常见问题

1. Core 启动异常

  1. ./jmsctl.sh start
  1. Creating network "jms_net" with driver "bridge"
  2. Creating jms_mysql ... done
  3. Creating jms_redis ... done
  4. Creating jms_core  ... done
  5. ERROR: for celery  Container "76b2e315f69d" is unhealthy.
  6. ERROR: for lina  Container "76b2e315f69d" is unhealthy.
  7. ERROR: for luna  Container "76b2e315f69d" is unhealthy.
  8. ERROR: for lion  Container "76b2e315f69d" is unhealthy.
  9. ERROR: for koko  Container "76b2e315f69d" is unhealthy.
  10. ERROR: Encountered errors while bringing up the project.
  1. # 如果出现上面的错误, 执行下面的命令, 直到出现 Check service status 为止
  2. docker logs -f jms_core --tail 200  # 如果没有报错就等表结构合并完毕后然后重新 start 即可
  1. 2021-02-08 14:58:53 Mon Feb  8 14:58:53 2021
  2. 2021-02-08 14:58:53 JumpServer version v2.12.0, more see https://www.jumpserver.org
  4. - Start Gunicorn WSGI HTTP Server
  5. 2021-02-08 14:58:53 Check database connection ...
  6. users
  7.   [ ] 0001_initial
  8.   [ ] 0002_auto_20171225_1157_squashed_0019_auto_20190304_1459 (18 squashed migrations)
  9.   [ ] 0020_auto_20190612_1825
  10.   [ ] 0021_auto_20190625_1104
  11.   [ ] 0022_auto_20190625_1105
  12.   [ ] 0023_auto_20190724_1525
  13.   [ ] 0024_auto_20191118_1612
  14.   [ ] 0025_auto_20200206_1216
  15.   [ ] 0026_auto_20200508_2105
  16.   [ ] 0027_auto_20200616_1503
  17.   [ ] 0028_auto_20200728_1805
  18.   [ ] 0029_auto_20200814_1650
  19.   [ ] 0030_auto_20200819_2041
  20.   [ ] 0031_auto_20201118_1801
  21.   2021-02-08 14:58:58 Database connect success
  22.   Operations to perform:
  23.     Apply all migrations: admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, ops, orgs, perms, sessions, settings, terminal, tickets, users
  24.   Running migrations:
  25.     Applying contenttypes.0001_initial... OK
  26.     Applying contenttypes.0002_remove_content_type_name... OK
  27.     Applying auth.0001_initial... OK
  28.     Applying auth.0002_alter_permission_name_max_length... OK
  29.     Applying auth.0003_alter_user_email_max_length... OK
  30.     Applying auth.0004_alter_user_username_opts... OK
  31.     Applying auth.0005_alter_user_last_login_null... OK
  32.     Applying auth.0006_require_contenttypes_0002... OK
  33.     Applying auth.0007_alter_validators_add_error_messages... OK
  34.     Applying auth.0008_alter_user_username_max_length... OK
  35.     ... 省略
  36.     Applying tickets.0001_initial... OK
  37.     Applying tickets.0002_auto_20200728_1146... OK
  38.     Applying tickets.0003_auto_20200804_1551... OK
  39.     Applying tickets.0004_ticket_comment... OK
  40.     Applying tickets.0005_ticket_meta_confirmed_system_users... OK
  41.     Applying tickets.0006_auto_20201023_1628... OK
  42.     Applying tickets.0007_auto_20201224_1821... OK
  43.     Applying users.0031_auto_20201118_1801... OK
  44.     # 确定这上面都是显示 ok,不能有 error
  45.   2021-02-08 14:59:31 [cache INFO] CACHE: Send refresh task <orgs.caches.OrgResourceStatisticsCache object at 0x7fb9122ce0d0>.('nodes_amount',)
  46.   Operations to perform:
  47.     Apply all migrations: admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, ops, orgs, perms, sessions, settings, terminal, tickets, users
  48.   Running migrations:
  49.     No migrations to apply.
  51.   - Start Flower as Task Monitor
  53.   - Start Daphne ASGI WS Server
  54.   2021-02-08 15:01:02 Check service status: gunicorn -> running at 38
  55.   2021-02-08 15:01:02 Check service status: flower -> running at 44
  56.   2021-02-08 15:01:02 Check service status: daphne -> running at 54
  1. # 确定上面都是 ok 的没有报错, 提示 Check service status 后就可以重新启动其他组件
  2. ./jmsctl.sh start

2. Web 页面异常

Server error occur, contact administrator

  1. docker logs -f jms_core --tail 200
  2. # 查看是否有报错,如果没有或者不完整请进入容器查看日志
  1. docker exec -it jms_core /bin/bash
  2. cat logs/jumpserver.log
  3. # 根据报错处理

3. Web 登录失败

忘记密码, 密码过期

如果忘了密码或者密码过期, 可以点击找回密码通过邮件找回
如果无法通过邮件找回, 可以通过控制台重置

  1. docker exec -it jms_core /bin/bash
  2. cd /opt/jumpserver/apps
  3. python manage.py shell
  1. from users.models import User
  2. u = User.objects.get(username='admin')
  3. u.reset_password('password')
  4. u.save()

admin 为你要修改的账户名称, password 为你要修改的密码

登录频繁账号被锁定

找管理员重置, 管理员可以在对应用户的个人页面重置
或者通过下面的 shell 解决

  1. docker exec -it jms_core /bin/bash
  2. cd /opt/jumpserver/apps
  3. python manage.py shell
  1. from django.core.cache import cache
  2. cache.delete_pattern('_LOGIN_BLOCK_*')
  3. cache.delete_pattern('_LOGIN_LIMIT_*')

或者你也可以新建一个超级管理员来对其他用户进行设置

  1. docker exec -it jms_core /bin/bash
  2. cd /opt/jumpserver/apps
  3. python manage.py createsuperuser --username=user --email=user@domain.com

如果是设置了 LDAP 后无法登录, 请登录数据库禁用 ldap 登录, 然后重新设置 LDAP

  1. mysql -uroot -p
  1. use jumpserver;
  2. update settings_setting set value='false' where name='AUTH_LDAP';
  1. redis-cli -a $REDIS_PASSWORD
  1. select 4
  2. keys *LDAP*
  3. del :1:_SETTING_AUTH_LDAP

如果是设置 其他身份认证 后无法登录, 注释掉 jumpserver/config/config.txt 里面的身份认证设置重启即可

4. 管理用户 和 系统用户

资产测试可连接性、更新硬件信息 报 Permission denied 或者 Authentication failure

一般都是管理用户账户密码不正确

资产测试可连接性、更新硬件信息 报 /usr/bin/python: not found

在一般是资产 python 未安装或者 python 异常, 一般出现在 ubuntu 资产上

系统用户测试资产可连接性错误

确定系统用户是否正确, 如果系统用户使用了自动推送, 确保管理用户正确
系统用户设置为 root 的情况下, 请关闭自动推送, 并输入正确的 root 密码

提示 timeout

  1. # 手动 ssh 登录提示 timeout 的那台服务器
  2. vi /etc/ssh/sshd_config
  1. UseDNS no
  1. # 重启 JumpServer 服务器的 docker
  2. systemctl restart docker
  3. docker restart jms_koko

Connect websocket server error

一般情况下 nginx 未配置 websocket 导致, 根据反向代理文档进行修改后重启 nginx 即可