1、安装docker步骤省略(请参考docker部署文档)

2、下载镜像并启动

下载mysql镜像

[root@script ~]# docker pull mysql:5.7 #拉取mysql镜像

下载redis镜像

[root@script ~]# docker pull redis #拉取redis镜像

下载jumpserver镜像

[root@script ~]# docker pull jumpserver/jms_all:latest  #拉取jumpserver镜像

启动mysql容器(映射端口为13306)

[root@script ~]# docker run -it -d --name mysql --restart=always -p 13306:3306 -v /opt/jumpserver/mysql/conf:/etc/mysql/conf.d -v /opt/jumpserver/mysql/logs:/var/log/mysql -v /opt/jumpserver/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD="jumpserver" mysql:5.7 #启动mysql镜像

mysql数据库创建、权限配置

[root@script ~]# docker exec -it mysql /bin/bash
bash-4.2# mysql -uroot -pjumpserver
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 478
Server version: 5.7.39 MySQL Community Server (GPL)

Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> create database jumpserver default charset 'utf8';
Query OK, 1 row affected (0.00 sec)

mysql> grant all on jumpserver.\* to 'root'@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> quit
Bye
bash-4.2#

启动redis容器

[root@script ~]# docker run -it -d  --name redis --restart=always      -p 6379:6379 redis       --requirepass "jumpserver"

查看mysql、redis的docker内部网络使用的IP地址(jumpserver会使用)

[root@script ]# docker inspect mysql |grep -i "IPADDRESS"
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAddress": "172.17.0.2",
[root@script ]# docker inspect redis |grep -i "IPADDRESS"
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",

生成随机密钥

[root@script ~]#  cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 49  ;echo
[root@script ~]#  cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16  ;echo

启动jumpserver容器

SECRET_KEY=g1jEDEDHhAlurhx8e3UYTYw5s0Ew3dUhXhqev7DBWe7YGEHHc 上一步生成的密钥

BOOTSTRAP_TOKEN=tujODfUoj8h5XCoJ 上一步生成的密钥

docker 创建jumpserver时注意:mysql内网的DB_PORT端口是3306,不是13306

[root@script ~]#docker run --name jumpserver -d  --restart=always -v /opt/jumpserver/data:/opt/jumpserver/data  -v /opt/jumpserver/koko:/opt/koko/data  -v /opt/jumpserver/lion:/opt/lion/data -p 180:80   -p 2222:2222 -e SECRET_KEY=g1jEDEDHhAlurhx8e3UYTYw5s0Ew3dUhXhqev7DBWe7YGEHHc  -e BOOTSTRAP_TOKEN=tujODfUoj8h5XCoJ  -e DB_HOST=172.17.0.3   -e DB_PORT=3306 -e DB_USER=root -e DB_PASSWORD=jumpserver -e DB_NAME=jumpserver -e REDIS_HOST=172.17.0.4  -e REDIS_PORT=6379 -e REDIS_PASSWORD=jumpserver jumpserver/jms_all

3、防火墙策略开通(防火墙未开启,无需操作)

[root@script ]# firewall-cmd --permanent  --add-port=188/tcp
success
[root@script ]# firewall-cmd --reload
success
[root@script ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens192
sources:
services: dhcpv6-client ssh
ports: 53259/tcp 3306/tcp 188/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

4、验证 (服务器IP地址:180)

默认密码是admin/admin

Copyright © https://yan-jian.com 2023 all right reserved更新时间: 2023-12-26 09:56:30

results matching ""

    No results matching ""