Skip to content

Deploy JumpServer node 01⚓︎

1 Preparation⚓︎

1.1 Enviroment Information⚓︎

  • Information of JumpServer_Node_01 server:
192.168.100.21

2 Configure NFS⚓︎

2.1 Install dependencies package of NFS⚓︎

yum -y install nfs-utils
showmount -e 192.168.100.11

2.2 Mount NFS Volume⚓︎

# Mount the persistence directory of core component to NFS, with the default path being /opt/jumpserver/core/data. Please modify as per the actual situation.
# The relevant parameters defining JumpServer's persistent directory are designated as VOLUME_DIR, which will be prompted during the JumpServer installation process.
mkdir /opt/jumpserver/core/data
mount -t nfs 192.168.100.11:/data /opt/jumpserver/core/data

2.3 Configure NFS shared directory for automatic mounting at boot⚓︎

# It can be written into /etc/fstab for automatic mounting upon reboot. Note: After setting this up, if NFS is damaged or unable to connect to the server, startup may fail.
echo "192.168.100.11:/data /opt/jumpserver/core/data nfs defaults 0 0" >> /etc/fstab

3 JumpServer Installation⚓︎

3.1 Download jumpserver-install Installation Package⚓︎

cd /opt
yum -y install wget
wget https://github.com/jumpserver/installer/releases/download/v3.10.5/jumpserver-installer-v3.10.5.tar.gz
tar -xf jumpserver-installer-v3.10.5.tar.gz
cd jumpserver-installer-v3.10.5

3.2 Modify the temporary configuration file⚓︎

vi config-example.txt
# Modify the following options while keeping the others at their defaults. Please refrain from directly copying this content.
### Attention: Ensure that the SECRET_KEY matches that of other JumpServer servers; otherwise, encrypted data will be unable to be decrypted.

# Installation and Configuration
### Take note of the persistent directory VOLUME_DIR. If a different directory is mounted via NFS above, it should also be updated here VOLUME_DIR=/data/jumpserver
VOLUME_DIR=/opt/jumpserver


# Core configuration
### After startup, refrain from further modifications; otherwise, sensitive information such as passwords cannot be decrypted. Please avoid directly copying the string below.
SECRET_KEY=kWQdmdCQKjaWlHYpPhkNQDkfaRulM6YnHctsHLlSPs8287o2kW    # Ensure consistency with others JumpServer(*)
BOOTSTRAP_TOKEN=KXOeyNgDeTdpeu9q                                 # Ensure consistency with others JumpServer(*)
LOG_LEVEL=ERROR                                                  # Log Level
# SESSION_COOKIE_AGE=86400
SESSION_EXPIRE_AT_BROWSER_CLOSE=True                             # The session will be expired as browser closing

# MySQL Configuration

DB_HOST=192.168.100.11
DB_PORT=3306
DB_USER=jumpserver
DB_PASSWORD=KXOeyNgDeTdpeu9q
DB_NAME=jumpserver

# Redis Configuration

REDIS_HOST=192.168.100.11
REDIS_PORT=6379
REDIS_PASSWORD=KXOeyNgDeTdpeu9q

# KoKo Lion Configuration
SHARE_ROOM_TYPE=redis                                            # KoKo Lion enable redis shared
REUSE_CONNECTION=False                                           # Koko Koko disable connection shared

3.3 Install JumpServer with script⚓︎

./jmsctl.sh install
       ██╗██╗   ██╗███╗   ███╗██████╗ ███████╗███████╗██████╗ ██╗   ██╗███████╗██████╗
       ██║██║   ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║   ██║██╔════╝██╔══██╗
       ██║██║   ██║██╔████╔██║██████╔╝███████╗█████╗  ██████╔╝██║   ██║█████╗  ██████╔╝
  ██   ██║██║   ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝  ██╔══██╗╚██╗ ██╔╝██╔══╝  ██╔══██╗
  ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║     ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║
   ╚════╝  ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝

                                                                     Version:  v3.10.5


1. Check configuration file
Path of configuration file: /opt/jumpserver/config
/opt/jumpserver/config/config.txt  [  ]
/opt/jumpserver/config/nginx/lb_rdp_server.conf  [  ]
/opt/jumpserver/config/nginx/lb_ssh_server.conf  [  ]
/opt/jumpserver/config/nginx/cert/server.crt  [  ]
/opt/jumpserver/config/nginx/cert/server.key  [  ]
Done

2. Backup configuration file
Backup file to '/opt/jumpserver/config/backup/config.txt.2021-07-15_22-26-13'
Done

>>> Install and config Docker
1. Install Docker
Start to download Docker process ...
Start to download Docker Compose process ...
Done

2. Configure Docker
Would you like to customize the Docker storage directory, or should the default directory /var/lib/docker be used? (y/n)  (Default is n): n
Done

3. Start Docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
Done

>>> Loading Docker image
Docker: Pulling from jumpserver/core:v3.10.5        [ OK ]
Docker: Pulling from jumpserver/koko:v3.10.5        [ OK ]
Docker: Pulling from jumpserver/web:v3.10.5         [ OK ]
Docker: Pulling from jumpserver/redis:6-alpine      [ OK ]
Docker: Pulling from jumpserver/mysql:5             [ OK ]
Docker: Pulling from jumpserver/lion:v3.10.5        [ OK ]

>>> Install and config JumpServer
1. Configure network
Would you need to support IPv6? (y/n)  (Default is n): n
Done

2. Configure encryption key
SECRETE_KEY:     YTE2YTVkMTMtMGE3MS00YzI5LWFlOWEtMTc2OWJlMmIyMDE2
BOOTSTRAP_TOKEN: YTE2YTVkMTMtMGE3
Done

3. Configure persistent volume
Would you like to customize persistent storage?, default is /opt/jumpserver? (y/n)  (Default is n): n
Done

4. Configure MySQL
Would you like to use external MySQL? (y/n)  (Default is n): y
Please input IP address of MySQL Host (No default value): 192.168.100.11
Please input port nuber of MySQL (Default is3306): 3306
Please input name of MySQL database (Pre authorizated) (Default is jumpserver): jumpserver
Please input user name of MySQL (No defualt vaulue): jumpserver
Please input password of MySQL  (No default vaulue): KXOeyNgDeTdpeu9q
Done

5. Configure Redis
Would you like to use external Redis? (y/n)  (Default is  n): y
Please input IP address of Redis Host (No default value): 192.168.100.11
Please input port number of Redis  (Default is 6379): 6379
Please input password of Redis (No default value): KXOeyNgDeTdpeu9q
Done

6. Configure the external port
Would you need to config external port of JumpServer? (y/n)  (Default is n): n
Done

7. Initialize database
Creating network "jms_net" with driver "bridge"
Creating jms_redis ... done
2021-07-15 22:39:52 Collect static files
2021-07-15 22:39:52 Collect static files done
2021-07-15 22:39:52 Check database structure change ...
2021-07-15 22:39:52 Migrate model change to database ...

475 static files copied to '/opt/jumpserver/data/static'.
Operations to perform:
  Apply all migrations: acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, notifications, ops, orgs, perms, sessions, settings, terminal, tickets, users
Running migrations:
  Applying contenttypes.0001_initial... OK
  Applying contenttypes.0002_remove_content_type_name... OK
  Applying auth.0001_initial... OK
  Applying auth.0002_alter_permission_name_max_length... OK
  Applying auth.0003_alter_user_email_max_length... OK
  Applying auth.0004_alter_user_username_opts... OK
  Applying auth.0005_alter_user_last_login_null... OK
  Applying auth.0006_require_contenttypes_0002... OK
  Applying auth.0007_alter_validators_add_error_messages... OK
  Applying auth.0008_alter_user_username_max_length... OK
  ...
  Applying sessions.0001_initial... OK
  Applying terminal.0032_auto_20210302_1853... OK
  Applying terminal.0033_auto_20210324_1008... OK
  Applying terminal.0034_auto_20210406_1434... OK
  Applying terminal.0035_auto_20210517_1448... OK
  Applying terminal.0036_auto_20210604_1124... OK
  Applying terminal.0037_auto_20210623_1748... OK
  Applying tickets.0008_auto_20210311_1113... OK
  Applying tickets.0009_auto_20210426_1720... OK

>>> Installation finished
1. Start Jumpserver with the following command and then can access it
cd /root/jumpserver-installer-v3.10.5
./jmsctl.sh start

2. Other management commands
./jmsctl.sh stop
./jmsctl.sh restart
./jmsctl.sh backup
./jmsctl.sh upgrade
More commands, you can learn with ./jmsctl.sh --help 

3. Web access
http://192.168.100.212:80
Initial user: admin  Initial password: admin

4. SSH/SFTP connect
ssh -p2222 admin@192.168.100.212
sftp -P2222 admin@192.168.100.212

5. More Information
Official Web Site: https://www.jumpserver.org/
Official Documents: https://docs.jumpserver.org/

3.4 Start JumpServer service⚓︎

./jmsctl.sh start
Creating network "jms_net" with driver "bridge"
Creating jms_core      ... done
Creating jms_celery    ... done
Creating jms_lion      ... done
Creating jms_koko      ... done
Creating jms_magnus    ... done
Creating jms_web       ... done