Docker compose deploy jumpserver fortress machine

Keywords: Linux Docker MySQL Redis github

1, Environment deployment

1. Build docker environment

yum -y install docker

2. Install docker compose

curl -L https://github.com/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m` -o /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose

3. Create project directory

mkdir -p /data/jms
cd /data/jms

4. Download the docker project of jms

git clone https://github.com/wojiushixiaobai/docker-compose.git

[root@localhost docker-compose]# cat docker-compose.yml 
version: '3'
services:
  mysql:
    image: wojiushixiaobai/jms_mysql:${Version}
    container_name: jms_mysql
    restart: always
    tty: true
    environment:
      DB_PORT: $DB_PORT
      DB_USER: $DB_USER
      DB_PASSWORD: $DB_PASSWORD
      DB_NAME: $DB_NAME
    volumes:
      - mysql-data:/var/lib/mysql
    networks:
      - jumpserver

  redis:
    image: wojiushixiaobai/jms_redis:${Version}
    container_name: jms_redis
    restart: always
    tty: true
    environment:
      REDIS_PORT: $REDIS_PORT
      REDIS_PASSWORD: $REDIS_PASSWORD
    volumes:
      - redis-data:/var/lib/redis/
    networks:
      - jumpserver

  core:
    image: wojiushixiaobai/jms_core:${Version}
    container_name: jms_core
    restart: always
    tty: true
    environment:
      SECRET_KEY: $SECRET_KEY
      BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
      DB_HOST: $DB_HOST
      DB_PORT: $DB_PORT
      DB_USER: $DB_USER
      DB_PASSWORD: $DB_PASSWORD
      DB_NAME: $DB_NAME
      REDIS_HOST: $REDIS_HOST
      REDIS_PORT: $REDIS_PORT
      REDIS_PASSWORD: $REDIS_PASSWORD
    depends_on:
      - mysql
      - redis
    volumes:
      - static:/opt/jumpserver/data/static
      - media:/opt/jumpserver/data/media
    networks:
      - jumpserver

  koko:
    image: wojiushixiaobai/jms_koko:${Version}
    container_name: jms_koko
    restart: always
    tty: true
    environment:
      CORE_HOST: http://core:8080
      BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
    depends_on:
      - core
      - mysql
      - redis
    volumes:
      - koko-keys:/opt/koko/data/keys
    ports:
      - 2222:2222
    networks:
      - jumpserver

  guacamole:
    image: wojiushixiaobai/jms_guacamole:${Version}
    container_name: jms_guacamole
    restart: always
    tty: true
    environment:
      JUMPSERVER_SERVER: http://core:8080
      BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
      JUMPSERVER_KEY_DIR: /config/guacamole/keys
      GUACAMOLE_HOME: /config/guacamole
      GUACAMOLE_LOG_LEVEL: ERROR
      JUMPSERVER_ENABLE_DRIVE: 'true'
    depends_on:
      - core
      - mysql
      - redis
    volumes:
      - guacamole-keys:/config/guacamole/keys
    networks:
      - jumpserver

  nginx:
    image: wojiushixiaobai/jms_nginx:${Version}
    container_name: jms_nginx
    restart: always
    tty: true
    depends_on:
      - core
      - koko
      - mysql
      - redis
    volumes:
      - static:/opt/jumpserver/data/static
      - media:/opt/jumpserver/data/media
    ports:
      - 80:80
    networks:
      - jumpserver

volumes:
  static:
  media:
  mysql-data:
  redis-data:
  koko-keys:
  guacamole-keys:

networks:
  jumpserver:

5. Start the project with docker compose

docker-compose up -d

2, The jumpserver background configuration adds host assets and authorizes access.

1. Log in to the jump server background. The default login user name and password are admin

2. Configure system users.

3. Configure management users.

4. Create user group

5. Create jumpserver background user

6. Create an asset host.

7. Create asset authorization rules.

8. Check whether there are assets on the background web and verify the login


9. Use xsheel to log in to jumpserver and log in to the controlled host.

Login user name is the background user configured in the background, for example, admin: admin login port is 2222



Posted by efron on Tue, 17 Mar 2020 11:02:24 -0700