Docker快速部署一款堡垒机系统

JumpServer是一款广受欢迎的开源堡垒机，设计用于帮助企业更安全地管控和登录各种类型的IT资产。它遵循4A规范（身份认证、账号管理、授权控制、安全审计），提供了一套专业的运维安全审计解决方案。

1.创建目录

mkdir -p /home/jump
mkdir -p /home/jump/mariadb
mkdir -p /home/jump/redis/conf
mkdir -p /home/jump/jump
mkdir -p /home/jump/jump/core/data
mkdir -p /home/jump/jump/koko/data
mkdir -p /home/jump/jump/lion/data
mkdir -p /home/jump/jump/kael/data
mkdir -p /home/jump/jump/kael/data
mkdir -p /home/jump/jump/chen/data
mkdir -p /home/jump/jump/web/log

docker pull docker.m.daocloud.io/redis:7.4.2
docker pull docker.m.daocloud.io/mariadb:11.7.2
docker pull docker.1panel.live/jumpserver/jms_all:v4.10.12
docker pull jumpserver/jms_all:v4.10.12

2.创建redis

cat >> /home/jump/redis/conf/redis.conf <<EOF
bind 0.0.0.0
maxmemory-policy allkeys-lru
requirepass handsome
EOF

docker run -itd --name jumpserver_redis --restart=always -p 6379:6379 -v /home/jump/redis/conf:/etc/redis -v /home/jump/redis/data:/data docker.m.daocloud.io/redis:7.4.2 redis-server /etc/redis/redis.conf

3.创建MariaDB数据库服务

docker run -itd --name jumpserver_mariadb --restart=always -e MYSQL_ROOT_PASSWORD=handsome -p 3306:3306 -v /home/jump/mariadb:/var/lib/mysql docker.m.daocloud.io/mariadb:11.7.2

docker exec -it jumpserver_mariadb bash 
root@0f7761b6d339:/# mariadb -u root -phandsome
# 执行以下SQL
create database jumpserver default charset 'utf8';
create user 'jumpserver'@'%' identified by 'handsome';
grant all on jumpserver.* to 'jumpserver'@'%';
flush privileges;

4.创建JumpServer服务

docker run -itd --name jms_all --restart=always \
-p 80:80  -p 2222:2222  -p 30000-30100:30000-30100 \
-e SECRET_KEY=4kGNxyAucTuXdYKehaXavPaA5zat224PEcdovfxax2TABP5XNJ \
-e BOOTSTRAP_TOKEN=ch4c8wTsh7dhKyd513jAvNyU \
-e LOG_LEVEL=ERROR \
-e DB_ENGINE=mysql \
-e DB_HOST=180.184.67.237 \
-e DB_PORT=3306 \
-e DB_USER=jumpserver \
-e DB_PASSWORD=handsome \
-e DB_NAME=jumpserver \
-e REDIS_HOST=180.184.67.237 \
-e REDIS_PORT=6379 \
-e REDIS_PASSWORD=handsome \
--privileged=true \
-v /home/jump/jump/core/data:/opt/jumpserver/data \
-v /home/jump/jump/koko/data:/opt/koko/data \
-v /home/jump/jump/lion/data:/opt/lion/data \
-v /home/jump/jump/kael/data:/opt/kael/data \
-v /home/jump/jump/chen/data:/opt/chen/data \
-v /home/jump/jump/web/log:/var/log/nginx \
docker.1panel.live/jumpserver/jms_all:v4.10.12

或者

docker run -itd --name jms_all --restart=always \
-p 80:80  -p 2222:2222  -p 30000-30100:30000-30100 \
-e SECRET_KEY=4kGNxyAucTuXdYKehaXavPaA5zat224PEcdovfxax2TABP5XNJ \
-e BOOTSTRAP_TOKEN=ch4c8wTsh7dhKyd513jAvNyU \
-e LOG_LEVEL=ERROR \
-e DB_ENGINE=mysql \
-e DB_HOST=180.184.67.237 \
-e DB_PORT=3306 \
-e DB_USER=jumpserver \
-e DB_PASSWORD=handsome \
-e DB_NAME=jumpserver \
-e REDIS_HOST=180.184.67.237 \
-e REDIS_PORT=6379 \
-e REDIS_PASSWORD=handsome \
--privileged=true \
-v /home/jump/jump/core/data:/opt/jumpserver/data \
-v /home/jump/jump/koko/data:/opt/koko/data \
-v /home/jump/jump/lion/data:/opt/lion/data \
-v /home/jump/jump/kael/data:/opt/kael/data \
-v /home/jump/jump/chen/data:/opt/chen/data \
-v /home/jump/jump/web/log:/var/log/nginx \
jumpserver/jms_all:v4.10.12

5.查看服务状态

docker ps

6.登录JumpServer系统

地址：http://180.184.67.237
账户：admin
密码：ChangeMe