Jumpserver installation deployment and trial experience

Jumpserver installation deployment and trial experience

Reference articles

http://blog.csdn.net/wanglei_storage/article/details/51001810

Jumpserver Highlights:
Integrated ansible, batch execution command;
Support Webterminal One environment

CentOS 7 x86_64

Close Iptables, close SELinux

Systemctl Stop Firewalld.service
Setenforce 0

Do not shut down the firewall, access through the Web page is not normal. two installing dependent libraries

1 Configure Ali's CentOS 7 Yum source (if configured, ignore this step):

cd/etc/yum.repos.d/
mkdir Repos.bak
mv./* Repos.bak
wget Http://mirrors.aliyun.com/repo/Centos-7.repo
Yum Clean All
Yum Makecache 2 installation Epel

Epel has a number of source addresses, different replacement of the configured Yum source, after the installation will produce a new repo, can be epel to obtain package resources.

Yum-y Install Epel-release
Yum Clean All
Yum Makecache 3 Installation Dependency Pack

Yum-y Install Python-pip python-devel sshpass lrzsz 4 installation Readline-devel

Because CentOS through Yum installation mysql-server failed, so download the tar package from the official MySQL website to install;
Https://cdn.mysql.com//Downloads/MySQL-5.7/mysql-5.7.18-linux-glibc2.5-x86_64.tar.gz

Official online, download will recommend registration login, ignore it, directly click "No, just start my download" download.

After you extract the file, place it under/usr/local and rename it to MySQL

4.1 Adding users, user groups

Userdel MySQL
Groupadd MySQL
Useradd-r-G MySQL MySQL
View User
ID MySQL

4.2 Change File User rights

Cd/usr/local
Chown-r Mysql:mysql MySQL

4.3 Installing the database

CentOS 5.7 version, through the BIN/MYSQLD database installation;

Bin/mysqld–initialize–user=mysql–basedir=/usr/local/mysql–datadir=/usr/local/mysql/data

Create RSA private key

sudo bin/mysql_ssl_rsa_setup–datadir=/usr/local/mysql/data

Modify Data Directory Permissions

Chown-r Mysql:mysql Data

4.4 Configuration My.cnf

Since the CentOS 5.7 tar bag did not carry my_default.cnf, a copy was made from the Internet.
Modify the following:
Basedir=/usr/local/mysql
Datadir=/usr/local/mysql/data
Sock=/var/run/mysqld/mysqld.sock

Mkdir-p/var/run/mysqld
Chown-r Mysql:mysql/var/run/mysqld

Copy the configured my_defalut.cnf file to the/etc directory and rename to My.cnf

CP MY_DEFAULT.CNF/ETC/MY.CNF
Cp/usr/local/mysql/support-files/mysql.server/etc/init.d/mysqld

4.5 Start

Detect if MySQL can start properly

./mysqld_safe–user=mysql

Closes the process and starts with mysqld

/etc/init.d/mysqld start 5 download Jumpserver

Not using the latest dev version jumpserver, using 0.3.2,
https://codeload.github.com/jumpserver/jumpserver/zip/0.3.2 6 Installing the Python Dependencies Library

Cd/opt/jumpserver/install
Pip Install-r requirement.txt

To view installed dependency packs

Pip Freeze

Note: The version of the installation package must be consistent with the version in the Requirement.txt file, otherwise there will be a variety of compatibility issues.

If a version inconsistency is found, reinstall the correct version of the dependent package by specifying the version number, for example:

Pip Install django==1.6 7 installation Jumpserver

CD Jumpserver/install
Python install.py

You can use the default configuration all. After the success, you will create the relevant data table, you can use the MySQL command to view the database jumpserver information. 8 Start Jumpserver

./service.sh start 9 trial

Landing
User name: admin
Password: 5lov@wife

There are several concepts that need to be explained below:

1 The client in the Jumpserver system refers to the managed asset object, such as the managed host. In the beginning, it is easy to understand from the angle of the customer of the Jumpserver system and make a detour.

2 users, Management users, System users

User refers to the use of Jumpserver users, the super User is admin, that is, Super Administrator.

Managing a user is a managed asset, such as a user on a host, that is filled in when an asset is added, and can be a root account.

System user, a user created to manage an asset, can associate a system user with an asset by pushing, authorization rules, jumpserver.

Summary: Spent a day of time, a simple study of the following, the next will learn the source code, I am also engaged in operation and maintenance system development, I hope this open source project is getting better.