2.5计划任务/远程管理
一、计划任务
1、计划任务概念解析
在Linux操作系统中,除了用户即时执行的命令操作以外,还可以配置在指定的时间、指定的日期 执行预先计划好的系统管理任务(如定期备份、定期采集监测数据)。RHEL6系统中默认已安装 了at、cronie软件包,通过atd和crond这两个系统服务实现一次性、周期性计划任务的功能,并 分别通过at、crontab命令进行计划任务设置。
2、计划任务分类
一次性计划任务 循环型计划任务 系统级计划任务 用户级计划任务
3、Crontab详解
安装软件
[root@localhost ~]# yum -y install crontabs
启动服务 默认是启动的
rhel5/6:
[root@localhost ~]# /etc/init.d/crond status
[root@localhost ~]# /etc/init.d/crond start
rhel7:
[root@localhost ~]# systemctl start crond.service
[root@localhost ~]# systemctl status crond.service
[root@localhost ~]# systemctl enable crond.service
开机启动(rhel5/6)
[root@localhost ~]# chkconfig crond on创建计划任务:用户级别的计划任务
[root@localhost ~]# crontab -u 用户 -e
-u 指定用户 默认不写就是root
[root@localhost ~]# crontab -e
配置分两部分 拿空格分开
第一部分:时间
分钟 小时 日 月 周
范围 0-59 0-23 1-31 1-12 0-7
上面的时间范围可以查看man手册: [root@localhost ~]# man 5 crontab
各种时间写法:
5 10 * * *
5 10 8 * *
1 5 7 * 5
1,5,9 * * * *
8-12 * * * *
5-20,40 * * * *
8-12,20-25 * * * *
*/5 * * * *
ps: * 表示每...
, 取不同的时间点
- 表示范围
*/5 每5分钟
第二部分:动作
把上面规定的时间要执行的命令写在这里,当然包括脚本(最常用),命令最好要写绝对路径
查看计划任务:两种方法
1)[root@localhost ~]# crontab -l
-u 用户名 查看某一个账户的计划任务
2)[root@localhost ~]# cat /var/spool/cron/root
计划任务删除:两种方法
1)[root@localhost ~]# crontab -r -u wing
-r 删除
-u 指定用户
[root@localhost ~]# crontab -e -u tom
2)[root@localhost ~]# rm -f /var/spool/cron/root
计划任务的权限控制
[root@localhost ~]# cat /etc/cron.deny
如果这个文件存在,凡是写到这个文件里面的账户不允许执行crontab命令
[root@localhost ~]# cat /etc/cron.allow
如果这个文件存在,没有写到这个文件里面的账户不允许执行crontab命令
如果有allow文件,那不管deny是否存在,都是只允许allow文件里面的用户
二、计划任务实战
使用计划任务运行指定应用程序
[root@localhost yum.repos.d]# which touch
/usr/bin/touch
[root@localhost yum.repos.d]# cd /tmp
[root@localhost tmp]# ls
[root@localhost tmp]# rm -rf *每分钟创建一个1.txt
[root@localhost tmp]# crontab -e
*/1 * * * * /usr/bin/touch /tmp/1.txt[root@localhost tmp]# ls
1.txt查看日志
[root@localhost tmp]# tailf /var/log/cron 定时重启
[root@localhost tmp]# which reboot
/usr/sbin/reboot[root@localhost tmp]# crontab -e
00 24 * * * /usr/sbin/rebootcrontab: installing new crontab
"/tmp/crontab.udy0yb":2: bad hour
errors in crontab file, can't install.
Do you want to retry the same edit? q
Enter Y or N
Do you want to retry the same edit? ^C删除
[root@localhost tmp]# crontab -r查询
[root@localhost tmp]# crontab -l
no crontab for root三、远程管理
1、ssh服务
安装软件:
openssh-server 提供服务
openssh-clients 客户端
openssh
[root@localhost ~]# yum install openssh* -y
ssh 端口22
服务器端:
启动服务:
[root@localhost ~]# systemctl start sshd
查看:
[root@localhost ~]# lsof -i:22关闭防火墙和selinux
systemctl stop firewalld
临时关闭
[root@localhost tmp]# getenforce 0
Enforcing
[root@localhost tmp]# setenforce 0
[root@localhost tmp]# getenforce 0
Permissive
这个是永久关闭 重启机器才能生效vi /etc/selinux/config客户端:
远程登陆管理:
[root@localhost ~]# ssh -X tom@10.18.44.208 -p 2222
[root@localhost ~]# ssh 10.18.44.208
如登陆果账户没有密码,默认不能
无密码登陆(ssh密钥认证)client:
产生公钥和私钥:
[root@localhost ~]# ssh-keygen //一路回车
拷贝公钥给对方:
[root@localhost ~]# ssh-copy-id -i 10.18.44.208
直接执行远程命令:
[root@localhost ~]# ssh 10.18.44.208 "reboot"远程拷贝:
需要先安装客户端
[root@localhost ~]# cp 源文件 目标路径
谁是远程谁加IP
132的
[root@localhost tmp]# touch 1.txt
[root@localhost tmp]# ls
1.txt
[root@localhost ~]# scp 1.txt 192.168.120.133:/tmp/-P端口
拷贝目录加-r选项
[root@localhost tmp]# scp 192.168.120.133:/tmp/1.txt /tmp/
1.txt 100% 0 0.0KB/s 00:00
[root@localhost tmp]# ls
1.txt修改端口号
[root@localhost ~]# vim /etc/ssh/sshd_config
Port 1000
[root@localhost tmp]# systemctl restart sshdPort 22
ListenAddress 192.168.2.8
PermitRootLogin yes
MaxSessions 10 最大并发量
PermitEmptyPasswords no
2、rz sz命令
安装 root 账号登陆后执行以下命令: 搜索软件包
[root@localhost tmp]# yum provides rz[root@localhost ~]#yum -y install lrzsz-0.12.20-36.el7.x86_64使用 sz命令发送文件到本地: [root@localhost ~]# sz filename rz命令本地上传文件到服务器: [root@localhost ~]## rz 执行该命令后,在弹出框中选择要上传的文件即可。
3、远程桌面管理
4、Jumpserver
四、Jumpserver详解
1、环境配置
[root@localhost ~]# setenforce 0[root@localhost ~]# getenforce
Disabled
[root@localhost ~]# systemctl stop firewalld.service修改字符集,否则可能报 input/output error的问题,因为日志里打印了中文
[root@localhost ~]# localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
[root@localhost ~]# export LC_ALL=zh_CN.UTF-8
[root@localhost ~]# echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf[root@localhost ~]# yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git[root@localhost ~]# wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
解压
[root@localhost ~]# tar xf Python-3.6.1.tar.xz && cd Python-3.6.1
编译安装
[root@sdp-dev Python-3.6.1]# ./configure && make && make install
这里必须执行编译安装,否则在安装 Python 库依赖时会有麻烦...[root@sdp-dev Python-3.6.1]# cd /opt[root@sdp-dev opt]# python3 -m venv py3
[root@sdp-dev opt]# source /opt/py3/bin/activate(py3) [root@sdp-dev opt]#报错
(py3) [root@localhost opt]# git clone git://github.com/kennethreitz/autoenv.git
正克隆到 'autoenv'...
fatal: unable to connect to github.com:
github.com[0: 20.205.243.166]: errno=????
如果失败 可以修复一下
(py3) [root@localhost opt]# git config --global url.https://github.com/.insteadOf git://github.com/第二个报错
(py3) [root@localhost opt]# git clone git://github.com/kennethreitz/autoenv.git
正克隆到 'autoenv'...
fatal: unable to access 'https://github.com/kennethreitz/autoenv.git/': Failed connect to 127.0.0.1:1080; Connection refused
(py3) [root@localhost opt]# git config --global --unset https.proxy
(py3) [root@localhost opt]# git config --global --unset http.proxy
上述方案要还是无法解决,运行以下命令:
git config --global http.sslVerify "false"(py3) [root@sdp-dev opt]# git clone git://github.com/kennethreitz/autoenv.git
正克隆到 'autoenv'...
remote: Enumerating objects: 671, done.
remote: Total 671 (delta 0), reused 0 (delta 0), pack-reused 671
接收对象中: 100% (671/671), 103.92 KiB | 115.00 KiB/s, done.
处理 delta 中: 100% (356/356), done.(py3) [root@sdp-dev opt]#
(py3) [root@sdp-dev opt]# echo 'source /opt/autoenv/activate.sh' >> ~/.bashrc
(py3) [root@sdp-dev opt]# source ~/.bashrc
(py3) [root@sdp-dev opt]#
2、下载Jumpserver
报这个问题的时候安装了这个
正在解析主机 github.com (github.com)... 20.205.243.166
正在连接 github.com (github.com)|20.205.243.166|:443... 失败:拒绝连接。
(py3) [root@localhost opt]# yum update nss
按y项目太大无法拉取的问题
(py3) [root@localhost opt]# git clone https://github.com/jumpserver/jumpserver.git && cd jumpserver && git checkout master正克隆到 'jumpserver'...
error: RPC failed; result=7, HTTP code = 0
fatal: The remote end hung up unexpectedly
(py3) [root@localhost opt]# git config --global http.postBuffer 1048576000(py3) [root@sdp-dev opt]# git clone https://github.com/jumpserver/jumpserver.git && cd jumpserver && git checkout master
正克隆到 'jumpserver'...
remote: Enumerating objects: 79, done.
remote: Counting objects: 100% (79/79), done.
remote: Compressing objects: 100% (68/68), done.
remote: Total 41282 (delta 19), reused 20 (delta 5), pack-reused 41203
接收对象中: 100% (41282/41282), 52.05 MiB | 79.00 KiB/s, done.
处理 delta 中: 100% (28176/28176), done.
已经位于 'master'
(py3) [root@sdp-dev jumpserver]#
3、安装所需的python modules
(py3) [root@sdp-dev jumpserver]# echo "source /opt/py3/bin/activate" > /opt/jumpserver/.env
(py3) [root@sdp-dev jumpserver]# cd requirements/
autoenv:
autoenv: WARNING:
autoenv: This is the first time you are about to source /opt/jumpserver/.env:
autoenv:
autoenv: --- (begin contents) ---------------------------------------
autoenv: source /opt/py3/bin/activate$
autoenv:
autoenv: --- (end contents) -----------------------------------------
autoenv:
autoenv: Are you sure you want to allow this? (y/N) y(py3) [root@sdp-dev requirements]#
(py3) [root@sdp-dev requirements]# yum -y install $(cat rpm_requirements.txt)
(py3) [root@sdp-dev requirements]# pip install --upgrade pip
(py3) [root@sdp-dev requirements]# pip install -r requirements.txt
4、安装Redis
(py3) [root@sdp-dev requirements]# yum -y install redis
(py3) [root@sdp-dev requirements]# systemctl enable redis
Created symlink from /etc/systemd/system/multi-user.target.wants/redis.service
to /usr/lib/systemd/system/redis.service.
(py3) [root@sdp-dev requirements]# systemctl start redis
5、安装MySQL
(py3) [root@sdp-dev requirements]# yum -y install mariadb mariadb-devel mariadbserver
(py3) [root@sdp-dev requirements]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service
to /usr/lib/systemd/system/mariadb.service.
(py3) [root@sdp-dev requirements]# systemctl start mariadb
(py3) [root@sdp-dev requirements]#
(py3) [root@sdp-dev requirements]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2
Server version: 5.5.60-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database jumpserver default charset 'utf8';
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on jumpserver.* to 'jumpserveradmin'@'127.0.0.1'
identified by 'jumpserverpwd';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> \q
Bye
(py3) [root@sdp-dev requirements]#
6、配置Jumpserver
(py3) [root@sdp-dev requirements]# pwd
/opt/jumpserver/requirements
(py3) [root@sdp-dev requirements]# cd ..
(py3) [root@sdp-dev jumpserver]# ls
apps config_example.yml Dockerfile entrypoint.sh LICENSE README_EN.md
requirements tmp
build.sh data docs jms logs README.md
run_server.py utils
(py3) [root@sdp-dev jumpserver]# cp config_example.yml config.yml
(py3) [root@sdp-dev jumpserver]#
(py3) [root@sdp-dev jumpserver]# SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9
| head -c 50`
(py3) [root@sdp-dev jumpserver]# echo $SECRET_KEY
vFjo4WEMRWNinXMconEXodf3VeEaRStkDzo6SpIfNxphYEEMUZ
(py3) [root@sdp-dev jumpserver]# echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc
(py3) [root@sdp-dev jumpserver]# BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc AZa-z0-9 | head -c 16`
(py3) [root@sdp-dev jumpserver]# echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >>
~/.bashrc
(py3) [root@sdp-dev jumpserver]# echo $BOOTSTRAP_TOKEN
yBCVQ9WHA9phTZ21
(py3) [root@sdp-dev jumpserver]# sed -i "s/SECRET_KEY:/SECRET_KEY:
$SECRET_KEY/g" /opt/jumpserver/config.yml
(py3) [root@sdp-dev jumpserver]# sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN:
$BOOTSTRAP_TOKEN/g" /opt/jumpserver/config.yml
(py3) [root@sdp-dev jumpserver]# sed -i "s/# DEBUG: true/DEBUG: false/g"
/opt/jumpserver/config.yml
(py3) [root@sdp-dev jumpserver]# sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL:
ERROR/g" /opt/jumpserver/config.yml
(py3) [root@sdp-dev jumpserver]# sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE:
false/SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" /opt/jumpserver/config.yml
(py3) [root@sdp-dev jumpserver]# echo -e "\033[31m 你的SECRET_KEY是 $SECRET_KEY
\033[0m"
你的SECRET_KEY是 vFjo4WEMRWNinXMconEXodf3VeEaRStkDzo6SpIfNxphYEEMUZ
(py3) [root@sdp-dev jumpserver]# echo -e "\033[31m 你的BOOTSTRAP_TOKEN是
$BOOTSTRAP_TOKEN \033[0m"
你的BOOTSTRAP_TOKEN是 yBCVQ9WHA9phTZ21
(py3) [root@sdp-dev jumpserver]# vi config.yml
(py3) [root@sdp-dev jumpserver]# sed -n '/^DB_/p' /opt/jumpserver/config.yml
DB_ENGINE: mysql
DB_HOST: 127.0.0.1
DB_PORT: 3306
DB_USER: jumpserveradmin
DB_PASSWORD: jumpserverpwd
DB_NAME: jumpserver
(py3) [root@sdp-dev jumpserver]#
7、启动/关闭Jumpserver
(py3) [root@sdp-dev jumpserver]# ./jms start
......
(py3) [root@sdp-dev jumpserver]# ./jms stop
Stop service: gunicorn
Stop service: celery
Stop service: beat
(py3) [root@sdp-dev jumpserver]#
后台启动
(py3) [root@sdp-dev jumpserver]# ./jms start -d
8、部署koko
支持终端管理,默认port为2222
[root@sdp-dev ~]# systemctl start docker
[root@sdp-dev ~]#
[root@sdp-dev ~]# Server_IP=192.168.20.32
[root@sdp-dev ~]# BOOTSTRAP_TOKEN=yBCVQ9WHA9phTZ21
[root@sdp-dev ~]# docker run --name jms_koko -d -p 2222:2222 -p 5000:5000 -e
CORE_HOST=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN
jumpserver/jms_koko:1.5.5
Unable to find image 'jumpserver/jms_koko:1.5.5' locally
1.5.2: Pulling from jumpserver/jms_koko
050382585609: Pull complete
f6e2d22aa00f: Pull complete
8c86c00c5332: Pull complete
6b9c6941a89d: Pull complete
a10054b94acf: Pull complete
4005724a64ff: Pull complete
446406ca2953: Pull complete
716a981c63ee: Pull complete
41a65efed49e: Pull complete
Digest: sha256:ac6258fe46165860289410970e124031aa74a380cb3e1ad97348feb2c9265cbc
Status: Downloaded newer image for jumpserver/jms_koko:1.5.5
31fc5862ea104946590c232f16dab366d55823e559e256c5208a3720be9406ba
[root@sdp-dev ~]#
手工部署koko (coco 目前已经被 koko 取代)
cd /opt
wget https://github.com/jumpserver/koko/releases/download/1.5.2/koko-master-
37daa82-linux-amd64.tar.gz
tar xf koko-master-37daa82-linux-amd64.tar.gz
chown -R root:root kokodir
cd kokodir
chown -R root:root /opt/kokodir
cd /opt/kokodir
cp config_example.yml config.yml
vim config.yml # BOOTSTRAP_TOKEN 需要从 jumpserver/config.yml 里面获取, 保证一致
./koko
9、部署guacamole
基于 HTML 5 和 JavaScript 的 VNC 查看器
[root@sdp-dev ~]# docker run --name jms_guacamole -d -p 8081:8081 -e
JUMPSERVER_SERVER=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN
jumpserver/jms_guacamole:1.5.5
Unable to find image 'jumpserver/jms_guacamole:1.5.5' locally
1.5.5: Pulling from jumpserver/jms_guacamole
8ba884070f61: Pull complete
74b389e6937e: Pull complete
41f5461bfc2f: Pull complete
f693f2484212: Pull complete
246835158fe4: Pull complete
Digest: sha256:de0b74e33c9991181eb507d768df73fb05932f3b4722dc36ecdca4e358fdce8d
Status: Downloaded newer image for jumpserver/jms_guacamole:1.5.5
f4d0c314c5fb840e42ea7e284f5349c571039bb1e3af2f3f8377b7a2c5f53f82
[root@sdp-dev ~]#
9手工部署guacamole
$ cd /opt
$ git clone --depth=1 https://github.com/jumpserver/docker-guacamole.git
$ cd /opt/docker-guacamole
$ tar xf guacamole-server-1.0.0.tar.gz
$ cd /opt/docker-guacamole/guacamole-server-1.0.0
# 根据 http://guacamole.apache.org/doc/gug/installing-guacamole.html 文档安装对应的
依赖包
$ autoreconf -fi
$ ./configure --with-init-dir=/etc/init.d
$ make
$ make install
# 访问 https://tomcat.apache.org/download-90.cgi 下载最新的 tomcat9
$ mkdir -p /config/guacamole /config/guacamole/lib /config/guacamole/extensions
/config/guacamole/data/log/
$ cd /config
$ wget http://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-
9/v9.0.22/bin/apache-tomcat-9.0.22.tar.gz
$ tar xf apache-tomcat-9.0.22.tar.gz
$ mv apache-tomcat-9.0.22 tomcat9
$ rm -rf /config/tomcat9/webapps/*
$ sed -i 's/Connector port="8080"/Connector port="8081"/g'
/config/tomcat9/conf/server.xml
$ echo "java.util.logging.ConsoleHandler.encoding = UTF-8" >>
/config/tomcat9/conf/logging.properties
$ ln -sf /opt/docker-guacamole/guacamole-1.0.0.war
/config/tomcat9/webapps/ROOT.war
$ ln -sf /opt/docker-guacamole/guacamole-auth-jumpserver-1.0.0.jar
/config/guacamole/extensions/guacamole-auth-jumpserver-1.0.0.jar
$ ln -sf /opt/docker-guacamole/root/app/guacamole/guacamole.properties
/config/guacamole/guacamole.properties
$ wget https://github.com/ibuler/ssh-forward/releases/download/v0.0.5/linuxamd64.tar.gz
$ tar xf linux-amd64.tar.gz -C /bin/
$ chmod +x /bin/ssh-forward
# 设置 guacamole 环境
$ export JUMPSERVER_SERVER=http://127.0.0.1:8080 # http://127.0.0.1:8080 指
jumpserver 访问地址
$ echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> ~/.bashrc
# BOOTSTRAP_TOKEN 为 Jumpserver/config.yml 里面的 BOOTSTRAP_TOKEN 值
$ export BOOTSTRAP_TOKEN=******
$ echo "export BOOTSTRAP_TOKEN=******" >> ~/.bashrc
$ export JUMPSERVER_KEY_DIR=/config/guacamole/keys
$ echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> ~/.bashrc
$ export GUACAMOLE_HOME=/config/guacamole
$ echo "export GUACAMOLE_HOME=/config/guacamole" >> ~/.bashrc
$ /etc/init.d/guacd start
$ sh /config/tomcat9/bin/startup.sh
10、部署luna
与nginx结合支持Web Terminal前端
[root@sdp-dev ~]# cd /opt/
[root@sdp-dev opt]# wget
https://github.com/jumpserver/luna/releases/download/1.5.5/luna.tar.gz
[root@sdp-dev opt]# tar xf luna.tar.gz
[root@sdp-dev opt]# chown -R root:root luna
11、配置nginx
[root@sdp-dev opt]# cd /usr/local/nginx/conf/
[root@sdp-dev conf]# ls
fastcgi.conf koi-utf nginx.conf uwsgi_params
fastcgi.conf.default koi-win nginx.conf.default
uwsgi_params.default
fastcgi_params mime.types scgi_params win-utf
fastcgi_params.default mime.types.default scgi_params.default
[root@sdp-dev conf]# mkdir conf.d
[root@sdp-dev conf]# cd conf.d/
[root@sdp-dev conf.d]# vim jumpserver.conf
[root@sdp-dev conf.d]# ls
jumpserver.conf
[root@sdp-dev conf.d]# cat jumpserver.conf
server {
listen 80;
# server_name _;
server_name bastion.qf.com;
client_max_body_size 100m; # 录像及文件上传大小限制
location /luna/ {
try_files $uri / /index.html;
alias /opt/luna/; # luna 路径, 如果修改安装目录, 此处需要修改
}
location /media/ {
add_header Content-Encoding gzip;
root /opt/jumpserver/data/; # 录像位置, 如果修改安装目录, 此处需要修改
}
location /static/ {
root /opt/jumpserver/data/; # 静态资源, 如果修改安装目录, 此处需要修改
}
location /koko/ {
proxy_pass http://localhost:5000;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location /guacamole/ {
proxy_pass http://localhost:8081/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location /ws/ {
proxy_pass http://localhost:8070;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location / {
proxy_pass http://localhost:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
}
[root@sdp-dev conf.d]#
[root@sdp-dev conf.d]# cd ..
[root@sdp-dev conf]# vim nginx.conf
[root@sdp-dev conf]# grep -Pv "^($| *#)" nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include /usr/local/nginx/conf/conf.d/*.conf;
}
[root@sdp-dev conf]# cd ..
[root@sdp-dev nginx]# sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@sdp-dev nginx]#
12、Jumpserver 登录测试
# 检查应用是否已经正常运行
# 服务全部启动后, 访问 jumpserver 服务器 nginx 代理的 80 端口, 不要通过8080端口访问
# 默认账号: admin 密码: admin
13、快速入门
参考:
####系统设置
设置用户访问的URL
五、远程管理实战
1、使用ssh管理远程机器
2、部署并使用jumpserver服务器
六总结
rpm_requirements.txt
部署的时候一直缺少这个包 没有找到原因 最终使用了 一键安装 原因找到后在线跟新文档curl -sSL https://resource.fit2cloud.com/jumpserver/jumpserver/releases/latest/download/quick_start.sh | bash安装完成后 JumpServer 配置文件路径为: /opt/jumpserver/config/config.txtcd /opt/jumpserver-installer-v3.1.2
# 启动
./jmsctl.sh start
# 停止
./jmsctl.sh down
# 卸载
./jmsctl.sh uninstall
# 帮助
./jmsctl.sh -h用户名: admin
密码: adminhttp://ip地址:80/core/auth/login/
 empty() is_null()的区别)
)
)
:jmeter对图片验证码的处理)