本文主要向大家介绍了【云计算】Jumpserver3.0安装部署文档教程，通过具体的内容向大家展现，希望对大家学习云计算有所帮助。

一、安装

https://github.com/jumpserver/jumpserver/wiki/%E5%9F%BA%E4%BA%8E-RedHat-%E7%9A%84%E7%B3%BB%E7%BB%9F

二、配置

https://github.com/jumpserver/jumpserver/wiki/%E5%BA%94%E7%94%A8%E5%9B%BE%E8%A7%A3

注意：

使用不同账户，执行执行脚本时候sudo经常会碰到 sudo: sorry, you must have a tty to run sudo这个情况，其实修改一下sudo的配置就好了

vi /etc/sudoers (最好用visudo命令)

注释掉 Default requiretty 一行

Default requiretty

意思就是sudo默认需要tty终端。注释掉就可以在后台执行了。

执行：

sed -i ‘s/Default.*requiretty/#Default requiretty/g’ /etc/sudoers

三、集群

node1: 10.0.70.242:8000

node2: 10.0.70.243:8000

vip: 10.0.70.245:8000

node1

yum install -y ipvsadm keepalived

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

zhouxinyu@zipeiyi.com

}

notification_email_from mail.zipeiyi.com

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_instance VI_1 { #对于只有一个vip加一个vrrp_instance即可。如果两个vip可加VI_2

state BACKUP

interface eth0

virtual_router_id 55

priority 100 #权重

advert_int 1

nopreempt #设置不抢占资源

authentication {

auth_type PASS

auth_pass 1111 #认证

}

virtual_ipaddress {

10.0.70.245

}

}

virtual_server 10.0.70.245 8000 {

delay_loop 6

lb_algo rr

lb_kind DR

persistence_timeout 120

protocol TCP

real_server 10.0.70.242 8000 {

weight 3

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

connect_port 8000

}

}

real_server 10.0.70.243 8000 {

weight 3

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

connect_port 8000

}

}

}

/etc/init.d/keepalived start

node2

yum install -y ipvsadm keepalived

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

router_id LVS_DEVEL

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 55

priority 90

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

10.0.70.245

}

}

virtual_server 10.0.70.245 8000 {

delay_loop 6

lb_algo rr

lb_kind DR

persistence_timeout 50

protocol TCP

real_server 10.0.70.242 8000 {

weight 3

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

connect_port 8000

}

}

real_server 10.0.70.243 8000 {

weight 3

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

connect_port 8000

}

}

}

/etc/init.d/keepalived start

检测

node1

arping 10.0.70.245

ARPING 10.0.70.245 from 10.0.70.245 eth0

证明vip是在node1上的

node2

arping 10.0.70.245

Unicast reply from 10.0.70.245 [00:50:56:9D:3B:42] 0.795ms

node1

/etc/init.d/keepalived stop

arping 10.0.70.245

Unicast reply from 10.0.70.245 [00:50:56:9D:3A:AD] 0.815ms

证明vip是在node2上的

/etc/init.d/keepalived start

此时即使启动node1的keepalived也不会拉回vip资源，vip还是在node2上，知道node2 standby，vip会切回node1上。

node2

/etc/init.d/keepalived stop

arping 10.0.70.245

Unicast reply from 10.0.70.245 [00:50:56:9D:3B:42] 0.795ms

vip自动切回到node1

/etc/init.d/keepalived start

部署应用监控脚本

node1

vim /etc/keepalived/check_server.sh

!/bin/bash

DIR=/opt/jumpserver/

while true

do

check_num=lsof -i :8000 | grep '*:irdmi' | wc -l

if [ checknum−eq0];thencd" role="presentation">checknumeq0];thencdchecknumeq0];thencdDIR

sh service.sh restart

sleep 5

check_num=lsof -i :8000 | grep '*:irdmi' | wc -l

if [ $check_num -eq 0 ];then

/etc/init.d/keepalived stop

exit

fi

fi

sleep 5

done

vim /etc/rc.local

/etc/init.d/keepalived restart

/opt/jumpserver/service.sh restart

sh /etc/keepalived/check_service.sh &

node2

vim /etc/keepalived/check_server.sh

!/bin/bash

DIR=/opt/jumpserver/

while true

do

check_num=lsof -i :8000 | grep '*:irdmi' | wc -l

if [ checknum−eq0];thencd" role="presentation">checknumeq0];thencdchecknumeq0];thencdDIR

sh service.sh restart

sleep 5

check_num=lsof -i :8000 | grep '*:irdmi' | wc -l

if [ $check_num -eq 0 ];then

/etc/init.d/keepalived stop

exit

fi

fi

sleep 5

done

vim /etc/rc.local

/etc/init.d/keepalived restart

/opt/jumpserver/service.sh restart

sh /etc/keepalived/check_service.sh &

本文由职坐标整理并发布，希望对同学们有所帮助。了解更多详情请关注职坐标大数据云计算大数据安全频道！