【全国职业院校技能大赛高职组云计算赛项】
jumpserver堡垒机部署
·
题目:
堡垒机部署[0.5 分] 使用提供的 OpenStack 平台申请一台 CentOS7.9 的云主机,使用提供的软件包安装 JumpServer 堡垒机服务,并配置使用该堡垒机对接自己安装的 controller 和 compute 节点。
部署详解:
1.
基础准备
#
修改主机名
#
远程连接堡垒机节点,修改节点的主机名为
jumpserver
[root@jumpserver ~]
# hostnamectl set-hostname jumpserver
#
关闭防火墙与
SELinux
[root@jumpserver ~]
# setenforce 0
[root@jumpserver ~]
# sed -i s#SELINUX=enforcing#SELINUX=disabled# /etc/selinux/config
[root@jumpserver ~]
# iptables -F
[root@jumpserver ~]
# iptables -X
[root@jumpserver ~]
# iptables -Z
[root@jumpserver ~]
# /usr/sbin/iptables-save
#
下载软件包
[root@jumpserver ~]
# curl -O http://10.18.4.46/jumpserver.tar.gz
#
解压软件包
jumpserver.tar.gz
至
/root
目录下
[root@jumpserver ~]
# tar -zxvf jumpserver.tar.gz -C /opt/
[root@jumpserver ~]
# ls /opt/
compose config docker docker.service images jumpserver-repo static.env
#
配置本地
yum
源
[root@jumpserver ~]
# rm -rf /etc/yum.repos.d/*
[root@jumpserver ~]
# cat >> /etc/yum.repos.d/jumpserver.repo << EOF
[jumpserver]
name
=
jumpserver
baseurl
=
file:///opt/jumpserver-repo
gpgcheck
=
0
enabled
=
1
EOF
2.
安装依赖环境
#
安装
python
数据库
[root@jumpserver ~]
# yum install python2 -y
#
安装配置
docker
环境
[root@jumpserver ~]
# cp -rf /opt/docker/* /usr/bin/
[root@jumpserver ~]
# chmod 775 /usr/bin/docker*
[root@jumpserver ~]
# cp -rf /opt/docker.service /etc/systemd/system/
[root@jumpserver ~]
# chmod 755 /etc/systemd/system/docker.service
[root@jumpserver ~]
# systemctl daemon-reload
[root@jumpserver ~]
# systemctl enable docker --now
#
验证
docker
服务状态
[root@jumpserver ~]
# docker --version
Docker version
18
.06.3-ce, build d7080c1
[root@jumpserver ~]
# docker-compose --version
docker-compose version
1
.27.4, build
40524192
3.
安装
jumpserver
服务
#
加载
jumpserver
服务组件镜像
[root@jumpserver ~]
# cd /opt/images/
[root@jumpserver images]
# sh load.sh
#
创建
jumpserver
服务组件目录
[root@jumpserver images]
# mkdir -p /opt/jumpserver/{core,koko,lion,mysql,nginx,redis}
[root@jumpserver images]
# cp -rf /opt/config /opt/jumpserver/
#
生效环境变量
static.env
,使用所提供的脚本
up.sh
启动
jumpserver
服务
[root@jumpserver images]
# cd /opt/compose/
[root@jumpserver compose]
# source /opt/static.env
[root@jumpserver compose]
# sh up.sh
Creating network
"jms_net"
with driver
"bridge"
Creating jms_mysql ...
done
Creating jms_redis ...
done
Creating jms_core ...
done
Creating jms_celery ...
done
Creating jms_luna ...
done
Creating jms_lion ...
done
Creating jms_lina ...
done
Creating jms_nginx ...
done
Creating jms_koko ...
done
测试登录,浏览器访问
http://10.18.4.250
,
jumpserver web
登录(
admin/admin
)
更多推荐
已为社区贡献1条内容
所有评论(0)