openEuler 服务器安装 JumpServer
- [JumpServer 简介](#JumpServer 简介)
-
- [什么是 JumpServer ?](#什么是 JumpServer ?)
- [JumpServer 的各种类型资产](#JumpServer 的各种类型资产)
- [JumpServer 产品特色或优势](#JumpServer 产品特色或优势)
- [JumpServer 符合 4A 规范](#JumpServer 符合 4A 规范)
- [JumpServer 系统架构](#JumpServer 系统架构)
- [JumpServer 安装部署](#JumpServer 安装部署)
JumpServer 简介
什么是 JumpServer ?
JumpServer
是广受欢迎的 开源堡垒机
,是符合 4A 规范
的专业运维安全审计系统。JumpServer
帮助企业以更安全的方式管控和登录所有类型的资产,实现 事前授权、事中监察、事后审计,满足等保合规
要求。
JumpServer 的各种类型资产
JumpServer
堡垒机支持的资产类型包括:
SSH
(Linux / Unix
/ 网络设备 等);Windows
(Web
方式连接 / 原生RDP
连接);- 数据库 (
MySQL / MariaDB / Oracle / SQLServer / PostgreSQL / ClickHouse
等); NoSQL
(Redis / MongoDB
等);GPT
(ChatGPT
等);- 云服务 (
Kubernetes / VMware vSphere
等); Web
站点 (各类系统的Web
管理后台);- 应用 (通过
Remote App
连接各类应用);
JumpServer 产品特色或优势
JumpServer
的产品特色包括:
- 开源:零门槛,线上快速获取和安装;
- 分布式:轻松支持大规模并发访问;
- 无插件:仅需浏览器,极致的
Web Terminal
使用体验; - 多云支持:一套系统,同时管理不同云上面的资产;
- 云端存储:审计录像云端存储,永不丢失;
- 多租户:一套系统,多个子公司和部门同时使用;
- 多应用支持:数据库,
Windows
远程应用,Kubernetes
。
JumpServer 符合 4A 规范
JumpServer
是符合 4A 规范
的堡垒机:
Authentication
:身份认证,防止身份冒用和复用;Authorization
:授权控制 ,防止内部误操作和权限滥用;Accounting
:账号管理,人员和资产的管理;Auditing
:安全审计,追溯的保障和事故分析的依据;
JumpServer
堡垒机支持 事前授权、事中监察、事后审计,满足等保合规
要求。
JumpServer 系统架构
应用架构
JumpServer
采用分层架构
,分别是负载层、接入层、核心层、数据层、存储层
。JumpServer
应用架构图如下:
组件说明
Core
组件是JumpServer
的核心组件,其他组件依赖此组件启动。Koko
是服务于类Unix
资产平台的组件,通过SSH、Telnet
协议提供字符型连接。Lion
是服务于Windows
资产平台的组件,用于Web
端访问Windows
资产。Omnidb
是服务于数据库的组件,用于可视化界面纳管数据库。Razor
是服务于RDP
协议组件,该组件主要功能是通过JumpServer Client
方式访问Windows
资产。Magnus
是服务于数据库的组件,用于通过客户端代理访问数据库。Celery
是处理异步任务的组件,用于执行JumpServer
相关的自动化任务。
更多信息请查看,https://docs.jumpserver.org/zh/v3/architecture/
JumpServer 安装部署
JumpServer
支持 在线安装(标准安装)
和 离线安装
两种模式,安装过程可参考文档https://docs.jumpserver.org/zh/master/install/setup_by_fast/
环境要求
- 操作系统环境:
OS/Arch | Architecture | Linux Kernel | Soft Requirement | Minimize Hardware |
---|---|---|---|---|
linux/amd64 | x86_64 | >= 4.0 | wget curl tar gettext iptables python | 2Core/8GB RAM/60G HDD |
linux/arm64 | aarch64 | >= 4.0 | wget curl tar gettext iptables python | 2Core/8GB RAM/60G HDD |
linux/loong64 | loongarch64 | == 4.19 | wget curl tar gettext iptables python | 2Core/8GB RAM/60G HDD |
- 数据库系统环境:
JumpServer
需要使用 MySQL
或 MariaDB
存储数据,使用 Redis
缓存数据。
此处用户可以使用自建数据库或云数据库,请参考此处的要求:
Name | Version | Default Charset | Default collation | TLS/SSL |
---|---|---|---|---|
MySQL | >= 5.7 | utf8mb4 | utf8mb4_general_ci | ✔ |
MariaDB | >= 10.2 | utf8mb4 | utf8mb4_general_ci | ✔ |
Name | Version | Sentinel | Cluster | TLS/SSL |
---|---|---|---|---|
Redis | >= 5.0 | ✔ | ✖ | ✔ |
此处我们采用单机在线安装模式,要求宿主机网络可以访问外网。
本案例我们采用如下配置规格进行 JumpServer
的安装部署:
OS
系统信息:
OS/Arch | Architecture | Linux Kernel | Soft Requirement | Minimize Hardware |
---|---|---|---|---|
openEuler-22.03-LTS-x86_64-dvd.iso | x86_64 | 5.10.0-60.18.0.50.oe2203.x86_64 | wget curl tar gettext iptables python | 4Core/8GB RAM/60G HDD |
预安装软件,执行如下命令:
bash
yum update && install -y wget curl tar gettext iptables
Redis
版本信息:
Name | Version | Sentinel | Cluster | TLS/SSL |
---|---|---|---|---|
Redis | 6.2 | ✔ | ✖ | ✔ |
DB
版本信息:
Name | Version | Default Charset | Default collation | TLS/SSL |
---|---|---|---|---|
MariaDB | 10.6 | utf8mb4 | utf8mb4_general_ci | ✔ |
网络端口
JumpServer
作为符合 4A 规范
的专业运维安全审计系统,其正常运行需要开放如下网络端口,管理员可根据实际环境中 JumpServer
组件部署的方案,在网络和主机侧开放相关端口。
网络端口列表
端口 | 作用 | 说明 |
---|---|---|
22 | SSH |
安装、升级及管理使用 |
80 | Web HTTP 服务 |
通过 HTTP 协议访问 JumpServer 前端页面 |
443 | Web HTTPS 服务 |
通过 HTTPS 协议访问 JumpServer 前端页面 |
1521 | 数据库服务 | Oracle 服务使用 |
1433 | 数据库服务 | MS SQLServer 服务使用 |
3306 | 数据库服务 | MySQL/MariaDB 服务使用 |
5432 | 数据库服务 | PostgreSQL 服务使用 |
6379 | 数据库服务 | Redis 服务使用 |
27017 | 数据库服务 | MongoDB 服务使用 |
3389 | Razor 服务端口 |
RDP Client 方式连接 Windows 资产 |
2222 | SSH Client |
SSH Client 方式使用终端工具连接 JumpServer ,比如 Xshell、PuTTY、MobaXterm、WindTerm 等终端工具 |
33061 | Magnus MySQL 服务端口 |
DB Client 方式连接 MySQL 数据库资产 |
33062 | Magnus MariaDB 服务端口 |
DB Client 方式连接 MariaDB 数据库资产 |
54320 | Magnus PostgreSQL 服务端口 |
DB Client 方式连接 PostgreSQL 数据库资产 |
63790 | Magnus Redis 服务端口 |
DB Client 方式连接 Redis 数据库资产 |
30000-30100 | Magnus Oracle 服务端口 |
DB Client 方式连接 Oracle 数据库资产,该端口范围可自定义 |
防火墙常用命令
- 确认
firewall
的状态为running
bash
firewall-cmd --state
running
- 临时开放端口(规则立即生效,重启失效)
bash
firewall-cmd --zone=public --add-port=80/tcp
firewall-cmd --zone=public --add-port=2222/tcp
firewall-cmd --add-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept"
- 临时删除端口(规则立即生效,重启失效)
bash
firewall-cmd --zone=public --remove-port=80/tcp
firewall-cmd --zone=public --remove-port=2222/tcp
firewall-cmd --remove-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept"
- 临时删除端口(规则立即生效,重启失效)
bash
firewall-cmd --zone=public --remove-port=80/tcp
firewall-cmd --zone=public --remove-port=2222/tcp
firewall-cmd --remove-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept"
- 永久放行端口(需要
reload
才能生效)
bash
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=2222/tcp --permanent
firewall-cmd --add-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept" --permanent
firewall-cmd --reload
- 永久删除端口(需要
reload
才能生效)
bash
firewall-cmd --zone=public --remove-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=2222/tcp --permanent
firewall-cmd --remove-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept" --permanent
firewall-cmd --reload
- 查看端口生效规则
bash
firewall-cmd --list-all
...
public (active)
target: default
icmp-block-inversion: no
interfaces: ens32
sources:
services: dhcpv6-client ssh
ports: 80/tcp 2222/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="172.17.0.1/16" port port="8080" protocol="tcp" accept
在线脚本安装
参考,https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0
- 国内用户
bash
curl -sSL https://resource.fit2cloud.com/jumpserver/jumpserver/releases/latest/download/quick_start.sh | bash
- 海外用户
bash
curl -sSL https://github.com/jumpserver/jumpserver/releases/latest/download/quick_start.sh | bash
此处我们安装 JumpServer
版本是 v3.8
,下载的 quick_start.sh
文件内容如下:
bash
#!/usr/bin/env bash
VERSION=v3.8.0
DOWNLOAD_URL=https://github.com
function install_soft() {
if command -v dnf > /dev/null; then
dnf -q -y install "$1"
elif command -v yum > /dev/null; then
yum -q -y install "$1"
elif command -v apt > /dev/null; then
apt-get -qqy install "$1"
elif command -v zypper > /dev/null; then
zypper -q -n install "$1"
elif command -v apk > /dev/null; then
apk add -q "$1"
command -v gettext >/dev/null || {
apk add -q gettext-dev python3
}
else
echo -e "[\033[31m ERROR \033[0m] $1 command not found, Please install it first"
exit 1
fi
}
function prepare_install() {
for i in curl wget tar iptables; do
command -v $i &>/dev/null || install_soft $i
done
}
function get_installer() {
echo "download install script to /opt/jumpserver-installer-${VERSION}"
cd /opt || exit 1
if [ ! -d "/opt/jumpserver-installer-${VERSION}" ]; then
timeout 60 wget -qO jumpserver-installer-${VERSION}.tar.gz ${DOWNLOAD_URL}/jumpserver/installer/releases/download/${VERSION}/jumpserver-installer-${VERSION}.tar.gz || {
rm -f /opt/jumpserver-installer-${VERSION}.tar.gz
echo -e "[\033[31m ERROR \033[0m] Failed to download jumpserver-installer-${VERSION}"
exit 1
}
tar -xf /opt/jumpserver-installer-${VERSION}.tar.gz -C /opt || {
rm -rf /opt/jumpserver-installer-${VERSION}
echo -e "[\033[31m ERROR \033[0m] Failed to unzip jumpserver-installer-${VERSION}"
exit 1
}
rm -f /opt/jumpserver-installer-${VERSION}.tar.gz
fi
}
function config_installer() {
cd /opt/jumpserver-installer-${VERSION} || exit 1
sed -i "s/VERSION=.*/VERSION=${VERSION}/g" /opt/jumpserver-installer-${VERSION}/static.env
./jmsctl.sh install
./jmsctl.sh start
}
function main(){
if [[ "${OS}" == 'Darwin' ]]; then
echo
echo "Unsupported Operating System Error"
exit 1
fi
prepare_install
get_installer
config_installer
}
main
或者下载 quick_start.sh
文件后,直接执行如下命令:
bash
bash quick_start.sh
输出如下类似信息:
完整信息如下:
bash
Importing GPG key 0xB25E7F66:
Userid : "private OBS (key without passphrase) <defaultkey@localobs>"
Fingerprint: 12EA 74AC 9DF4 8D46 C69C A0BE D557 065E B25E 7F66
From : http://repo.openeuler.org/openEuler-22.03-LTS/OS/x86_64/RPM-GPG-KEY-openEuler
Installed:
tar-2:1.34-4.oe2203.x86_64
download install script to /opt/jumpserver-installer-v3.8.0
██╗██╗ ██╗███╗ ███╗██████╗ ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗
██║██║ ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗
██║██║ ██║██╔████╔██║██████╔╝███████╗█████╗ ██████╔╝██║ ██║█████╗ ██████╔╝
██ ██║██║ ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██╔══╝ ██╔══██╗
╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║
╚════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝
Version: v3.8.0
1. 检查配置文件
配置文件位置: /opt/jumpserver/config
/opt/jumpserver/config/config.txt [ √ ]
/opt/jumpserver/config/nginx/cert/server.crt [ √ ]
/opt/jumpserver/config/nginx/cert/server.key [ √ ]
完成
>>> 安装配置 Docker
1. 安装 Docker
开始下载 Docker 程序 ...
开始下载 Docker Compose 程序 ...
完成
2. 配置 Docker
是否需要支持 IPv6? (y/n) (默认为 n): 完成
3. 启动 Docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /etc/systemd/system/docker.service.
完成
>>> 加载 Docker 镜像
[jumpserver/kael:v3.8.0] pulling
[jumpserver/web:v3.8.0] pulling
[jumpserver/koko:v3.8.0] pulling
[jumpserver/core:v3.8.0] pulling
[jumpserver/mariadb:10.6] pulling
[jumpserver/redis:6.2] pulling
[jumpserver/magnus:v3.8.0] pulling
[jumpserver/chen:v3.8.0] pulling
[jumpserver/lion:v3.8.0] pulling
10.6: Pulling from jumpserver/mariadb
eaead16dc43b: Pulling fs layer
4f6f4832182b: Pulling fs layer
6eed3156c415: Pulling fs layer
d1adc5c9f5ec: Waiting
4f5e88c034ff: Waiting
e09b3c602366: Waiting
9896f95913b8: Waiting
522ebe12904a: Waiting
v3.8.0: Pulling from jumpserver/lion
99bf4787315b: Waiting
eaacdd61c025: Waiting
26d1da19b429: Waiting
aa4a93627716: Waiting
e42c672e047b: Waiting
bcbcd1fe9fe0: Waiting
3a7da7bf8a7c: Waiting
b3634a6d92f0: Waiting
bba4daab2e00: Waiting
ed3d33e2d240: Waiting
d534346c5f7b: Waiting
e61d813b6ad0: Waiting
v3.8.0: Pulling from jumpserver/kael
eaead16dc43b: Downloading [==========> ] 5.88MB/28.58MB
eaead16dc43b: Downloading [============================> ] 16.14MB/28.58MB
eaead16dc43b: Downloading [==========================================> ] 24.4MB/28.58MB
c40342aa95c2: Waiting
5b1e577d1705: Waiting
d1adc5c9f5ec: Download complete
9b8a874e1e2d: Waiting
4f4fb700ef54: Waiting
v3.8.0: Pulling from jumpserver/chen
v3.8.0: Pulling from jumpserver/koko
3240fe174df9: Waiting
ea2f9ac2eb39: Waiting
eaead16dc43b: Extracting [> ] 294.9kB/28.58MB
d9e18c4120e1: Waiting
6aedef56f24f: Waiting
1f1a5cf5a065: Waiting
7f41607db671: Waiting
7689328b48f7: Waiting
9896f95913b8: Download complete
04f575d6fad5: Waiting
e67fdae35593: Waiting
eaead16dc43b: Extracting [==================================================>] 28.58MB/28.58MB
dfefa43f7ef9: Waiting
eaead16dc43b: Pull complete
4f6f4832182b: Extracting [==================================================>] 1.747kB/1.747kB
98153782a42c: Waiting
4f6f4832182b: Pull complete
6eed3156c415: Pull complete
8127cd7d3437: Waiting
v3.8.0: Pulling from jumpserver/magnus
v3.8.0: Pulling from jumpserver/core
6.2: Pulling from jumpserver/redis
v3.8.0: Pulling from jumpserver/web
e67fdae35593: Waiting
321c8788e932: Waiting
d1adc5c9f5ec: Extracting [==================================================>] 149B/149B
b573062c6e54: Waiting
99bf4787315b: Extracting [=============================> ] 16.22MB/27.14MB
eaacdd61c025: Download complete
e67fdae35593: e67fdae35593: e67fdae35593: e67fdae35593: Downloading [====================> ] Downloading [====================> ] 12.72MB/31.42MB12.4MB/31.42MB
Downloading [====> ] 2.949MB/31.42MB
e855c2f1475c: Waiting
0668e0cb7eeb: Waiting
99bf4787315b: Extracting [==================================================>] 27.14MB/27.14MB
4f5e88c034ff: Pull complete
Downloading [=======================================> ] 24.83MB/31.42MB4.83MB/31.42MB
e67fdae35593: Downloading [===========================> ] 16.98MB/31.42MB
Pull complete e67fdae35593: e67fdae35593: Pull complete
Downloading [==========================================> ] 26.47MB/31.42MB
981eb4eb4e29: Waiting
0c8e33d32ad2: Waiting
b23242c39ad3: Waiting
e09b3c602366: Downloading [==================================> ] 61.26MB/88.87MB
4f4fb700ef54: Waiting
Extracting [==================================================>] 31.42MB/31.42MB=========>] 31.42MB/31.42MB
Extracting [=============> ] 8.192MB/31.42MB ] 8.192MB/31.42MB
e67fdae35593: Extracting [========================> ] 15.4MB/31.42MB
5dc251960c03: Waiting
37ad762d263f: Waiting
2056f85116ef: Waiting
99bf4787315b: Pull complete
eaacdd61c025: Pull complete
26d1da19b429: Downloading [===============================================> ] 27.65MB/29.4MB
Pull complete e67fdae35593: Pull complete
Extracting [> ] 327.7kB/31.42MB27.7kB/31.42MB
26d1da19b429: Pull complete
aa4a93627716: Pull complete
e42c672e047b: Pull complete
bcbcd1fe9fe0: Pull complete
3a7da7bf8a7c: Pull complete
ea2f9ac2eb39: Download complete
e67fdae35593: Extracting [==================================================>] 31.42MB/31.42MB
d9e18c4120e1: Download complete
3240fe174df9: Pull complete
ea2f9ac2eb39: Pull complete
72e611ef6cbd: Pull complete
d9e18c4120e1: Pull complete
b35f34aa20f0: Download complete
1f1a5cf5a065: Pull complete
076f765c5c0b: Pull complete
dfefa43f7ef9: Pull complete
321c8788e932: Pull complete
1b50c537067e: Downloading [============================> ] 4.996MB/8.729MB
d409c959e473: Pull complete
5dc251960c03: Pull complete
37ad762d263f: Pull complete
2056f85116ef: Pull complete
65ee1d2786fa: Extracting [==================================================>] 1.405kB/1.405kB
272d660811bd: Download complete
65ee1d2786fa: Pull complete
cfd4a22d5220: Downloading [======> ] 150.2MB/1.23GB
cfd4a22d5220: Downloading [======> ] 156.1MB/1.23GB
272d660811bd: Pull complete
4f4fb700ef54: Pull complete
cfd4a22d5220: Pull complete
4df962483fe2: Pull complete
105d66cef279: Pull complete
a0fc03463301: Pull complete
222e61094282: Pull complete
2fcb7dbc00dd: Pull complete
92e2dfaefa5f: Pull complete
b8b8d4e4ee39: Pull complete
153510901956: Pull complete
Digest: sha256:75204461f39f8d691e40768625c965d77969ea5cfeb48bf31bf0033bcb38636b
Status: Downloaded newer image for jumpserver/web:v3.8.0
docker.io/jumpserver/web:v3.8.0
完成
>>> 安装配置 JumpServer
1. 配置加密密钥
SECRETE_KEY: ZmQ5NzQ1NzMtYTlmNS00YzA4LWIxNDQtN2EzMjZlMTc4Yzdk
BOOTSTRAP_TOKEN: ZmQ5NzQ1NzMtYTlmNS00YzA4
完成
2. 配置持久化目录
是否需要自定义持久化存储, 默认将使用目录 /data/jumpserver? (y/n) (默认为 n): 完成
3. 配置 MySQL
是否使用外部 MySQL? (y/n) (默认为 n): 完成
4. 配置 Redis
是否使用外部 Redis? (y/n) (默认为 n): 完成
5. 配置外部访问
是否需要配置 JumpServer 对外访问端口? (y/n) (默认为 n): n
完成
6. 初始化数据库
[+] Running 4/4
✔ Network jms_net Created 10.1s
✔ Container jms_mysql Started 2.6s
✔ Container jms_redis Started 2.4s
✔ Container jms_core Started 3.0s
2023-10-20 11:48:29 Collect static files
ALLOWED_HOSTS:
- localhost
- core80
- 127.0.0.1
- 127.0.0.1:8080
- 127.0.0.1:80
- localhost:8080
- localhost:80
- core:8080
- core:80
ALLOWED_HOSTS:
- localhost
- core80
- 127.0.0.1
- 127.0.0.1:8080
- 127.0.0.1:80
- localhost:8080
- localhost:80
- core:8080
- core:80
2023-10-20 11:48:31 Collect static files done
2023-10-20 11:48:31 Check database structure change ...
2023-10-20 11:48:31 Migrate model change to database ...
Operations to perform:
Apply all migrations: accounts, acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, notifications, ops, orgs, perms, rbac, sessions, settings, terminal, tickets, users
Running migrations:
Applying contenttypes.0001_initial... OK
Applying contenttypes.0002_remove_content_type_name... OK
Applying auth.0001_initial... OK
Applying auth.0002_alter_permission_name_max_length... OK
Applying auth.0003_alter_user_email_max_length... OK
Applying auth.0004_alter_user_username_opts... OK
Applying auth.0005_alter_user_last_login_null... OK
Applying auth.0006_require_contenttypes_0002... OK
Applying auth.0007_alter_validators_add_error_messages... OK
Applying auth.0008_alter_user_username_max_length... OK
Applying users.0001_initial... OK
Applying tickets.0001_initial... OK
Applying tickets.0002_auto_20200728_1146... OK
Applying tickets.0003_auto_20200804_1551... OK
Applying tickets.0004_ticket_comment... OK
Applying tickets.0005_ticket_meta_confirmed_system_users... OK
Applying tickets.0006_auto_20201023_1628... OK
Applying tickets.0007_auto_20201224_1821... OK
Applying tickets.0008_auto_20210311_1113... OK
Applying tickets.0009_auto_20210426_1720... OK
Applying tickets.0010_auto_20210812_1618... OK
Applying tickets.0011_remove_approvalrule_assignees_display... OK
Applying terminal.0001_initial... OK
Applying terminal.0002_auto_20171228_0025... OK
Applying terminal.0003_auto_20171230_0308... OK
Applying terminal.0004_session_remote_addr... OK
Applying terminal.0005_auto_20180122_1154... OK
Applying terminal.0006_auto_20180123_1037... OK
Applying terminal.0007_session_date_last_active... OK
Applying terminal.0008_auto_20180307_1603... OK
Applying terminal.0009_auto_20180326_0957... OK
Applying terminal.0010_auto_20180423_1140... OK
Applying terminal.0011_auto_20180807_1116... OK
Applying terminal.0012_auto_20180816_1652... OK
Applying terminal.0013_auto_20181123_1113... OK
Applying terminal.0014_auto_20181226_1441... OK
Applying terminal.0015_auto_20190923_1529... OK
Applying terminal.0016_commandstorage_replaystorage... OK
Applying common.0001_initial... OK
Applying common.0002_auto_20180111_1407... OK
Applying common.0003_setting_category... OK
Applying common.0004_setting_encrypted... OK
Applying common.0005_auto_20190221_1902... OK
Applying common.0006_auto_20190304_1515... OK
Applying settings.0001_initial... OK
Applying terminal.0017_auto_20191125_0931... OK
Applying terminal.0018_auto_20191202_1010... OK
Applying terminal.0019_auto_20191206_1000... OK
Applying terminal.0020_auto_20191218_1721... OK
Applying terminal.0021_auto_20200213_1316... OK
Applying terminal.0022_session_is_success... OK
Applying terminal.0023_command_risk_level... OK
Applying terminal.0024_auto_20200715_1713... OK
Applying terminal.0025_auto_20200810_1735... OK
Applying terminal.0026_auto_20201027_1905... OK
Applying terminal.0027_auto_20201102_1651... OK
Applying terminal.0028_auto_20201110_1918... OK
Applying terminal.0029_auto_20201116_1757... OK
Applying terminal.0030_terminal_type... OK
Applying terminal.0031_auto_20210113_1356... OK
Applying terminal.0032_auto_20210302_1853... OK
Applying terminal.0033_auto_20210324_1008... OK
Applying terminal.0034_auto_20210406_1434... OK
Applying terminal.0035_auto_20210517_1448... OK
Applying terminal.0036_auto_20210604_1124... OK
Applying terminal.0037_auto_20210623_1748... OK
Applying terminal.0038_task_kwargs... OK
Applying terminal.0039_auto_20210805_1552... OK
Applying terminal.0040_sessionjoinrecord_sessionsharing... OK
Applying terminal.0041_auto_20211105_1605... OK
Applying terminal.0042_auto_20211229_1619... OK
Applying tickets.0012_ticketsession... OK
Applying tickets.0013_ticket_serial_num...
Fill ticket serial number ...
OK
Applying tickets.0014_auto_20220217_2135... OK
Applying tickets.0015_superticket... OK
Applying terminal.0043_auto_20220217_2135... OK
Applying terminal.0044_auto_20220223_1539... OK
Applying terminal.0045_auto_20220228_1144... OK
Applying terminal.0046_auto_20220228_1744... OK
Applying terminal.0047_auto_20220302_1951... OK
Applying terminal.0048_endpoint_endpointrule... OK
Applying terminal.0049_endpoint_redis_port... OK
Applying users.0002_auto_20171225_1157_squashed_0019_auto_20190304_1459... OK
Applying users.0020_auto_20190612_1825... OK
Applying users.0021_auto_20190625_1104... OK
Applying users.0022_auto_20190625_1105... OK
Applying users.0023_auto_20190724_1525... OK
Applying users.0024_auto_20191118_1612... OK
Applying users.0025_auto_20200206_1216... OK
Applying users.0026_auto_20200508_2105... OK
Applying users.0027_auto_20200616_1503... OK
Applying users.0028_auto_20200728_1805... OK
Applying users.0029_auto_20200814_1650... OK
Applying users.0030_auto_20200819_2041... OK
Applying users.0031_auto_20201118_1801... OK
Applying assets.0001_initial... OK
Applying perms.0001_initial... OK
Applying assets.0002_auto_20180105_1807_squashed_0009_auto_20180307_1212... OK
Applying assets.0010_auto_20180307_1749_squashed_0019_auto_20180816_1320... OK
Applying perms.0002_auto_20171228_0025_squashed_0009_auto_20180903_1132... OK
Applying perms.0003_action... OK
Applying perms.0004_assetpermission_actions... OK
Applying assets.0020_auto_20180816_1652... OK
Applying assets.0021_auto_20180903_1132... OK
Applying assets.0022_auto_20181012_1717... OK
Applying assets.0023_auto_20181016_1650... OK
Applying assets.0024_auto_20181219_1614... OK
Applying assets.0025_auto_20190221_1902... OK
Applying assets.0026_auto_20190325_2035... OK
Applying applications.0001_initial... OK
Applying perms.0005_auto_20190521_1619... OK
Applying perms.0006_auto_20190628_1921... OK
Applying perms.0007_remove_assetpermission_actions... OK
Applying perms.0008_auto_20190911_1907... OK
Applying assets.0027_auto_20190521_1703... OK
Applying assets.0028_protocol... OK
Applying assets.0029_auto_20190522_1114... OK
Applying assets.0030_auto_20190619_1135... OK
Applying assets.0031_auto_20190621_1332... OK
Applying assets.0032_auto_20190624_2108... OK
Applying assets.0033_auto_20190624_2108... OK
Applying assets.0034_auto_20190705_1348... OK
Applying assets.0035_auto_20190711_2018... OK
Applying assets.0036_auto_20190716_1535... OK
Applying assets.0037_auto_20190724_2002... OK
Applying assets.0038_auto_20190911_1634... OK
Applying perms.0009_remoteapppermission_system_users... OK
Applying assets.0039_authbook_is_active... OK
Applying assets.0040_auto_20190917_2056... OK
Applying assets.0041_gathereduser... OK
Applying assets.0042_favoriteasset...
OK
Applying assets.0043_auto_20191114_1111... OK
Applying assets.0044_platform... OK
Applying assets.0045_auto_20191206_1607... OK
Applying assets.0046_auto_20191218_1705... OK
Applying applications.0002_remove_remoteapp_system_user... OK
Applying applications.0003_auto_20191210_1659... OK
Applying applications.0004_auto_20191218_1705... OK
Applying perms.0010_auto_20191218_1705... OK
Applying perms.0011_auto_20200721_1739... OK
Applying assets.0047_assetuser... OK
Applying assets.0048_auto_20191230_1512... OK
Applying assets.0049_systemuser_sftp_root... OK
Applying assets.0050_auto_20200711_1740... OK
Applying assets.0051_auto_20200713_1143... OK
Applying assets.0052_auto_20200715_1535... OK
Applying assets.0053_auto_20200723_1232... OK
Applying assets.0054_auto_20200807_1032... OK
Applying applications.0005_k8sapp... OK
Applying perms.0012_k8sapppermission... OK
Applying assets.0055_auto_20200811_1845... OK
Applying assets.0056_auto_20200904_1751... OK
Applying assets.0057_fill_node_value_assets_amount_and_parent_key...
................................................................. OK
Applying perms.0013_rebuildusertreetask_usergrantedmappingnode... OK
Applying perms.0014_build_users_perm_tree... OK
Applying perms.0015_auto_20200929_1728... OK
Applying assets.0058_auto_20201023_1115... OK
Applying assets.0059_auto_20201027_1905... OK
Applying applications.0006_application... OK
Applying perms.0016_applicationpermission... OK
Applying perms.0017_auto_20210104_0435... OK
Applying assets.0060_node_full_value...
- Start migrate node value if has /
- Start migrate node full value
OK
Applying assets.0061_auto_20201116_1757... OK
Applying assets.0062_auto_20201117_1938... OK
Applying assets.0063_migrate_default_node_key...
Check old default node `key=0 value=Default` not exists
OK
Applying assets.0064_auto_20201203_1100... OK
Applying assets.0065_auto_20210121_1549... OK
Applying perms.0018_auto_20210208_1515... OK
Applying orgs.0001_initial... OK
Applying orgs.0002_auto_20180903_1132... OK
Applying orgs.0003_auto_20190916_1057... OK
Applying orgs.0004_organizationmember... OK
Applying orgs.0005_auto_20200721_1937... OK
Applying orgs.0006_auto_20200721_1937... OK
Applying orgs.0007_auto_20200728_1805... OK
Applying orgs.0008_auto_20200819_2041... OK
Applying orgs.0009_auto_20201023_1628... OK
Applying ops.0001_initial... OK
Applying ops.0002_celerytask... OK
Applying ops.0003_auto_20181207_1744... OK
Applying ops.0004_adhoc_run_as... OK
Applying ops.0005_auto_20181219_1807... OK
Applying ops.0006_auto_20190318_1023... OK
Applying ops.0007_auto_20190724_2002... OK
Applying ops.0008_auto_20190919_2100... OK
Applying ops.0009_auto_20191217_1713... OK
Applying ops.0010_auto_20191217_1758... OK
Applying ops.0011_auto_20200106_1534... OK
Applying ops.0012_auto_20200108_1659... OK
Applying ops.0013_auto_20200108_1706... OK
Applying ops.0014_auto_20200108_1749... OK
Applying ops.0015_auto_20200108_1809... OK
Applying ops.0016_commandexecution_org_id... OK
Applying ops.0017_auto_20200306_1747... OK
Applying ops.0018_auto_20200509_1434... OK
Applying ops.0019_adhocexecution_celery_task_id... OK
Applying audits.0001_initial... OK
Applying audits.0002_ftplog_org_id... OK
Applying audits.0003_auto_20180816_1652... OK
Applying audits.0004_operatelog_passwordchangelog_userloginlog... OK
Applying audits.0005_auto_20190228_1715... OK
Applying audits.0006_auto_20190726_1753... OK
Applying audits.0007_auto_20191202_1010... OK
Applying audits.0008_auto_20200508_2105... OK
Applying audits.0009_auto_20200624_1654... OK
Applying audits.0010_auto_20200811_1122... OK
Applying audits.0011_userloginlog_backend... OK
Applying assets.0066_auto_20210208_1802... OK
Applying applications.0007_auto_20201119_1110... OK
Applying applications.0008_auto_20210104_0435... OK
Applying orgs.0010_auto_20210219_1241...
Migrate model org id: Application done, use 0.98 ms
Migrate model org id: AdminUser done, use 0.75 ms
Migrate model org id: Asset done, use 0.64 ms
Migrate model org id: AuthBook done, use 0.72 ms
Migrate model org id: CommandFilter done, use 0.5 ms
Migrate model org id: CommandFilterRule done, use 0.56 ms
Migrate model org id: Domain done, use 1.02 ms
Migrate model org id: Gateway done, use 0.74 ms
Migrate model org id: GatheredUser done, use 0.69 ms
Migrate model org id: Label done, use 0.48 ms
Migrate model org id: Node done, use 0.47 ms
Migrate model org id: SystemUser done, use 0.55 ms
Migrate model org id: FTPLog done, use 0.74 ms
Migrate model org id: OperateLog done, use 0.54 ms
Migrate model org id: AdHoc done, use 0.4 ms
Migrate model org id: AdHocExecution done, use 0.52 ms
Migrate model org id: CommandExecution done, use 0.46 ms
Migrate model org id: Task done, use 37.51 ms
Migrate model org id: ApplicationPermission done, use 0.88 ms
Migrate model org id: AssetPermission done, use 0.55 ms
Migrate model org id: UserAssetGrantedTreeNodeRelation done, use 0.53 ms
Migrate model org id: Session done, use 0.5 ms
Migrate model org id: Command done, use 0.51 ms
Migrate model org id: Ticket done, use 0.43 ms
Migrate model org id: UserGroup done, use 0.51 ms
Will add users to default org: 1
Add users to default org: 1-1
done, use 2.39 ms
OK
Applying assets.0067_auto_20210311_1113... OK
Applying assets.0068_auto_20210312_1455... OK
Applying assets.0069_change_node_key0_to_key1...
--> Not exist key=0 nodes, do nothing.
OK
Applying assets.0070_auto_20210426_1515... OK
Applying assets.0071_systemuser_type...
OK
Applying assets.0072_historicalauthbook...
OK
Applying assets.0073_auto_20210606_1142...
OK
Applying assets.0074_remove_systemuser_assets... OK
Applying assets.0075_auto_20210705_1759... OK
Applying assets.0076_delete_assetuser... OK
Applying assets.0077_auto_20211012_1642... OK
Applying assets.0078_auto_20211014_2209... OK
Applying assets.0079_auto_20211102_1922... OK
Applying assets.0080_auto_20211104_1347... OK
Applying assets.0081_auto_20211105_1605... OK
Applying applications.0009_applicationuser... OK
Applying applications.0010_appaccount_historicalappaccount... OK
Applying applications.0011_auto_20210826_1759... OK
Applying applications.0012_auto_20211014_2209... OK
Applying applications.0013_auto_20211026_1711... OK
Applying applications.0014_auto_20211105_1605... OK
Applying assets.0082_auto_20211209_1440... OK
Applying assets.0083_auto_20211215_1436... OK
Applying assets.0084_auto_20220112_1959... OK
Applying assets.0085_commandfilterrule_ignore_case... OK
Applying assets.0086_auto_20220217_2135... OK
Applying assets.0087_auto_20220223_1539... OK
Applying assets.0088_auto_20220303_1612... OK
Applying assets.0089_auto_20220310_0616... OK
Applying assets.0090_auto_20220412_1145... OK
Applying applications.0015_auto_20220112_2035... OK
Applying applications.0016_auto_20220118_1455... OK
Applying applications.0017_auto_20220217_2135... OK
Applying applications.0018_auto_20220223_1539... OK
Applying applications.0019_auto_20220310_1853... OK
Applying applications.0020_auto_20220316_2028... OK
Applying tickets.0016_auto_20220609_1758... OK
Applying tickets.0017_auto_20220623_1027... OK
Applying tickets.0018_applyapplicationticket_apply_actions... OK
Applying tickets.0019_delete_applyapplicationticket... OK
Applying tickets.0020_auto_20220817_1346...
Start migrate system user to account
- migrate 'ApplyAssetTicket'
- migrate 'ApplyCommandTicket'
- migrate 'ApplyLoginAssetTicket'
OK
Applying tickets.0021_auto_20220921_1814... OK
Applying tickets.0022_alter_applyassetticket_apply_actions... OK
Applying tickets.0023_alter_applyassetticket_apply_actions... OK
Applying tickets.0024_auto_20221121_1800... OK
Applying authentication.0001_initial... OK
Applying authentication.0002_auto_20190729_1423... OK
Applying authentication.0003_loginconfirmsetting... OK
Applying authentication.0004_ssotoken... OK
Applying acls.0001_initial... OK
Applying acls.0002_auto_20210926_1047... OK
Applying acls.0003_auto_20211130_1037... OK
Applying acls.0004_auto_20220831_1658... OK
Applying acls.0005_auto_20221201_1846... OK
Applying acls.0006_commandfilteracl_commandgroup... OK
Applying acls.0007_auto_20221202_1048... OK
Applying acls.0008_commandgroup_comment... OK
Applying tickets.0025_auto_20221206_1820... OK
Applying assets.0091_auto_20220629_1826... OK
Applying assets.0092_commandfilter_nodes... OK
Applying assets.0093_auto_20220403_1627... OK
Applying assets.0094_auto_20220402_1736... OK
Applying assets.0095_auto_20220407_1726... OK
Applying assets.0096_auto_20220426_1550... OK
Applying assets.0097_auto_20220426_1558... - Update platform: Windows2016
- Update platform: Other
OK
Applying assets.0098_auto_20220430_2126...
- Migrate ori host to device: 0
OK
Applying assets.0099_auto_20220711_1409...
Start migrate asset protocols
OK
Applying accounts.0001_initial... OK
Applying assets.0100_auto_20220711_1413...
Start migrate asset accounts
Start migrate app accounts
OK
Applying assets.0101_auto_20220811_1511... OK
Applying assets.0102_auto_20220816_1022...
Start migrate command filters to assets
OK
Applying assets.0103_auto_20220902_1021...>>> migrate gateway to asset
>>> migrate gateway to account
OK
Applying assets.0104_auto_20220817_1544... OK
Applying assets.0105_auto_20221220_1956... OK
Applying assets.0106_auto_20221228_1838... OK
Applying assets.0107_automation... OK
Applying assets.0108_alter_platform_charset... OK
Applying assets.0109_alter_asset_options... OK
Applying assets.0110_auto_20230315_1741... OK
Applying assets.0111_auto_20230321_1633... OK
Applying assets.0112_auto_20230404_1631... OK
Applying assets.0113_auto_20230411_1917...
Migrate platform su method: Cisco
Migrate platform su method: H3C
Migrate platform su method: Huawei
OK
Applying assets.0114_baseautomation_params... OK
Applying assets.0115_auto_20230417_1425... OK
Applying assets.0116_auto_20230418_1726... OK
Applying assets.0117_alter_baseautomation_params... OK
Applying assets.0118_auto_20230524_1647... OK
Applying assets.0119_assets_add_default_node... OK
Applying assets.0120_auto_20230630_1613... OK
Applying assets.0121_auto_20230725_1458...
Platform add sftp protocol:
- Linux
- Gateway
Asset add sftp protocol:
Not found telnet regex setting, skip
OK
Applying assets.0122_auto_20230803_1553... OK
Applying accounts.0002_auto_20220616_0021... OK
Applying accounts.0003_automation... OK
Applying accounts.0004_auto_20230106_1507... OK
Applying accounts.0005_alter_changesecretrecord_options... OK
Applying accounts.0006_gatheredaccount... OK
Applying accounts.0007_alter_account_options... OK
Applying accounts.0008_alter_gatheredaccount_options... OK
Applying accounts.0009_account_usernames_to_ids... OK
Applying accounts.0010_gatheraccountsautomation_is_sync_account... OK
Applying accounts.0011_auto_20230506_1443... OK
Applying accounts.0012_auto_20230621_1456... OK
Applying accounts.0013_account_backup_recipients... OK
Applying accounts.0014_virtualaccount... OK
Applying accounts.0015_auto_20230825_1120... OK
Applying accounts.0016_accounttemplate_password_rules... OK
Applying acls.0009_auto_20221220_1956... OK
Applying acls.0010_alter_commandfilteracl_command_groups... OK
Applying acls.0011_auto_20230425_1704... OK
Applying acls.0012_auto_20230426_1111... OK
Applying acls.0013_auto_20230426_1759... OK
Applying acls.0014_loginassetacl_rules... OK
Applying acls.0015_connectmethodacl... OK
Applying acls.0016_auto_20230606_1857... OK
Applying acls.0017_alter_connectmethodacl_options... OK
Applying acls.0018_alter_commandfilteracl_command_groups... OK
Applying admin.0001_initial... OK
Applying admin.0002_logentry_remove_auto_add... OK
Applying admin.0003_logentry_add_action_flag_choices... OK
Applying perms.0019_auto_20210906_1044... OK
Applying perms.0020_auto_20210910_1103... OK
Applying perms.0021_auto_20211105_1605... OK
Applying perms.0022_applicationpermission_actions... OK
Applying perms.0023_auto_20220112_2035... OK
Applying perms.0024_auto_20220217_2135... OK
Applying perms.0025_auto_20220223_1539... OK
Applying perms.0026_auto_20220307_1500... OK
Applying perms.0027_auto_20220310_1802... OK
Applying perms.0028_auto_20220316_2028... OK
Applying perms.0029_auto_20220728_1728... OK
Applying perms.0030_auto_20220816_1132... OK
Applying perms.0031_auto_20220816_1600... OK
Applying ops.0020_adhoc_run_system_user... OK
Applying ops.0021_auto_20211130_1037... OK
Applying ops.0022_auto_20220817_1346... OK
Applying applications.0021_auto_20220629_1826... OK
Applying applications.0022_auto_20220714_1046... OK
Applying applications.0023_auto_20220715_1556... OK
Applying applications.0024_alter_application_type... OK
Applying applications.0025_auto_20220817_1346... OK
Applying applications.0026_auto_20220817_1716... OK
Applying applications.0027_auto_20221220_1956... OK
Applying assets.0123_device_automation_ansible_enabled... OK
Applying assets.0124_auto_20231007_1437... OK
Applying assets.0125_auto_20231011_1053... OK
Applying ops.0023_auto_20220912_0021... OK
Applying audits.0012_auto_20210414_1443... OK
Applying audits.0013_auto_20211130_1037... OK
Applying audits.0014_auto_20220505_1902... OK
Applying audits.0015_auto_20221011_1745... OK
Applying audits.0016_auto_20221111_1919... OK
Applying audits.0017_auto_20221220_1757... OK
Applying audits.0018_operatelog_resource_id... OK
Applying audits.0019_alter_operatelog_options... OK
Applying audits.0020_auto_20230117_1004... OK
Applying audits.0021_auto_20230207_0857... OK
Applying audits.0022_auto_20230605_1555... OK
Applying audits.0023_auto_20230906_1322... OK
Applying audits.0024_usersession... OK
Applying audits.0025_remove_usersession_date_expired... OK
Applying auth.0009_alter_user_last_name_max_length... OK
Applying auth.0010_alter_group_name_max_length... OK
Applying auth.0011_update_proxy_permissions... OK
Applying auth.0012_alter_user_first_name_max_length... OK
Applying tickets.0026_auto_20221220_1956... OK
Applying tickets.0027_alter_applycommandticket_apply_run_account... OK
Applying tickets.0028_remove_app_tickets... OK
Applying authentication.0005_delete_loginconfirmsetting... OK
Applying authentication.0006_auto_20211227_1059... OK
Applying authentication.0007_connectiontoken... OK
Applying authentication.0008_superconnectiontoken... OK
Applying authentication.0009_auto_20220310_0616... OK
Applying authentication.0010_temptoken... OK
Applying authentication.0011_auto_20220705_1940... OK
Applying authentication.0012_auto_20220816_1629... OK
Applying authentication.0013_connectiontoken_protocol... OK
Applying authentication.0014_auto_20221122_2152... OK
Applying authentication.0015_auto_20221205_1136... OK
Applying authentication.0016_auto_20221220_1956... OK
Applying authentication.0017_auto_20230105_1743...
OK
Applying authentication.0018_alter_connectiontoken_input_secret... OK
Applying authentication.0019_connectiontoken_is_reusable... OK
Applying authentication.0020_connectiontoken_connect_options... OK
Applying authentication.0021_auto_20230713_1459... OK
Applying authentication.0022_passkey... OK
Applying authentication.0023_auto_20231010_1101... OK
Applying captcha.0001_initial... OK
Applying captcha.0002_alter_captchastore_id... OK
Applying django_cas_ng.0001_initial... OK
Applying django_cas_ng.0002_auto_20201023_1400... OK
Applying django_cas_ng.0003_auto_20210813_1226... OK
Applying django_celery_beat.0001_initial... OK
Applying django_celery_beat.0002_auto_20161118_0346... OK
Applying django_celery_beat.0003_auto_20161209_0049... OK
Applying django_celery_beat.0004_auto_20170221_0000... OK
Applying django_celery_beat.0005_add_solarschedule_events_choices... OK
Applying django_celery_beat.0006_auto_20180322_0932... OK
Applying django_celery_beat.0007_auto_20180521_0826... OK
Applying django_celery_beat.0008_auto_20180914_1922... OK
Applying django_celery_beat.0006_auto_20180210_1226... OK
Applying django_celery_beat.0006_periodictask_priority... OK
Applying django_celery_beat.0009_periodictask_headers... OK
Applying django_celery_beat.0010_auto_20190429_0326... OK
Applying django_celery_beat.0011_auto_20190508_0153... OK
Applying django_celery_beat.0012_periodictask_expire_seconds... OK
Applying django_celery_beat.0013_auto_20200609_0727... OK
Applying django_celery_beat.0014_remove_clockedschedule_enabled... OK
Applying django_celery_beat.0015_edit_solarschedule_events_choices... OK
Applying django_celery_beat.0016_alter_crontabschedule_timezone... OK
Applying django_celery_beat.0017_alter_crontabschedule_month_of_year... OK
Applying django_celery_beat.0018_improve_crontab_helptext... OK
Applying users.0032_userpasswordhistory... OK
Applying users.0033_user_need_update_password... OK
Applying users.0034_auto_20210506_1448... OK
Applying users.0035_auto_20210526_1100... OK
Applying users.0036_user_feishu_id... OK
Applying users.0037_user_secret_key... OK
Applying users.0038_auto_20211209_1140... OK
Applying users.0039_auto_20211229_1852... OK
Applying users.0040_alter_user_source... OK
Applying users.0041_auto_20221220_1956... OK
Applying notifications.0001_initial... OK
Applying notifications.0002_auto_20210909_1946...
Init user message subscription: 1
OK
Applying notifications.0003_auto_20221220_1956... OK
Applying notifications.0004_auto_20230201_1614... OK
Applying ops.0024_alter_celerytask_date_last_publish... OK
Applying ops.0025_auto_20230413_1531... OK
Applying ops.0026_auto_20230810_1039... OK
Applying ops.0027_alter_celerytaskexecution_options... OK
Applying rbac.0001_initial... OK
Applying rbac.0002_auto_20210929_1409... OK
Applying rbac.0003_auto_20211130_1037... - Update builtin roles
- Update: SystemAdmin - True
- Update: SystemAuditor - True
- Update: SystemComponent - True
- Update: User - True
- Update: OrgAdmin - True
- Update: OrgAuditor - True
- Update: OrgUser - True
OK
Applying rbac.0004_auto_20211201_1901...
Create role binding: 0-1 using: 0.58s
Create role binding: 0-1 using: 0.00s
OK
Applying orgs.0011_auto_20211223_1913... OK
Applying orgs.0012_auto_20220118_1054... OK
Applying orgs.0013_alter_organization_options... OK
Applying orgs.0014_organization_builtin... OK
Applying orgs.0015_auto_20221220_1956... OK
Applying perms.0032_auto_20221111_1919... OK
Applying perms.0033_auto_20221220_1956... OK
Applying perms.0034_auto_20230525_1734... OK
Applying rbac.0005_auto_20220307_1524... OK
Applying rbac.0006_auto_20220310_0616... OK
Applying rbac.0007_auto_20220314_1525... OK
Applying rbac.0008_auto_20220411_1709... OK
Applying rbac.0009_auto_20220411_1724... OK
Applying rbac.0010_auto_20221220_1956... OK
Applying rbac.0011_remove_redundant_permission... OK
Applying sessions.0001_initial... OK
Applying settings.0002_auto_20210729_1546... OK
Applying settings.0003_auto_20210901_1035... OK
Applying settings.0004_auto_20220211_1401... OK
Applying settings.0005_auto_20220310_0616... OK
Applying settings.0006_remove_setting_enabled... OK
Applying settings.0007_migrate_ldap_sync_org_ids... OK
Applying settings.0008_alter_setting_options... OK
Applying settings.0009_alter_cas_username_attribute... OK
Applying settings.0010_alter_setting_options... OK
Applying terminal.0050_auto_20220606_1745... OK
Applying terminal.0051_sessionsharing_users... OK
Applying terminal.0052_auto_20220713_1417... OK
Applying terminal.0053_auto_20221009_1755... OK
Applying terminal.0054_auto_20221027_1125... OK
Applying terminal.0055_auto_20221228_1804... OK
Applying terminal.0056_auto_20221228_1808... OK
Applying terminal.0057_auto_20230109_1447... OK
Applying terminal.0058_auto_20230110_1445... OK
Applying terminal.0059_session_account_id... OK
Applying terminal.0060_sessionsharing_action_permission... OK
Applying terminal.0061_applet_can_concurrent... OK
Applying terminal.0062_applet_edition... OK
Applying terminal.0063_auto_20230621_1133... OK
Applying terminal.0064_auto_20230728_1001... OK
Applying terminal.0065_session_error_reason... OK
Applying tickets.0029_auto_20230110_1445... OK
Applying users.0042_auto_20230203_1201... OK
Applying users.0043_remove_user_secret_key_preference... OK
Applying users.0044_usersession... OK
Applying users.0045_delete_usersession... OK
Applying users.0046_auto_20230927_1456... OK
Applying users.0047_user_date_api_key_last_used... OK
Applying users.0048_wechat_phone_encrypt... OK
After migration, update builtin role permissions
- Update builtin roles
完成
>>> 安装完成了
1. 可以使用如下命令启动, 然后访问
cd /opt/jumpserver-installer-v3.8.0
./jmsctl.sh start
2. 其它一些管理命令
./jmsctl.sh stop
./jmsctl.sh restart
./jmsctl.sh backup
./jmsctl.sh upgrade
更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
3. Web 访问
http://172.25.41.89:80
默认用户: admin 默认密码: admin
4. SSH/SFTP 访问
ssh -p2222 admin@172.25.41.89
sftp -P2222 admin@172.25.41.89
5. 更多信息
我们的官网: https://www.jumpserver.org/
我们的文档: https://docs.jumpserver.org/
[+] Running 10/10
✔ Container jms_lion Started 5.2s
✔ Container jms_koko Started 4.1s
✔ Container jms_chen Started 5.2s
✔ Container jms_kael Started 3.7s
✔ Container jms_web Started 3.6s
✔ Container jms_magnus Started 3.7s
✔ Container jms_celery Started 2.6s
✔ Container jms_redis Running 0.0s
✔ Container jms_mysql Running 0.0s
✔ Container jms_core Started 6.0s
通过上面的安装信息,我们了解到此时 Linux
环境已经安装 Docker
容器,并使用该容器成功运行了 JumpServer
堡垒机。
查看 Docker
版本信息:
bash
docker version
此处我们查看 JumpServer
相关的 images
镜像列表:
bash
[root@JumpServer ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
jumpserver/redis 6.2 6408abc40b2a 14 hours ago 106MB
jumpserver/web v3.8.0 7bc18906aaee 18 hours ago 1.49GB
jumpserver/chen v3.8.0 2e56502c628f 18 hours ago 576MB
jumpserver/koko v3.8.0 8f0ae6fc7123 18 hours ago 1.06GB
jumpserver/kael v3.8.0 a09b75b98f60 18 hours ago 278MB
jumpserver/lion v3.8.0 f56740becf33 18 hours ago 237MB
jumpserver/core v3.8.0 78d73be6070f 18 hours ago 1.57GB
jumpserver/magnus v3.8.0 dbc25d9904b8 18 hours ago 157MB
jumpserver/mariadb 10.6 aac2cf878de9 10 months ago 405MB
验证安装
访问部署的 JumpServer
堡垒机:
bash
>>> 安装完成了
1. 可以使用如下命令启动, 然后访问
cd /opt/jumpserver-installer-v3.8.0
./jmsctl.sh start
2. 其它一些管理命令
./jmsctl.sh stop
./jmsctl.sh restart
./jmsctl.sh backup
./jmsctl.sh upgrade
更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
3. Web 访问
http://172.25.41.89:80
默认用户: admin 默认密码: admin
4. SSH/SFTP 访问
ssh -p2222 admin@172.25.41.89
sftp -P2222 admin@172.25.41.89
5. 更多信息
我们的官网: https://www.jumpserver.org/
我们的文档: https://docs.jumpserver.org/
浏览器输入地址 http://172.25.41.89:80
,显示页面如下:
首次登录进入后,会要求修改初始密码,修改后继续登录,进入页面显示如下: