openEuler 服务器安装 JumpServer (all-in-one 模式)

openEuler 服务器安装 JumpServer

  • JumpServer 简介
    • 什么是 JumpServer ?
    • JumpServer 的各种类型资产
    • JumpServer 产品特色或优势
    • JumpServer 符合 4A 规范
  • JumpServer 系统架构
    • 应用架构
    • 组件说明
  • JumpServer 安装部署
    • 环境要求
    • 网络端口
      • 网络端口列表
      • 防火墙常用命令
    • 在线脚本安装
    • 验证安装

JumpServer 简介

openEuler 服务器安装 JumpServer (all-in-one 模式)_第1张图片

什么是 JumpServer ?

JumpServer 是广受欢迎的 开源堡垒机,是符合 4A 规范 的专业运维安全审计系统。JumpServer 帮助企业以更安全的方式管控和登录所有类型的资产,实现 事前授权、事中监察、事后审计,满足等保合规 要求。

openEuler 服务器安装 JumpServer (all-in-one 模式)_第2张图片

JumpServer 的各种类型资产

openEuler 服务器安装 JumpServer (all-in-one 模式)_第3张图片

JumpServer 堡垒机支持的资产类型包括:

  • SSH (Linux / Unix / 网络设备 等);
  • Windows (Web 方式连接 / 原生 RDP 连接);
  • 数据库 (MySQL / MariaDB / Oracle / SQLServer / PostgreSQL / ClickHouse 等);
  • NoSQL (Redis / MongoDB 等);
  • GPT (ChatGPT 等);
  • 云服务 (Kubernetes / VMware vSphere 等);
  • Web 站点 (各类系统的 Web 管理后台);
  • 应用 (通过 Remote App 连接各类应用);

JumpServer 产品特色或优势

openEuler 服务器安装 JumpServer (all-in-one 模式)_第4张图片

JumpServer 的产品特色包括:

  • 开源:零门槛,线上快速获取和安装;
  • 分布式:轻松支持大规模并发访问;
  • 无插件:仅需浏览器,极致的 Web Terminal 使用体验;
  • 多云支持:一套系统,同时管理不同云上面的资产;
  • 云端存储:审计录像云端存储,永不丢失;
  • 多租户:一套系统,多个子公司和部门同时使用;
  • 多应用支持:数据库,Windows 远程应用,Kubernetes

JumpServer 符合 4A 规范

openEuler 服务器安装 JumpServer (all-in-one 模式)_第5张图片

JumpServer 是符合 4A 规范 的堡垒机:

  • Authentication :身份认证,防止身份冒用和复用;
  • Authorization :授权控制 ,防止内部误操作和权限滥用;
  • Accounting :账号管理,人员和资产的管理;
  • Auditing :安全审计,追溯的保障和事故分析的依据;

JumpServer 堡垒机支持 事前授权、事中监察、事后审计,满足等保合规 要求。

JumpServer 系统架构

应用架构

  • JumpServer 采用 分层架构,分别是 负载层、接入层、核心层、数据层、存储层
  • JumpServer 应用架构图如下:

openEuler 服务器安装 JumpServer (all-in-one 模式)_第6张图片

组件说明

  • Core 组件是 JumpServer 的核心组件,其他组件依赖此组件启动。
  • Koko 是服务于类 Unix 资产平台的组件,通过 SSH、Telnet 协议提供字符型连接。
  • Lion 是服务于 Windows 资产平台的组件,用于 Web 端访问 Windows 资产。
  • Omnidb 是服务于数据库的组件,用于可视化界面纳管数据库。
  • Razor 是服务于 RDP 协议组件,该组件主要功能是通过 JumpServer Client 方式访问 Windows 资产。
  • Magnus 是服务于数据库的组件,用于通过客户端代理访问数据库。
  • Celery 是处理异步任务的组件,用于执行 JumpServer 相关的自动化任务。

更多信息请查看,https://docs.jumpserver.org/zh/v3/architecture/

JumpServer 安装部署

JumpServer 支持 在线安装(标准安装)离线安装 两种模式,安装过程可参考文档https://docs.jumpserver.org/zh/master/install/setup_by_fast/

环境要求

  • 操作系统环境:
OS/Arch Architecture Linux Kernel Soft Requirement Minimize Hardware
linux/amd64 x86_64 >= 4.0 wget curl tar gettext iptables python 2Core/8GB RAM/60G HDD
linux/arm64 aarch64 >= 4.0 wget curl tar gettext iptables python 2Core/8GB RAM/60G HDD
linux/loong64 loongarch64 == 4.19 wget curl tar gettext iptables python 2Core/8GB RAM/60G HDD
  • 数据库系统环境:

JumpServer 需要使用 MySQLMariaDB 存储数据,使用 Redis 缓存数据。

此处用户可以使用自建数据库或云数据库,请参考此处的要求:

Name Version Default Charset Default collation TLS/SSL
MySQL >= 5.7 utf8mb4 utf8mb4_general_ci
MariaDB >= 10.2 utf8mb4 utf8mb4_general_ci
Name Version Sentinel Cluster TLS/SSL
Redis >= 5.0

此处我们采用单机在线安装模式,要求宿主机网络可以访问外网。

本案例我们采用如下配置规格进行 JumpServer 的安装部署:

  • OS 系统信息:
OS/Arch Architecture Linux Kernel Soft Requirement Minimize Hardware
openEuler-22.03-LTS-x86_64-dvd.iso x86_64 5.10.0-60.18.0.50.oe2203.x86_64 wget curl tar gettext iptables python 4Core/8GB RAM/60G HDD

预安装软件,执行如下命令:

yum update && install -y wget curl tar gettext iptables
  • Redis 版本信息:
Name Version Sentinel Cluster TLS/SSL
Redis 6.2
  • DB 版本信息:
Name Version Default Charset Default collation TLS/SSL
MariaDB 10.6 utf8mb4 utf8mb4_general_ci

网络端口

JumpServer 作为符合 4A 规范 的专业运维安全审计系统,其正常运行需要开放如下网络端口,管理员可根据实际环境中 JumpServer 组件部署的方案,在网络和主机侧开放相关端口。

网络端口列表

端口 作用 说明
22 SSH 安装、升级及管理使用
80 Web HTTP 服务 通过 HTTP 协议访问 JumpServer 前端页面
443 Web HTTPS 服务 通过 HTTPS 协议访问 JumpServer 前端页面
1521 数据库服务 Oracle 服务使用
1433 数据库服务 MS SQLServer 服务使用
3306 数据库服务 MySQL/MariaDB 服务使用
5432 数据库服务 PostgreSQL 服务使用
6379 数据库服务 Redis 服务使用
27017 数据库服务 MongoDB 服务使用
3389 Razor 服务端口 RDP Client 方式连接 Windows 资产
2222 SSH Client SSH Client 方式使用终端工具连接 JumpServer,比如 Xshell、PuTTY、MobaXterm、WindTerm 等终端工具
33061 Magnus MySQL 服务端口 DB Client 方式连接 MySQL 数据库资产
33062 Magnus MariaDB 服务端口 DB Client 方式连接 MariaDB 数据库资产
54320 Magnus PostgreSQL 服务端口 DB Client 方式连接 PostgreSQL 数据库资产
63790 Magnus Redis 服务端口 DB Client 方式连接 Redis 数据库资产
30000-30100 Magnus Oracle 服务端口 DB Client 方式连接 Oracle 数据库资产,该端口范围可自定义

防火墙常用命令

  • 确认 firewall 的状态为 running
firewall-cmd --state
running
  • 临时开放端口(规则立即生效,重启失效)
firewall-cmd --zone=public --add-port=80/tcp
firewall-cmd --zone=public --add-port=2222/tcp
firewall-cmd --add-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept"
  • 临时删除端口(规则立即生效,重启失效)
firewall-cmd --zone=public --remove-port=80/tcp
firewall-cmd --zone=public --remove-port=2222/tcp
firewall-cmd --remove-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept"
  • 临时删除端口(规则立即生效,重启失效)
firewall-cmd --zone=public --remove-port=80/tcp
firewall-cmd --zone=public --remove-port=2222/tcp
firewall-cmd --remove-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept"
  • 永久放行端口(需要 reload 才能生效)
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=2222/tcp --permanent
firewall-cmd --add-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept" --permanent
firewall-cmd --reload
  • 永久删除端口(需要 reload 才能生效)
firewall-cmd --zone=public --remove-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=2222/tcp --permanent
firewall-cmd --remove-rich-rule="rule family="ipv4" source address="172.17.0.1/16" port protocol="tcp" port="8080" accept" --permanent
firewall-cmd --reload
  • 查看端口生效规则
firewall-cmd --list-all
...
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens32
  sources:
  services: dhcpv6-client ssh
  ports: 80/tcp 2222/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
    rule family="ipv4" source address="172.17.0.1/16" port port="8080" protocol="tcp" accept

在线脚本安装

参考,https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0

  • 国内用户
curl -sSL https://resource.fit2cloud.com/jumpserver/jumpserver/releases/latest/download/quick_start.sh | bash
  • 海外用户
curl -sSL https://github.com/jumpserver/jumpserver/releases/latest/download/quick_start.sh | bash

此处我们安装 JumpServer 版本是 v3.8 ,下载的 quick_start.sh 文件内容如下:

#!/usr/bin/env bash

VERSION=v3.8.0
DOWNLOAD_URL=https://github.com

function install_soft() {
    if command -v dnf > /dev/null; then
      dnf -q -y install "$1"
    elif command -v yum > /dev/null; then
      yum -q -y install "$1"
    elif command -v apt > /dev/null; then
      apt-get -qqy install "$1"
    elif command -v zypper > /dev/null; then
      zypper -q -n install "$1"
    elif command -v apk > /dev/null; then
      apk add -q "$1"
      command -v gettext >/dev/null || {
      apk add -q gettext-dev python3
    }
    else
      echo -e "[\033[31m ERROR \033[0m] $1 command not found, Please install it first"
      exit 1
    fi
}

function prepare_install() {
  for i in curl wget tar iptables; do
    command -v $i &>/dev/null || install_soft $i
  done
}

function get_installer() {
  echo "download install script to /opt/jumpserver-installer-${VERSION}"
  cd /opt || exit 1
  if [ ! -d "/opt/jumpserver-installer-${VERSION}" ]; then
    timeout 60 wget -qO jumpserver-installer-${VERSION}.tar.gz ${DOWNLOAD_URL}/jumpserver/installer/releases/download/${VERSION}/jumpserver-installer-${VERSION}.tar.gz || {
      rm -f /opt/jumpserver-installer-${VERSION}.tar.gz
      echo -e "[\033[31m ERROR \033[0m] Failed to download jumpserver-installer-${VERSION}"
      exit 1
    }
    tar -xf /opt/jumpserver-installer-${VERSION}.tar.gz -C /opt || {
      rm -rf /opt/jumpserver-installer-${VERSION}
      echo -e "[\033[31m ERROR \033[0m] Failed to unzip jumpserver-installer-${VERSION}"
      exit 1
    }
    rm -f /opt/jumpserver-installer-${VERSION}.tar.gz
  fi
}

function config_installer() {
  cd /opt/jumpserver-installer-${VERSION} || exit 1
  sed -i "s/VERSION=.*/VERSION=${VERSION}/g" /opt/jumpserver-installer-${VERSION}/static.env
  ./jmsctl.sh install
  ./jmsctl.sh start
}

function main(){
  if [[ "${OS}" == 'Darwin' ]]; then
    echo
    echo "Unsupported Operating System Error"
    exit 1
  fi
  prepare_install
  get_installer
  config_installer
}

main

或者下载 quick_start.sh 文件后,直接执行如下命令:

bash quick_start.sh 

输出如下类似信息:

openEuler 服务器安装 JumpServer (all-in-one 模式)_第7张图片

完整信息如下:

Importing GPG key 0xB25E7F66:
 Userid     : "private OBS (key without passphrase) "
 Fingerprint: 12EA 74AC 9DF4 8D46 C69C A0BE D557 065E B25E 7F66
 From       : http://repo.openeuler.org/openEuler-22.03-LTS/OS/x86_64/RPM-GPG-KEY-openEuler

Installed:
  tar-2:1.34-4.oe2203.x86_64                                                                                               

download install script to /opt/jumpserver-installer-v3.8.0


       ██╗██╗   ██╗███╗   ███╗██████╗ ███████╗███████╗██████╗ ██╗   ██╗███████╗██████╗
       ██║██║   ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║   ██║██╔════╝██╔══██╗
       ██║██║   ██║██╔████╔██║██████╔╝███████╗█████╗  ██████╔╝██║   ██║█████╗  ██████╔╝
  ██   ██║██║   ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝  ██╔══██╗╚██╗ ██╔╝██╔══╝  ██╔══██╗
  ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║     ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║
   ╚════╝  ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝

                                                                   Version:  v3.8.0  

1. 检查配置文件
配置文件位置: /opt/jumpserver/config
/opt/jumpserver/config/config.txt        []
/opt/jumpserver/config/nginx/cert/server.crt     []
/opt/jumpserver/config/nginx/cert/server.key     []
完成

>>> 安装配置 Docker
1. 安装 Docker
开始下载 Docker 程序 ...
开始下载 Docker Compose 程序 ...
完成

2. 配置 Docker
是否需要支持 IPv6? (y/n)  (默认为 n): 完成

3. 启动 Docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /etc/systemd/system/docker.service.
完成

>>> 加载 Docker 镜像
[jumpserver/kael:v3.8.0] pulling
[jumpserver/web:v3.8.0] pulling
[jumpserver/koko:v3.8.0] pulling
[jumpserver/core:v3.8.0] pulling
[jumpserver/mariadb:10.6] pulling
[jumpserver/redis:6.2] pulling
[jumpserver/magnus:v3.8.0] pulling
[jumpserver/chen:v3.8.0] pulling
[jumpserver/lion:v3.8.0] pulling
10.6: Pulling from jumpserver/mariadb
eaead16dc43b: Pulling fs layer 
4f6f4832182b: Pulling fs layer 
6eed3156c415: Pulling fs layer 
d1adc5c9f5ec: Waiting 
4f5e88c034ff: Waiting 
e09b3c602366: Waiting 
9896f95913b8: Waiting 
522ebe12904a: Waiting 
v3.8.0: Pulling from jumpserver/lion
99bf4787315b: Waiting 
eaacdd61c025: Waiting 
26d1da19b429: Waiting 
aa4a93627716: Waiting 
e42c672e047b: Waiting 
bcbcd1fe9fe0: Waiting 
3a7da7bf8a7c: Waiting 
b3634a6d92f0: Waiting 
bba4daab2e00: Waiting 
ed3d33e2d240: Waiting 
d534346c5f7b: Waiting 
e61d813b6ad0: Waiting 
v3.8.0: Pulling from jumpserver/kael
eaead16dc43b: Downloading [==========>                                        ]   5.88MB/28.58MB
eaead16dc43b: Downloading [============================>                      ]  16.14MB/28.58MB
eaead16dc43b: Downloading [==========================================>        ]   24.4MB/28.58MB
c40342aa95c2: Waiting 
5b1e577d1705: Waiting 
d1adc5c9f5ec: Download complete 
9b8a874e1e2d: Waiting 
4f4fb700ef54: Waiting 
v3.8.0: Pulling from jumpserver/chen
v3.8.0: Pulling from jumpserver/koko
3240fe174df9: Waiting 
ea2f9ac2eb39: Waiting 
eaead16dc43b: Extracting [>                                                  ]  294.9kB/28.58MB
d9e18c4120e1: Waiting 
6aedef56f24f: Waiting 
1f1a5cf5a065: Waiting 
7f41607db671: Waiting 
7689328b48f7: Waiting 
9896f95913b8: Download complete 
04f575d6fad5: Waiting 
e67fdae35593: Waiting 
eaead16dc43b: Extracting [==================================================>]  28.58MB/28.58MB
dfefa43f7ef9: Waiting 
eaead16dc43b: Pull complete 
4f6f4832182b: Extracting [==================================================>]  1.747kB/1.747kB
98153782a42c: Waiting 
4f6f4832182b: Pull complete 
6eed3156c415: Pull complete 
8127cd7d3437: Waiting 
v3.8.0: Pulling from jumpserver/magnus
v3.8.0: Pulling from jumpserver/core
6.2: Pulling from jumpserver/redis
v3.8.0: Pulling from jumpserver/web
e67fdae35593: Waiting 
321c8788e932: Waiting 
d1adc5c9f5ec: Extracting [==================================================>]     149B/149B
b573062c6e54: Waiting 
99bf4787315b: Extracting [=============================>                     ]  16.22MB/27.14MB
eaacdd61c025: Download complete 
e67fdae35593: e67fdae35593: e67fdae35593: e67fdae35593: Downloading [====================>                              ]  Downloading [====================>                              ]  12.72MB/31.42MB12.4MB/31.42MB
Downloading [====>                                              ]  2.949MB/31.42MB
e855c2f1475c: Waiting 
0668e0cb7eeb: Waiting 
99bf4787315b: Extracting [==================================================>]  27.14MB/27.14MB
4f5e88c034ff: Pull complete 
Downloading [=======================================>           ]  24.83MB/31.42MB4.83MB/31.42MB
e67fdae35593: Downloading [===========================>                       ]  16.98MB/31.42MB
Pull complete e67fdae35593: e67fdae35593: Pull complete 
Downloading [==========================================>        ]  26.47MB/31.42MB
981eb4eb4e29: Waiting 
0c8e33d32ad2: Waiting 
b23242c39ad3: Waiting 
e09b3c602366: Downloading [==================================>                ]  61.26MB/88.87MB
4f4fb700ef54: Waiting 
Extracting [==================================================>]  31.42MB/31.42MB=========>]  31.42MB/31.42MB
Extracting [=============>                                     ]  8.192MB/31.42MB          ]  8.192MB/31.42MB
e67fdae35593: Extracting [========================>                          ]   15.4MB/31.42MB
5dc251960c03: Waiting 
37ad762d263f: Waiting 
2056f85116ef: Waiting 
99bf4787315b: Pull complete 
eaacdd61c025: Pull complete 
26d1da19b429: Downloading [===============================================>   ]  27.65MB/29.4MB
Pull complete e67fdae35593: Pull complete 

Extracting [>                                                  ]  327.7kB/31.42MB27.7kB/31.42MB
26d1da19b429: Pull complete 
aa4a93627716: Pull complete 
e42c672e047b: Pull complete 
bcbcd1fe9fe0: Pull complete 
3a7da7bf8a7c: Pull complete 
ea2f9ac2eb39: Download complete 
e67fdae35593: Extracting [==================================================>]  31.42MB/31.42MB
d9e18c4120e1: Download complete 
3240fe174df9: Pull complete 
ea2f9ac2eb39: Pull complete 
72e611ef6cbd: Pull complete 
d9e18c4120e1: Pull complete 
b35f34aa20f0: Download complete 
1f1a5cf5a065: Pull complete 
076f765c5c0b: Pull complete 
dfefa43f7ef9: Pull complete 
321c8788e932: Pull complete 
1b50c537067e: Downloading [============================>                      ]  4.996MB/8.729MB
d409c959e473: Pull complete 
5dc251960c03: Pull complete 
37ad762d263f: Pull complete 
2056f85116ef: Pull complete 
65ee1d2786fa: Extracting [==================================================>]  1.405kB/1.405kB
272d660811bd: Download complete 
65ee1d2786fa: Pull complete 
cfd4a22d5220: Downloading [======>                                            ]  150.2MB/1.23GB
cfd4a22d5220: Downloading [======>                                            ]  156.1MB/1.23GB
272d660811bd: Pull complete 
4f4fb700ef54: Pull complete 
cfd4a22d5220: Pull complete 
4df962483fe2: Pull complete 
105d66cef279: Pull complete 
a0fc03463301: Pull complete 
222e61094282: Pull complete 
2fcb7dbc00dd: Pull complete 
92e2dfaefa5f: Pull complete 
b8b8d4e4ee39: Pull complete 
153510901956: Pull complete 
Digest: sha256:75204461f39f8d691e40768625c965d77969ea5cfeb48bf31bf0033bcb38636b
Status: Downloaded newer image for jumpserver/web:v3.8.0
docker.io/jumpserver/web:v3.8.0

完成

>>> 安装配置 JumpServer
1. 配置加密密钥
SECRETE_KEY:     ZmQ5NzQ1NzMtYTlmNS00YzA4LWIxNDQtN2EzMjZlMTc4Yzdk
BOOTSTRAP_TOKEN: ZmQ5NzQ1NzMtYTlmNS00YzA4
完成

2. 配置持久化目录
是否需要自定义持久化存储, 默认将使用目录 /data/jumpserver? (y/n)  (默认为 n): 完成

3. 配置 MySQL
是否使用外部 MySQL? (y/n)  (默认为 n): 完成

4. 配置 Redis
是否使用外部 Redis? (y/n)  (默认为 n): 完成

5. 配置外部访问
是否需要配置 JumpServer 对外访问端口? (y/n)  (默认为 n): n
完成

6. 初始化数据库
[+] Running 4/4
 ✔ Network jms_net      Created                                                                                      10.1s 
 ✔ Container jms_mysql  Started                                                                                       2.6s 
 ✔ Container jms_redis  Started                                                                                       2.4s 
 ✔ Container jms_core   Started                                                                                       3.0s 
2023-10-20 11:48:29 Collect static files
ALLOWED_HOSTS: 
  - localhost
  - core80
  - 127.0.0.1
  - 127.0.0.1:8080
  - 127.0.0.1:80
  - localhost:8080
  - localhost:80
  - core:8080
  - core:80
ALLOWED_HOSTS: 
  - localhost
  - core80
  - 127.0.0.1
  - 127.0.0.1:8080
  - 127.0.0.1:80
  - localhost:8080
  - localhost:80
  - core:8080
  - core:80
2023-10-20 11:48:31 Collect static files done
2023-10-20 11:48:31 Check database structure change ...
2023-10-20 11:48:31 Migrate model change to database ...
Operations to perform:
  Apply all migrations: accounts, acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, notifications, ops, orgs, perms, rbac, sessions, settings, terminal, tickets, users
Running migrations:
  Applying contenttypes.0001_initial... OK
  Applying contenttypes.0002_remove_content_type_name... OK
  Applying auth.0001_initial... OK
  Applying auth.0002_alter_permission_name_max_length... OK
  Applying auth.0003_alter_user_email_max_length... OK
  Applying auth.0004_alter_user_username_opts... OK
  Applying auth.0005_alter_user_last_login_null... OK
  Applying auth.0006_require_contenttypes_0002... OK
  Applying auth.0007_alter_validators_add_error_messages... OK
  Applying auth.0008_alter_user_username_max_length... OK
  Applying users.0001_initial... OK
  Applying tickets.0001_initial... OK
  Applying tickets.0002_auto_20200728_1146... OK
  Applying tickets.0003_auto_20200804_1551... OK
  Applying tickets.0004_ticket_comment... OK
  Applying tickets.0005_ticket_meta_confirmed_system_users... OK
  Applying tickets.0006_auto_20201023_1628... OK
  Applying tickets.0007_auto_20201224_1821... OK
  Applying tickets.0008_auto_20210311_1113... OK
  Applying tickets.0009_auto_20210426_1720... OK
  Applying tickets.0010_auto_20210812_1618... OK
  Applying tickets.0011_remove_approvalrule_assignees_display... OK
  Applying terminal.0001_initial... OK
  Applying terminal.0002_auto_20171228_0025... OK
  Applying terminal.0003_auto_20171230_0308... OK
  Applying terminal.0004_session_remote_addr... OK
  Applying terminal.0005_auto_20180122_1154... OK
  Applying terminal.0006_auto_20180123_1037... OK
  Applying terminal.0007_session_date_last_active... OK
  Applying terminal.0008_auto_20180307_1603... OK
  Applying terminal.0009_auto_20180326_0957... OK
  Applying terminal.0010_auto_20180423_1140... OK
  Applying terminal.0011_auto_20180807_1116... OK
  Applying terminal.0012_auto_20180816_1652... OK
  Applying terminal.0013_auto_20181123_1113... OK
  Applying terminal.0014_auto_20181226_1441... OK
  Applying terminal.0015_auto_20190923_1529... OK
  Applying terminal.0016_commandstorage_replaystorage... OK
  Applying common.0001_initial... OK
  Applying common.0002_auto_20180111_1407... OK
  Applying common.0003_setting_category... OK
  Applying common.0004_setting_encrypted... OK
  Applying common.0005_auto_20190221_1902... OK
  Applying common.0006_auto_20190304_1515... OK
  Applying settings.0001_initial... OK
  Applying terminal.0017_auto_20191125_0931... OK
  Applying terminal.0018_auto_20191202_1010... OK
  Applying terminal.0019_auto_20191206_1000... OK
  Applying terminal.0020_auto_20191218_1721... OK
  Applying terminal.0021_auto_20200213_1316... OK
  Applying terminal.0022_session_is_success... OK
  Applying terminal.0023_command_risk_level... OK
  Applying terminal.0024_auto_20200715_1713... OK
  Applying terminal.0025_auto_20200810_1735... OK
  Applying terminal.0026_auto_20201027_1905... OK
  Applying terminal.0027_auto_20201102_1651... OK
  Applying terminal.0028_auto_20201110_1918... OK
  Applying terminal.0029_auto_20201116_1757... OK
  Applying terminal.0030_terminal_type... OK
  Applying terminal.0031_auto_20210113_1356... OK
  Applying terminal.0032_auto_20210302_1853... OK
  Applying terminal.0033_auto_20210324_1008... OK
  Applying terminal.0034_auto_20210406_1434... OK
  Applying terminal.0035_auto_20210517_1448... OK
  Applying terminal.0036_auto_20210604_1124... OK
  Applying terminal.0037_auto_20210623_1748... OK
  Applying terminal.0038_task_kwargs... OK
  Applying terminal.0039_auto_20210805_1552... OK
  Applying terminal.0040_sessionjoinrecord_sessionsharing... OK
  Applying terminal.0041_auto_20211105_1605... OK
  Applying terminal.0042_auto_20211229_1619... OK
  Applying tickets.0012_ticketsession... OK
  Applying tickets.0013_ticket_serial_num...
        Fill ticket serial number ... 
 OK
  Applying tickets.0014_auto_20220217_2135... OK
  Applying tickets.0015_superticket... OK
  Applying terminal.0043_auto_20220217_2135... OK
  Applying terminal.0044_auto_20220223_1539... OK
  Applying terminal.0045_auto_20220228_1144... OK
  Applying terminal.0046_auto_20220228_1744... OK
  Applying terminal.0047_auto_20220302_1951... OK
  Applying terminal.0048_endpoint_endpointrule... OK
  Applying terminal.0049_endpoint_redis_port... OK
  Applying users.0002_auto_20171225_1157_squashed_0019_auto_20190304_1459... OK
  Applying users.0020_auto_20190612_1825... OK
  Applying users.0021_auto_20190625_1104... OK
  Applying users.0022_auto_20190625_1105... OK
  Applying users.0023_auto_20190724_1525... OK
  Applying users.0024_auto_20191118_1612... OK
  Applying users.0025_auto_20200206_1216... OK
  Applying users.0026_auto_20200508_2105... OK
  Applying users.0027_auto_20200616_1503... OK
  Applying users.0028_auto_20200728_1805... OK
  Applying users.0029_auto_20200814_1650... OK
  Applying users.0030_auto_20200819_2041... OK
  Applying users.0031_auto_20201118_1801... OK
  Applying assets.0001_initial... OK
  Applying perms.0001_initial... OK
  Applying assets.0002_auto_20180105_1807_squashed_0009_auto_20180307_1212... OK
  Applying assets.0010_auto_20180307_1749_squashed_0019_auto_20180816_1320... OK
  Applying perms.0002_auto_20171228_0025_squashed_0009_auto_20180903_1132... OK
  Applying perms.0003_action... OK
  Applying perms.0004_assetpermission_actions... OK
  Applying assets.0020_auto_20180816_1652... OK
  Applying assets.0021_auto_20180903_1132... OK
  Applying assets.0022_auto_20181012_1717... OK
  Applying assets.0023_auto_20181016_1650... OK
  Applying assets.0024_auto_20181219_1614... OK
  Applying assets.0025_auto_20190221_1902... OK
  Applying assets.0026_auto_20190325_2035... OK
  Applying applications.0001_initial... OK
  Applying perms.0005_auto_20190521_1619... OK
  Applying perms.0006_auto_20190628_1921... OK
  Applying perms.0007_remove_assetpermission_actions... OK
  Applying perms.0008_auto_20190911_1907... OK
  Applying assets.0027_auto_20190521_1703... OK
  Applying assets.0028_protocol... OK
  Applying assets.0029_auto_20190522_1114... OK
  Applying assets.0030_auto_20190619_1135... OK
  Applying assets.0031_auto_20190621_1332... OK
  Applying assets.0032_auto_20190624_2108... OK
  Applying assets.0033_auto_20190624_2108... OK
  Applying assets.0034_auto_20190705_1348... OK
  Applying assets.0035_auto_20190711_2018... OK
  Applying assets.0036_auto_20190716_1535... OK
  Applying assets.0037_auto_20190724_2002... OK
  Applying assets.0038_auto_20190911_1634... OK
  Applying perms.0009_remoteapppermission_system_users... OK
  Applying assets.0039_authbook_is_active... OK
  Applying assets.0040_auto_20190917_2056... OK
  Applying assets.0041_gathereduser... OK
  Applying assets.0042_favoriteasset...
 OK
  Applying assets.0043_auto_20191114_1111... OK
  Applying assets.0044_platform... OK
  Applying assets.0045_auto_20191206_1607... OK
  Applying assets.0046_auto_20191218_1705... OK
  Applying applications.0002_remove_remoteapp_system_user... OK
  Applying applications.0003_auto_20191210_1659... OK
  Applying applications.0004_auto_20191218_1705... OK
  Applying perms.0010_auto_20191218_1705... OK
  Applying perms.0011_auto_20200721_1739... OK
  Applying assets.0047_assetuser... OK
  Applying assets.0048_auto_20191230_1512... OK
  Applying assets.0049_systemuser_sftp_root... OK
  Applying assets.0050_auto_20200711_1740... OK
  Applying assets.0051_auto_20200713_1143... OK
  Applying assets.0052_auto_20200715_1535... OK
  Applying assets.0053_auto_20200723_1232... OK
  Applying assets.0054_auto_20200807_1032... OK
  Applying applications.0005_k8sapp... OK
  Applying perms.0012_k8sapppermission... OK
  Applying assets.0055_auto_20200811_1845... OK
  Applying assets.0056_auto_20200904_1751... OK
  Applying assets.0057_fill_node_value_assets_amount_and_parent_key...

  ................................................................. OK
  Applying perms.0013_rebuildusertreetask_usergrantedmappingnode... OK
  Applying perms.0014_build_users_perm_tree... OK
  Applying perms.0015_auto_20200929_1728... OK
  Applying assets.0058_auto_20201023_1115... OK
  Applying assets.0059_auto_20201027_1905... OK
  Applying applications.0006_application... OK
  Applying perms.0016_applicationpermission... OK
  Applying perms.0017_auto_20210104_0435... OK
  Applying assets.0060_node_full_value...
        - Start migrate node value if has /

        - Start migrate node full value
 OK
  Applying assets.0061_auto_20201116_1757... OK
  Applying assets.0062_auto_20201117_1938... OK
  Applying assets.0063_migrate_default_node_key...
Check old default node `key=0 value=Default` not exists
 OK
  Applying assets.0064_auto_20201203_1100... OK
  Applying assets.0065_auto_20210121_1549... OK
  Applying perms.0018_auto_20210208_1515... OK
  Applying orgs.0001_initial... OK
  Applying orgs.0002_auto_20180903_1132... OK
  Applying orgs.0003_auto_20190916_1057... OK
  Applying orgs.0004_organizationmember... OK
  Applying orgs.0005_auto_20200721_1937... OK
  Applying orgs.0006_auto_20200721_1937... OK
  Applying orgs.0007_auto_20200728_1805... OK
  Applying orgs.0008_auto_20200819_2041... OK
  Applying orgs.0009_auto_20201023_1628... OK
  Applying ops.0001_initial... OK
  Applying ops.0002_celerytask... OK
  Applying ops.0003_auto_20181207_1744... OK
  Applying ops.0004_adhoc_run_as... OK
  Applying ops.0005_auto_20181219_1807... OK
  Applying ops.0006_auto_20190318_1023... OK
  Applying ops.0007_auto_20190724_2002... OK
  Applying ops.0008_auto_20190919_2100... OK
  Applying ops.0009_auto_20191217_1713... OK
  Applying ops.0010_auto_20191217_1758... OK
  Applying ops.0011_auto_20200106_1534... OK
  Applying ops.0012_auto_20200108_1659... OK
  Applying ops.0013_auto_20200108_1706... OK
  Applying ops.0014_auto_20200108_1749... OK
  Applying ops.0015_auto_20200108_1809... OK
  Applying ops.0016_commandexecution_org_id... OK
  Applying ops.0017_auto_20200306_1747... OK
  Applying ops.0018_auto_20200509_1434... OK
  Applying ops.0019_adhocexecution_celery_task_id... OK
  Applying audits.0001_initial... OK
  Applying audits.0002_ftplog_org_id... OK
  Applying audits.0003_auto_20180816_1652... OK
  Applying audits.0004_operatelog_passwordchangelog_userloginlog... OK
  Applying audits.0005_auto_20190228_1715... OK
  Applying audits.0006_auto_20190726_1753... OK
  Applying audits.0007_auto_20191202_1010... OK
  Applying audits.0008_auto_20200508_2105... OK
  Applying audits.0009_auto_20200624_1654... OK
  Applying audits.0010_auto_20200811_1122... OK
  Applying audits.0011_userloginlog_backend... OK
  Applying assets.0066_auto_20210208_1802... OK
  Applying applications.0007_auto_20201119_1110... OK
  Applying applications.0008_auto_20210104_0435... OK
  Applying orgs.0010_auto_20210219_1241...
        Migrate model org id: Application       done, use 0.98 ms
        Migrate model org id: AdminUser done, use 0.75 ms
        Migrate model org id: Asset     done, use 0.64 ms
        Migrate model org id: AuthBook  done, use 0.72 ms
        Migrate model org id: CommandFilter     done, use 0.5 ms
        Migrate model org id: CommandFilterRule done, use 0.56 ms
        Migrate model org id: Domain    done, use 1.02 ms
        Migrate model org id: Gateway   done, use 0.74 ms
        Migrate model org id: GatheredUser      done, use 0.69 ms
        Migrate model org id: Label     done, use 0.48 ms
        Migrate model org id: Node      done, use 0.47 ms
        Migrate model org id: SystemUser        done, use 0.55 ms
        Migrate model org id: FTPLog    done, use 0.74 ms
        Migrate model org id: OperateLog        done, use 0.54 ms
        Migrate model org id: AdHoc     done, use 0.4 ms
        Migrate model org id: AdHocExecution    done, use 0.52 ms
        Migrate model org id: CommandExecution  done, use 0.46 ms
        Migrate model org id: Task      done, use 37.51 ms
        Migrate model org id: ApplicationPermission     done, use 0.88 ms
        Migrate model org id: AssetPermission   done, use 0.55 ms
        Migrate model org id: UserAssetGrantedTreeNodeRelation  done, use 0.53 ms
        Migrate model org id: Session   done, use 0.5 ms
        Migrate model org id: Command   done, use 0.51 ms
        Migrate model org id: Ticket    done, use 0.43 ms
        Migrate model org id: UserGroup done, use 0.51 ms
        Will add users to default org: 1
          Add users to default org: 1-1
        done, use 2.39 ms
 OK
  Applying assets.0067_auto_20210311_1113... OK
  Applying assets.0068_auto_20210312_1455... OK
  Applying assets.0069_change_node_key0_to_key1...
--> Not exist key=0 nodes, do nothing.
 OK
  Applying assets.0070_auto_20210426_1515... OK
  Applying assets.0071_systemuser_type...
 OK
  Applying assets.0072_historicalauthbook...
 OK
  Applying assets.0073_auto_20210606_1142...

 OK
  Applying assets.0074_remove_systemuser_assets... OK
  Applying assets.0075_auto_20210705_1759... OK
  Applying assets.0076_delete_assetuser... OK
  Applying assets.0077_auto_20211012_1642... OK
  Applying assets.0078_auto_20211014_2209... OK
  Applying assets.0079_auto_20211102_1922... OK
  Applying assets.0080_auto_20211104_1347... OK
  Applying assets.0081_auto_20211105_1605... OK
  Applying applications.0009_applicationuser... OK
  Applying applications.0010_appaccount_historicalappaccount... OK
  Applying applications.0011_auto_20210826_1759... OK
  Applying applications.0012_auto_20211014_2209... OK
  Applying applications.0013_auto_20211026_1711... OK
  Applying applications.0014_auto_20211105_1605... OK
  Applying assets.0082_auto_20211209_1440... OK
  Applying assets.0083_auto_20211215_1436... OK
  Applying assets.0084_auto_20220112_1959... OK
  Applying assets.0085_commandfilterrule_ignore_case... OK
  Applying assets.0086_auto_20220217_2135... OK
  Applying assets.0087_auto_20220223_1539... OK
  Applying assets.0088_auto_20220303_1612... OK
  Applying assets.0089_auto_20220310_0616... OK
  Applying assets.0090_auto_20220412_1145... OK
  Applying applications.0015_auto_20220112_2035... OK
  Applying applications.0016_auto_20220118_1455... OK
  Applying applications.0017_auto_20220217_2135... OK
  Applying applications.0018_auto_20220223_1539... OK
  Applying applications.0019_auto_20220310_1853... OK
  Applying applications.0020_auto_20220316_2028... OK
  Applying tickets.0016_auto_20220609_1758... OK
  Applying tickets.0017_auto_20220623_1027... OK
  Applying tickets.0018_applyapplicationticket_apply_actions... OK
  Applying tickets.0019_delete_applyapplicationticket... OK
  Applying tickets.0020_auto_20220817_1346...
  Start migrate system user to account
          - migrate 'ApplyAssetTicket'
          - migrate 'ApplyCommandTicket'
          - migrate 'ApplyLoginAssetTicket'
 OK
  Applying tickets.0021_auto_20220921_1814... OK
  Applying tickets.0022_alter_applyassetticket_apply_actions... OK
  Applying tickets.0023_alter_applyassetticket_apply_actions... OK
  Applying tickets.0024_auto_20221121_1800... OK
  Applying authentication.0001_initial... OK
  Applying authentication.0002_auto_20190729_1423... OK
  Applying authentication.0003_loginconfirmsetting... OK
  Applying authentication.0004_ssotoken... OK
  Applying acls.0001_initial... OK
  Applying acls.0002_auto_20210926_1047... OK
  Applying acls.0003_auto_20211130_1037... OK
  Applying acls.0004_auto_20220831_1658... OK
  Applying acls.0005_auto_20221201_1846... OK
  Applying acls.0006_commandfilteracl_commandgroup... OK
  Applying acls.0007_auto_20221202_1048... OK
  Applying acls.0008_commandgroup_comment... OK
  Applying tickets.0025_auto_20221206_1820... OK
  Applying assets.0091_auto_20220629_1826... OK
  Applying assets.0092_commandfilter_nodes... OK
  Applying assets.0093_auto_20220403_1627... OK
  Applying assets.0094_auto_20220402_1736... OK
  Applying assets.0095_auto_20220407_1726... OK
  Applying assets.0096_auto_20220426_1550... OK
  Applying assets.0097_auto_20220426_1558...    - Update platform: Windows2016
        - Update platform: Other
 OK
  Applying assets.0098_auto_20220430_2126...

        - Migrate ori host to device:  0
 OK
  Applying assets.0099_auto_20220711_1409...
        Start migrate asset protocols
 OK
  Applying accounts.0001_initial... OK
  Applying assets.0100_auto_20220711_1413...
        Start migrate asset accounts

        Start migrate app accounts
 OK
  Applying assets.0101_auto_20220811_1511... OK
  Applying assets.0102_auto_20220816_1022...
        Start migrate command filters to assets
 OK
  Applying assets.0103_auto_20220902_1021...>>> migrate gateway to asset
>>> migrate gateway to account
 OK
  Applying assets.0104_auto_20220817_1544... OK
  Applying assets.0105_auto_20221220_1956... OK
  Applying assets.0106_auto_20221228_1838... OK
  Applying assets.0107_automation... OK
  Applying assets.0108_alter_platform_charset... OK
  Applying assets.0109_alter_asset_options... OK
  Applying assets.0110_auto_20230315_1741... OK
  Applying assets.0111_auto_20230321_1633... OK
  Applying assets.0112_auto_20230404_1631... OK
  Applying assets.0113_auto_20230411_1917...
Migrate platform su method: Cisco
Migrate platform su method: H3C
Migrate platform su method: Huawei
 OK
  Applying assets.0114_baseautomation_params... OK
  Applying assets.0115_auto_20230417_1425... OK
  Applying assets.0116_auto_20230418_1726... OK
  Applying assets.0117_alter_baseautomation_params... OK
  Applying assets.0118_auto_20230524_1647... OK
  Applying assets.0119_assets_add_default_node... OK
  Applying assets.0120_auto_20230630_1613... OK
  Applying assets.0121_auto_20230725_1458...
Platform add sftp protocol: 
 - Linux
 - Gateway

Asset add sftp protocol: 
Not found telnet regex setting, skip
 OK
  Applying assets.0122_auto_20230803_1553... OK
  Applying accounts.0002_auto_20220616_0021... OK
  Applying accounts.0003_automation... OK
  Applying accounts.0004_auto_20230106_1507... OK
  Applying accounts.0005_alter_changesecretrecord_options... OK
  Applying accounts.0006_gatheredaccount... OK
  Applying accounts.0007_alter_account_options... OK
  Applying accounts.0008_alter_gatheredaccount_options... OK
  Applying accounts.0009_account_usernames_to_ids... OK
  Applying accounts.0010_gatheraccountsautomation_is_sync_account... OK
  Applying accounts.0011_auto_20230506_1443... OK
  Applying accounts.0012_auto_20230621_1456... OK
  Applying accounts.0013_account_backup_recipients... OK
  Applying accounts.0014_virtualaccount... OK
  Applying accounts.0015_auto_20230825_1120... OK
  Applying accounts.0016_accounttemplate_password_rules... OK
  Applying acls.0009_auto_20221220_1956... OK
  Applying acls.0010_alter_commandfilteracl_command_groups... OK
  Applying acls.0011_auto_20230425_1704... OK
  Applying acls.0012_auto_20230426_1111... OK
  Applying acls.0013_auto_20230426_1759... OK
  Applying acls.0014_loginassetacl_rules... OK
  Applying acls.0015_connectmethodacl... OK
  Applying acls.0016_auto_20230606_1857... OK
  Applying acls.0017_alter_connectmethodacl_options... OK
  Applying acls.0018_alter_commandfilteracl_command_groups... OK
  Applying admin.0001_initial... OK
  Applying admin.0002_logentry_remove_auto_add... OK
  Applying admin.0003_logentry_add_action_flag_choices... OK
  Applying perms.0019_auto_20210906_1044... OK
  Applying perms.0020_auto_20210910_1103... OK
  Applying perms.0021_auto_20211105_1605... OK
  Applying perms.0022_applicationpermission_actions... OK
  Applying perms.0023_auto_20220112_2035... OK
  Applying perms.0024_auto_20220217_2135... OK
  Applying perms.0025_auto_20220223_1539... OK
  Applying perms.0026_auto_20220307_1500... OK
  Applying perms.0027_auto_20220310_1802... OK
  Applying perms.0028_auto_20220316_2028... OK
  Applying perms.0029_auto_20220728_1728... OK
  Applying perms.0030_auto_20220816_1132... OK
  Applying perms.0031_auto_20220816_1600... OK
  Applying ops.0020_adhoc_run_system_user... OK
  Applying ops.0021_auto_20211130_1037... OK
  Applying ops.0022_auto_20220817_1346... OK
  Applying applications.0021_auto_20220629_1826... OK
  Applying applications.0022_auto_20220714_1046... OK
  Applying applications.0023_auto_20220715_1556... OK
  Applying applications.0024_alter_application_type... OK
  Applying applications.0025_auto_20220817_1346... OK
  Applying applications.0026_auto_20220817_1716... OK
  Applying applications.0027_auto_20221220_1956... OK
  Applying assets.0123_device_automation_ansible_enabled... OK
  Applying assets.0124_auto_20231007_1437... OK
  Applying assets.0125_auto_20231011_1053... OK
  Applying ops.0023_auto_20220912_0021... OK
  Applying audits.0012_auto_20210414_1443... OK
  Applying audits.0013_auto_20211130_1037... OK
  Applying audits.0014_auto_20220505_1902... OK
  Applying audits.0015_auto_20221011_1745... OK
  Applying audits.0016_auto_20221111_1919... OK
  Applying audits.0017_auto_20221220_1757... OK
  Applying audits.0018_operatelog_resource_id... OK
  Applying audits.0019_alter_operatelog_options... OK
  Applying audits.0020_auto_20230117_1004... OK
  Applying audits.0021_auto_20230207_0857... OK
  Applying audits.0022_auto_20230605_1555... OK
  Applying audits.0023_auto_20230906_1322... OK
  Applying audits.0024_usersession... OK
  Applying audits.0025_remove_usersession_date_expired... OK
  Applying auth.0009_alter_user_last_name_max_length... OK
  Applying auth.0010_alter_group_name_max_length... OK
  Applying auth.0011_update_proxy_permissions... OK
  Applying auth.0012_alter_user_first_name_max_length... OK
  Applying tickets.0026_auto_20221220_1956... OK
  Applying tickets.0027_alter_applycommandticket_apply_run_account... OK
  Applying tickets.0028_remove_app_tickets... OK
  Applying authentication.0005_delete_loginconfirmsetting... OK
  Applying authentication.0006_auto_20211227_1059... OK
  Applying authentication.0007_connectiontoken... OK
  Applying authentication.0008_superconnectiontoken... OK
  Applying authentication.0009_auto_20220310_0616... OK
  Applying authentication.0010_temptoken... OK
  Applying authentication.0011_auto_20220705_1940... OK
  Applying authentication.0012_auto_20220816_1629... OK
  Applying authentication.0013_connectiontoken_protocol... OK
  Applying authentication.0014_auto_20221122_2152... OK
  Applying authentication.0015_auto_20221205_1136... OK
  Applying authentication.0016_auto_20221220_1956... OK
  Applying authentication.0017_auto_20230105_1743...
 OK
  Applying authentication.0018_alter_connectiontoken_input_secret... OK
  Applying authentication.0019_connectiontoken_is_reusable... OK
  Applying authentication.0020_connectiontoken_connect_options... OK
  Applying authentication.0021_auto_20230713_1459... OK
  Applying authentication.0022_passkey... OK
  Applying authentication.0023_auto_20231010_1101... OK
  Applying captcha.0001_initial... OK
  Applying captcha.0002_alter_captchastore_id... OK
  Applying django_cas_ng.0001_initial... OK
  Applying django_cas_ng.0002_auto_20201023_1400... OK
  Applying django_cas_ng.0003_auto_20210813_1226... OK
  Applying django_celery_beat.0001_initial... OK
  Applying django_celery_beat.0002_auto_20161118_0346... OK
  Applying django_celery_beat.0003_auto_20161209_0049... OK
  Applying django_celery_beat.0004_auto_20170221_0000... OK
  Applying django_celery_beat.0005_add_solarschedule_events_choices... OK
  Applying django_celery_beat.0006_auto_20180322_0932... OK
  Applying django_celery_beat.0007_auto_20180521_0826... OK
  Applying django_celery_beat.0008_auto_20180914_1922... OK
  Applying django_celery_beat.0006_auto_20180210_1226... OK
  Applying django_celery_beat.0006_periodictask_priority... OK
  Applying django_celery_beat.0009_periodictask_headers... OK
  Applying django_celery_beat.0010_auto_20190429_0326... OK
  Applying django_celery_beat.0011_auto_20190508_0153... OK
  Applying django_celery_beat.0012_periodictask_expire_seconds... OK
  Applying django_celery_beat.0013_auto_20200609_0727... OK
  Applying django_celery_beat.0014_remove_clockedschedule_enabled... OK
  Applying django_celery_beat.0015_edit_solarschedule_events_choices... OK
  Applying django_celery_beat.0016_alter_crontabschedule_timezone... OK
  Applying django_celery_beat.0017_alter_crontabschedule_month_of_year... OK
  Applying django_celery_beat.0018_improve_crontab_helptext... OK
  Applying users.0032_userpasswordhistory... OK
  Applying users.0033_user_need_update_password... OK
  Applying users.0034_auto_20210506_1448... OK
  Applying users.0035_auto_20210526_1100... OK
  Applying users.0036_user_feishu_id... OK
  Applying users.0037_user_secret_key... OK
  Applying users.0038_auto_20211209_1140... OK
  Applying users.0039_auto_20211229_1852... OK
  Applying users.0040_alter_user_source... OK
  Applying users.0041_auto_20221220_1956... OK
  Applying notifications.0001_initial... OK
  Applying notifications.0002_auto_20210909_1946...
        Init user message subscription: 1
 OK
  Applying notifications.0003_auto_20221220_1956... OK
  Applying notifications.0004_auto_20230201_1614... OK
  Applying ops.0024_alter_celerytask_date_last_publish... OK
  Applying ops.0025_auto_20230413_1531... OK
  Applying ops.0026_auto_20230810_1039... OK
  Applying ops.0027_alter_celerytaskexecution_options... OK
  Applying rbac.0001_initial... OK
  Applying rbac.0002_auto_20210929_1409... OK
  Applying rbac.0003_auto_20211130_1037...  - Update builtin roles
    - Update: SystemAdmin - True
    - Update: SystemAuditor - True
    - Update: SystemComponent - True
    - Update: User - True
    - Update: OrgAdmin - True
    - Update: OrgAuditor - True
    - Update: OrgUser - True
 OK
  Applying rbac.0004_auto_20211201_1901...
        Create role binding: 0-1 using: 0.58s
        Create role binding: 0-1 using: 0.00s
 OK
  Applying orgs.0011_auto_20211223_1913... OK
  Applying orgs.0012_auto_20220118_1054... OK
  Applying orgs.0013_alter_organization_options... OK
  Applying orgs.0014_organization_builtin... OK
  Applying orgs.0015_auto_20221220_1956... OK
  Applying perms.0032_auto_20221111_1919... OK
  Applying perms.0033_auto_20221220_1956... OK
  Applying perms.0034_auto_20230525_1734... OK
  Applying rbac.0005_auto_20220307_1524... OK
  Applying rbac.0006_auto_20220310_0616... OK
  Applying rbac.0007_auto_20220314_1525... OK
  Applying rbac.0008_auto_20220411_1709... OK
  Applying rbac.0009_auto_20220411_1724... OK
  Applying rbac.0010_auto_20221220_1956... OK
  Applying rbac.0011_remove_redundant_permission... OK
  Applying sessions.0001_initial... OK
  Applying settings.0002_auto_20210729_1546... OK
  Applying settings.0003_auto_20210901_1035... OK
  Applying settings.0004_auto_20220211_1401... OK
  Applying settings.0005_auto_20220310_0616... OK
  Applying settings.0006_remove_setting_enabled... OK
  Applying settings.0007_migrate_ldap_sync_org_ids... OK
  Applying settings.0008_alter_setting_options... OK
  Applying settings.0009_alter_cas_username_attribute... OK
  Applying settings.0010_alter_setting_options... OK
  Applying terminal.0050_auto_20220606_1745... OK
  Applying terminal.0051_sessionsharing_users... OK
  Applying terminal.0052_auto_20220713_1417... OK
  Applying terminal.0053_auto_20221009_1755... OK
  Applying terminal.0054_auto_20221027_1125... OK
  Applying terminal.0055_auto_20221228_1804... OK
  Applying terminal.0056_auto_20221228_1808... OK
  Applying terminal.0057_auto_20230109_1447... OK
  Applying terminal.0058_auto_20230110_1445... OK
  Applying terminal.0059_session_account_id... OK
  Applying terminal.0060_sessionsharing_action_permission... OK
  Applying terminal.0061_applet_can_concurrent... OK
  Applying terminal.0062_applet_edition... OK
  Applying terminal.0063_auto_20230621_1133... OK
  Applying terminal.0064_auto_20230728_1001... OK
  Applying terminal.0065_session_error_reason... OK
  Applying tickets.0029_auto_20230110_1445... OK
  Applying users.0042_auto_20230203_1201... OK
  Applying users.0043_remove_user_secret_key_preference... OK
  Applying users.0044_usersession... OK
  Applying users.0045_delete_usersession... OK
  Applying users.0046_auto_20230927_1456... OK
  Applying users.0047_user_date_api_key_last_used... OK
  Applying users.0048_wechat_phone_encrypt... OK

After migration, update builtin role permissions
  - Update builtin roles
完成

>>> 安装完成了
1. 可以使用如下命令启动, 然后访问
cd /opt/jumpserver-installer-v3.8.0
./jmsctl.sh start

2. 其它一些管理命令
./jmsctl.sh stop
./jmsctl.sh restart
./jmsctl.sh backup
./jmsctl.sh upgrade
更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解

3. Web 访问
http://172.25.41.89:80
默认用户: admin  默认密码: admin

4. SSH/SFTP 访问
ssh -p2222 [email protected]
sftp -P2222 [email protected]

5. 更多信息
我们的官网: https://www.jumpserver.org/
我们的文档: https://docs.jumpserver.org/

[+] Running 10/10
 ✔ Container jms_lion    Started                                                                                      5.2s 
 ✔ Container jms_koko    Started                                                                                      4.1s 
 ✔ Container jms_chen    Started                                                                                      5.2s 
 ✔ Container jms_kael    Started                                                                                      3.7s 
 ✔ Container jms_web     Started                                                                                      3.6s 
 ✔ Container jms_magnus  Started                                                                                      3.7s 
 ✔ Container jms_celery  Started                                                                                      2.6s 
 ✔ Container jms_redis   Running                                                                                      0.0s 
 ✔ Container jms_mysql   Running                                                                                      0.0s 
 ✔ Container jms_core    Started                                                                                      6.0s 

通过上面的安装信息,我们了解到此时 Linux 环境已经安装 Docker 容器,并使用该容器成功运行了 JumpServer 堡垒机。

查看 Docker 版本信息:

docker version

openEuler 服务器安装 JumpServer (all-in-one 模式)_第8张图片

此处我们查看 JumpServer 相关的 images 镜像列表:

[root@JumpServer ~]# docker image ls
REPOSITORY           TAG       IMAGE ID       CREATED         SIZE
jumpserver/redis     6.2       6408abc40b2a   14 hours ago    106MB
jumpserver/web       v3.8.0    7bc18906aaee   18 hours ago    1.49GB
jumpserver/chen      v3.8.0    2e56502c628f   18 hours ago    576MB
jumpserver/koko      v3.8.0    8f0ae6fc7123   18 hours ago    1.06GB
jumpserver/kael      v3.8.0    a09b75b98f60   18 hours ago    278MB
jumpserver/lion      v3.8.0    f56740becf33   18 hours ago    237MB
jumpserver/core      v3.8.0    78d73be6070f   18 hours ago    1.57GB
jumpserver/magnus    v3.8.0    dbc25d9904b8   18 hours ago    157MB
jumpserver/mariadb   10.6      aac2cf878de9   10 months ago   405MB

验证安装

访问部署的 JumpServer 堡垒机:

>>> 安装完成了
1. 可以使用如下命令启动, 然后访问
cd /opt/jumpserver-installer-v3.8.0
./jmsctl.sh start

2. 其它一些管理命令
./jmsctl.sh stop
./jmsctl.sh restart
./jmsctl.sh backup
./jmsctl.sh upgrade
更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解

3. Web 访问
http://172.25.41.89:80
默认用户: admin  默认密码: admin

4. SSH/SFTP 访问
ssh -p2222 [email protected]
sftp -P2222 [email protected]

5. 更多信息
我们的官网: https://www.jumpserver.org/
我们的文档: https://docs.jumpserver.org/

浏览器输入地址 http://172.25.41.89:80,显示页面如下:

openEuler 服务器安装 JumpServer (all-in-one 模式)_第9张图片

首次登录进入后,会要求修改初始密码,修改后继续登录,进入页面显示如下:

openEuler 服务器安装 JumpServer (all-in-one 模式)_第10张图片

你可能感兴趣的:(Linux,Docker,&,Podman,服务器,运维,堡垒机/开源,JumpServer,openEuler/linux)