cat \/dev\/urandom | tr -dc A-Za-z0-9 | head -c 50<\/code><\/p>\n\n\n\n$ echo “SECRET_KEY=$SECRET_KEY” >> ~\/.bashrc<\/p>\n\n\n
<\/p>\n\n\n
$ BOOTSTRAP_TOKEN=cat \/dev\/urandom | tr -dc A-Za-z0-9 | head -c 16<\/code><\/p>\n\n\n\n$ echo “BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN” >> ~\/.bashrc<\/p>\n\n\n\n
\u5f55\u50cf\u8def\u5f84\uff1a\/home\/server\/data\/jumpserver-media<\/p>\n\n\n\n
$ vim jumpserver-pvc.yaml<\/strong><\/p>\n\n\n\napiVersion: v1\nkind: PersistentVolume\nmetadata:\n name: jumpserver-media-volume\n labels:\n type: local\nspec:\n storageClassName: manual\n capacity:\n storage: 50Gi\n accessModes:\n - ReadWriteMany\n hostPath:\n path: \"\/home\/server\/data\/jumpserver-media\"\n\n---\n\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: jumpserver-media-claim\n namespace: default\n #annotations:\n #volume.beta.kubernetes.io\/storage-class: \"nfs-storage\"\nspec:\n storageClassName: manual\n accessModes:\n - ReadWriteMany\n resources:\n requests:\n storage: 50Gi<\/code><\/pre>\n\n\n\n$ vim jumpserver-svc.yaml<\/strong><\/p>\n\n\n\napiVersion: v1\nkind: Service\nmetadata:\n name: jumpserver\n namespace: default\n labels:\n #app: jumpserver\n app.kubernetes.io\/instance: jumpserver\n app.kubernetes.io\/name: jumpserver\nspec:\n type: NodePort\n ports:\n - name: http\n port: 80\n targetPort: 80\n nodePort: 80\n protocol: TCP\n - name: ssh\n port: 2222\n targetPort: 2222\n nodePort: 2222\n protocol: TCP\n selector:\n #app: jumpserver\n app.kubernetes.io\/instance: jumpserver\n app.kubernetes.io\/name: jumpserver<\/code><\/pre>\n\n\n\n$ vim jumpserver.yaml<\/strong><\/p>\n\n\n\napiVersion: apps\/v1\nkind: Deployment\nmetadata:\n name: jumpserver\n namespace: default\n labels:\n app.kubernetes.io\/instance: jumpserver\n app.kubernetes.io\/name: jumpserver\nspec:\n replicas: 1\n strategy:\n rollingUpdate:\n maxSurge: 1\n maxUnavailable: 0\n type: RollingUpdate\n selector:\n matchLabels:\n app.kubernetes.io\/instance: jumpserver\n app.kubernetes.io\/name: jumpserver\n template:\n metadata:\n labels:\n app.kubernetes.io\/instance: jumpserver\n app.kubernetes.io\/name: jumpserver\n spec:\n containers:\n - env:\n - name: SECRET_KEY\n value: \"zyi0sBiTbCPKl65XLcONSSaxiuQpb6e6JD3RRNfyJuLbGwh9v6\"\n - name: BOOTSTRAP_TOKEN\n value: \"BEGjCbG7lH1wmSi9\"\n - name: DB_HOST\n value: \"mysql\"\n - name: DB_PORT\n value: \"3306\"\n - name: DB_USER\n value: \"jumpserver\"\n - name: DB_PASSWORD\n value: \"AAAaaa111\" # \u6b64\u5904\u5fc5\u987b\u662f\u5927\u5c0f\u5199+\u6570\u5b57\n - name: DB_NAME\n value: \"jumpserver\"\n - name: REDIS_HOST\n value: \"redis\"\n - name: REDIS_PORT\n value: \"6379\"\n - name: REDIS_PASSWORD\n value: \"AAAaaa111\"\n image: jumpserver\/jms_all:latest\n imagePullPolicy: IfNotPresent\n name: jumpserver\n ports:\n - containerPort: 80\n name: http\n protocol: TCP\n - containerPort: 2222\n name: ssh\n protocol: TCP\n volumeMounts:\n - name: jumpserver-media\n mountPath: \/opt\/jumpserver\/data\/media\/\n volumes:\n - name: jumpserver-media\n persistentVolumeClaim:\n claimName: jumpserver-media-claim<\/code><\/pre>\n\n\n\n\u521b\u5efapvc\u548csvc<\/p>\n\n\n\n
$ sudo kubectl apply -f jumpserver-pvc.yaml -f jumpserver-svc.yaml<\/p>\n\n\n\n
\u542f\u52a8jumpserver<\/p>\n\n\n\n
$ sudo kubectl apply -f jumpserver.yaml<\/p>\n\n\n\n![\"\"](\"https:\/\/www.luyouli.com\/wp-content\/uploads\/2020\/11\/image.png\")
<\/figure>\n\n\n\n\u8fd9\u6837\u5c31OK\u4e86\uff0c\u5982\u679c\u6709\u95ee\u9898\u5c31\u770b\u65e5\u5fd7\u5904\u7406<\/p>\n\n\n\n
github\u4ee3\u7801\u5730\u5740\u5982\u4e0b\uff1a<\/p>\n\n\n\n