jump server 2.6.1 安装与配置

1. 安装与配置MySQL数据库

配置yum源和安装MySQL服务：
# yum -y localinstall http://mirrors.ustc.edu.cn/mysql-repo/mysql57-community-release-el7.rpm
# yum install -y mysql-community-server

配置数据库：
# if [ ! "$(cat /usr/bin/mysqld_pre_systemd | grep -v ^# | grep initialize-insecure )" ]; then sed -i "s@--initialize @--initialize-insecure @g" /usr/bin/mysqld_pre_systemd fi

启动数据库：
# systemctl enable mysqld 
# systemctl start mysqld

数据库授权：
#mysql -uroot
mysql> create database jumpserver default charset 'utf8' collate 'utf8_bin';
mysql> set global validate_password_policy=LOW;
mysql> grant all on jumpserver.* to 'jumpserver'@'%' identified by 'jumpserver';
mysql> flush privileges;

配置防火墙（一般防火墙关闭）：
#firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.100.0/24" port protocol="tcp" port="3306" accept"
#firewall-cmd --reload

2. 安装redis 5和配置

配置repo和安装redis5:
#yum -y install epel-release https://repo.ius.io/ius-release-el7.rpm
#yum install -y redis5

配置 Redis:
#sed -i "s/bind 127.0.0.1/bind 0.0.0.0/g" /etc/redis.conf
#sed -i "561i maxmemory-policy allkeys-lru" /etc/redis.conf
#sed -i "481i requirepass jumpserver" /etc/redis.conf

开机启动：
#systemctl enable redis
#systemctl start redis

配置防火墙（一般是关闭）：
#firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.100.0/24" port protocol="tcp" port="6379" accept"
#firewall-cmd --reload

3. 安装jumpserver

下载 jumpserver-install 安装脚本：
# cd /opt
# yum -y install wget
# wget https://github.com/jumpserver/installer/releases/download/v2.6.1/jumpserver-installer-v2.6.1.tar.gz
# tar -xf jumpserver-installer-v2.6.1.tar.gz
# cd jumpserver-installer-v2.6.1
# export DOCKER_IMAGE_PREFIX=docker.mirrors.ustc.edu.cn
# cat config-example.txt            #查看配置文件

安装jumpserver:
# ./jmsctl.sh install     #目录为：/opt/jumpserver-installer-v2.6.1 


帮助：
# ./jmsctl.sh -h

升级：
# ./jmsctl.sh check_update

4. 常见错误

以上错误，可以通过日志去定位：

# docker logs -f jms_core --tail 200

MySQLdb._exceptions.OperationalError: (2002, "Can't connect to MySQL server on '127.0.0.1' (115)") 　　　　　　#数据库设置的不对，可以先用账户和密码连接一下，看是否能连mysql，如果能连，就需要修改配置文件了；

配置文件放在（/opt/jumpserver/config）下面：

# vim /opt/jumpserver/config/config.txt

## MySQL数据库配置
DB_ENGINE=mysql
DB_HOST=10.10.x.195
DB_PORT=3306
DB_USER=jumpserver
DB_PASSWORD=jumpserver
DB_NAME=jumpserver

还可以使用命令：./jmsctl.sh reconfig 重新走一遍配置：

5. LDAP配置