1, Environment deployment
1. Build docker environment
yum -y install docker
2. Install docker compose
curl -L https://github.com/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m` -o /usr/bin/docker-compose chmod +x /usr/bin/docker-compose
3. Create project directory
mkdir -p /data/jms cd /data/jms
4. Download the docker project of jms
git clone https://github.com/wojiushixiaobai/docker-compose.git
[root@localhost docker-compose]# cat docker-compose.yml
version: '3'
services:
mysql:
image: wojiushixiaobai/jms_mysql:${Version}
container_name: jms_mysql
restart: always
tty: true
environment:
DB_PORT: $DB_PORT
DB_USER: $DB_USER
DB_PASSWORD: $DB_PASSWORD
DB_NAME: $DB_NAME
volumes:
- mysql-data:/var/lib/mysql
networks:
- jumpserver
redis:
image: wojiushixiaobai/jms_redis:${Version}
container_name: jms_redis
restart: always
tty: true
environment:
REDIS_PORT: $REDIS_PORT
REDIS_PASSWORD: $REDIS_PASSWORD
volumes:
- redis-data:/var/lib/redis/
networks:
- jumpserver
core:
image: wojiushixiaobai/jms_core:${Version}
container_name: jms_core
restart: always
tty: true
environment:
SECRET_KEY: $SECRET_KEY
BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
DB_HOST: $DB_HOST
DB_PORT: $DB_PORT
DB_USER: $DB_USER
DB_PASSWORD: $DB_PASSWORD
DB_NAME: $DB_NAME
REDIS_HOST: $REDIS_HOST
REDIS_PORT: $REDIS_PORT
REDIS_PASSWORD: $REDIS_PASSWORD
depends_on:
- mysql
- redis
volumes:
- static:/opt/jumpserver/data/static
- media:/opt/jumpserver/data/media
networks:
- jumpserver
koko:
image: wojiushixiaobai/jms_koko:${Version}
container_name: jms_koko
restart: always
tty: true
environment:
CORE_HOST: http://core:8080
BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
depends_on:
- core
- mysql
- redis
volumes:
- koko-keys:/opt/koko/data/keys
ports:
- 2222:2222
networks:
- jumpserver
guacamole:
image: wojiushixiaobai/jms_guacamole:${Version}
container_name: jms_guacamole
restart: always
tty: true
environment:
JUMPSERVER_SERVER: http://core:8080
BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN
JUMPSERVER_KEY_DIR: /config/guacamole/keys
GUACAMOLE_HOME: /config/guacamole
GUACAMOLE_LOG_LEVEL: ERROR
JUMPSERVER_ENABLE_DRIVE: 'true'
depends_on:
- core
- mysql
- redis
volumes:
- guacamole-keys:/config/guacamole/keys
networks:
- jumpserver
nginx:
image: wojiushixiaobai/jms_nginx:${Version}
container_name: jms_nginx
restart: always
tty: true
depends_on:
- core
- koko
- mysql
- redis
volumes:
- static:/opt/jumpserver/data/static
- media:/opt/jumpserver/data/media
ports:
- 80:80
networks:
- jumpserver
volumes:
static:
media:
mysql-data:
redis-data:
koko-keys:
guacamole-keys:
networks:
jumpserver:5. Start the project with docker compose
docker-compose up -d
2, The jumpserver background configuration adds host assets and authorizes access.
1. Log in to the jump server background. The default login user name and password are admin
2. Configure system users.
3. Configure management users.
4. Create user group
5. Create jumpserver background user
6. Create an asset host.
7. Create asset authorization rules.
8. Check whether there are assets on the background web and verify the login
9. Use xsheel to log in to jumpserver and log in to the controlled host.
Login user name is the background user configured in the background, for example, admin: admin login port is 2222
