊
4.4 登入web伺服器配置jumpserver
使用者名稱:admin 密碼:admin
錯誤程式碼:django.db.utils.OperationalError:2002
辦法:注意把settings.py中資料庫的’HOST’:’localhost’改成’HOST’:’127.0.0.1’
錯誤程式碼:django.db.utils.OperationalError: (1045, "Access denied for user 'ODBC'@'localhost' (using password)
辦法:django setting.py檔案中設定的database的配置是否正確
參考文件:http://blog.51cto.com/jinlong/2097518?utm_source=oschina-app