我的书签
添加书签
移除书签安装文档
环境要求
| OS Version | Linux Kernel | Soft Requirement |
|---|---|---|
| Linux Release | >= 4.0 | wget curl tar gettext iptables python |
安装方式
外置环境要求
- 推荐使用外置 数据库 和 Redis,方便日后扩展升级
| DB | Version | Cache | Version | |
|---|---|---|---|---|
| MySQL | >= 5.7 | Redis | >= 5.0 | |
| MariaDB | >= 10.2 |
可以使用由 华为云 提供的容器镜像服务 
| 区域 | 镜像仓库地址 | 配置文件 /opt/jumpserver/config/config.txt | Kubernetes values.yaml | OS/ARCH |
|---|---|---|---|---|
| 华北-北京一 | swr.cn-north-1.myhuaweicloud.com | DOCKER_IMAGE_PREFIX=swr.cn-north-1.myhuaweicloud.com | repository: swr.cn-north-1.myhuaweicloud.com | linux/amd64 |
| 华北-北京四 | swr.cn-north-4.myhuaweicloud.com | DOCKER_IMAGE_PREFIX=swr.cn-north-4.myhuaweicloud.com | repository: swr.cn-north-4.myhuaweicloud.com | linux/amd64 |
| 华南-广州 | swr.cn-south-1.myhuaweicloud.com | DOCKER_IMAGE_PREFIX=swr.cn-south-1.myhuaweicloud.com | repository: swr.cn-south-1.myhuaweicloud.com | linux/amd64 |
| 华东-上海一 | swr.cn-east-3.myhuaweicloud.com | DOCKER_IMAGE_PREFIX=swr.cn-east-3.myhuaweicloud.com | repository: swr.cn-east-3.myhuaweicloud.com | linux/amd64 |
| 亚太-香港 | swr.ap-southeast-1.myhuaweicloud.com | DOCKER_IMAGE_PREFIX=swr.ap-southeast-1.myhuaweicloud.com | repository: swr.ap-southeast-1.myhuaweicloud.com | linux/amd64 |
| 亚太-新加坡 | swr.ap-southeast-3.myhuaweicloud.com | DOCKER_IMAGE_PREFIX=swr.ap-southeast-3.myhuaweicloud.com | repository: swr.ap-southeast-3.myhuaweicloud.com | linux/amd64 |
一键部署
# 默认会安装到 /opt/jumpserver-installer-v2.22.2 目录curl -sSL https://github.com/jumpserver/jumpserver/releases/download/v2.22.2/quick_start.sh | bashcd /opt/jumpserver-installer-v2.22.2
# 安装完成后配置文件 /opt/jumpserver/config/config.txt
cd /opt/jumpserver-installer-v2.22.2# 启动./jmsctl.sh start# 停止./jmsctl.sh down# 卸载./jmsctl.sh uninstall# 帮助./jmsctl.sh -h
手动部署
cd /optwget https://github.com/jumpserver/installer/releases/download/v2.22.2/jumpserver-installer-v2.22.2.tar.gztar -xf jumpserver-installer-v2.22.2.tar.gzcd jumpserver-installer-v2.22.2
# 根据需要修改配置文件模板, 如果不清楚用途可以跳过修改cat config-example.txt
# 以下设置如果为空系统会自动生成随机字符串填入## 迁移请修改 SECRET_KEY 和 BOOTSTRAP_TOKEN 为原来的设置## 完整参数文档 https://docs.jumpserver.org/zh/master/admin-guide/env/## 安装配置, amd64 默认使用华为云加速下载, arm64 请注释掉 DOCKER_IMAGE_PREFIX=swr.cn-south-1.myhuaweicloud.com# DOCKER_IMAGE_PREFIX=swr.cn-south-1.myhuaweicloud.comVOLUME_DIR=/opt/jumpserverDOCKER_DIR=/var/lib/dockerSECRET_KEY=BOOTSTRAP_TOKEN=LOG_LEVEL=ERROR## MySQL 配置, USE_EXTERNAL_MYSQL=1 表示使用外置数据库, 请输入正确的 MySQL 信息USE_EXTERNAL_MYSQL=0DB_HOST=mysqlDB_PORT=3306DB_USER=rootDB_PASSWORD=DB_NAME=jumpserver## Redis 配置, USE_EXTERNAL_REDIS=1 表示使用外置数据库, 请输入正确的 Redis 信息USE_EXTERNAL_REDIS=0REDIS_HOST=redisREDIS_PORT=6379REDIS_PASSWORD=## Compose 项目设置, 如果 192.168.250.0/24 网段与你现有网段冲突, 请修改然后重启 JumpServerCOMPOSE_PROJECT_NAME=jmsCOMPOSE_HTTP_TIMEOUT=3600DOCKER_CLIENT_TIMEOUT=3600DOCKER_SUBNET=192.168.250.0/24## IPV6 设置, 容器是否开启 ipv6 nat, USE_IPV6=1 表示开启, 为 0 的情况下 DOCKER_SUBNET_IPV6 定义不生效USE_IPV6=0DOCKER_SUBNET_IPV6=fc00:1010:1111:200::/64## 访问配置HTTP_PORT=80SSH_PORT=2222MAGNUS_MYSQL_PORT=33060MAGNUS_MARIADB_PORT=33061## HTTPS 配置, 参考 https://docs.jumpserver.org/zh/master/admin-guide/proxy/ 配置# USE_LB=1# HTTPS_PORT=443# SERVER_NAME=your_domain_name# SSL_CERTIFICATE=your_cert# SSL_CERTIFICATE_KEY=your_cert_key## Nginx 文件上传大小CLIENT_MAX_BODY_SIZE=4096m## Task 配置, 是否启动 jms_celery 容器, 单节点必须开启USE_TASK=1## XPack, USE_XPACK=1 表示开启, 开源版本设置无效USE_XPACK=0RDP_PORT=3389MAGNUS_POSTGRE_PORT=54320TCP_SEND_BUFFER_BYTES=4194304TCP_RECV_BUFFER_BYTES=6291456# Core 配置, Session 定义, SESSION_COOKIE_AGE 表示闲置多少秒后 session 过期, SESSION_EXPIRE_AT_BROWSER_CLOSE=True 表示关闭浏览器即 session 过期# SESSION_COOKIE_AGE=86400SESSION_EXPIRE_AT_BROWSER_CLOSE=True# Koko Lion XRDP 组件配置CORE_HOST=http://core:8080JUMPSERVER_ENABLE_FONT_SMOOTHING=True## 终端使用宿主 HOSTNAME 标识SERVER_HOSTNAME=${HOSTNAME}# 额外的配置CURRENT_VERSION=
# 安装./jmsctl.sh install# 启动./jmsctl.sh start
# 安装完成后配置文件 /opt/jumpserver/config/config.txt
cd /opt/jumpserver-installer-v2.22.2# 启动./jmsctl.sh start# 停止./jmsctl.sh down# 卸载./jmsctl.sh uninstall# 帮助./jmsctl.sh -h
离线部署(amd64)
从飞致云社区 下载最新的 linux/amd64 离线包, 并上传到部署服务器的 /opt 目录
cd /opttar -xf jumpserver-offline-installer-v2.22.2-amd64-207.tar.gzcd jumpserver-offline-installer-v2.22.2-amd64-207
# 根据需要修改配置文件模板, 如果不清楚用途可以跳过修改cat config-example.txt
# 以下设置如果为空系统会自动生成随机字符串填入## 迁移请修改 SECRET_KEY 和 BOOTSTRAP_TOKEN 为原来的设置## 完整参数文档 https://docs.jumpserver.org/zh/master/admin-guide/env/## 安装配置, amd64 默认使用华为云加速下载, arm64 请注释掉 DOCKER_IMAGE_PREFIX=swr.cn-south-1.myhuaweicloud.com# DOCKER_IMAGE_PREFIX=swr.cn-south-1.myhuaweicloud.comVOLUME_DIR=/opt/jumpserverDOCKER_DIR=/var/lib/dockerSECRET_KEY=BOOTSTRAP_TOKEN=LOG_LEVEL=ERROR## MySQL 配置, USE_EXTERNAL_MYSQL=1 表示使用外置数据库, 请输入正确的 MySQL 信息USE_EXTERNAL_MYSQL=0DB_HOST=mysqlDB_PORT=3306DB_USER=rootDB_PASSWORD=DB_NAME=jumpserver## Redis 配置, USE_EXTERNAL_REDIS=1 表示使用外置数据库, 请输入正确的 Redis 信息USE_EXTERNAL_REDIS=0REDIS_HOST=redisREDIS_PORT=6379REDIS_PASSWORD=## Compose 项目设置, 如果 192.168.250.0/24 网段与你现有网段冲突, 请修改然后重启 JumpServerCOMPOSE_PROJECT_NAME=jmsCOMPOSE_HTTP_TIMEOUT=3600DOCKER_CLIENT_TIMEOUT=3600DOCKER_SUBNET=192.168.250.0/24## IPV6 设置, 容器是否开启 ipv6 nat, USE_IPV6=1 表示开启, 为 0 的情况下 DOCKER_SUBNET_IPV6 定义不生效USE_IPV6=0DOCKER_SUBNET_IPV6=fc00:1010:1111:200::/64## 访问配置HTTP_PORT=80SSH_PORT=2222MAGNUS_MYSQL_PORT=33060MAGNUS_MARIADB_PORT=33061## HTTPS 配置, 参考 https://docs.jumpserver.org/zh/master/admin-guide/proxy/ 配置# USE_LB=1# HTTPS_PORT=443# SERVER_NAME=your_domain_name# SSL_CERTIFICATE=your_cert# SSL_CERTIFICATE_KEY=your_cert_key## Nginx 文件上传大小CLIENT_MAX_BODY_SIZE=4096m## Task 配置, 是否启动 jms_celery 容器, 单节点必须开启USE_TASK=1## XPack, USE_XPACK=1 表示开启, 开源版本设置无效USE_XPACK=0RDP_PORT=3389MAGNUS_POSTGRE_PORT=54320TCP_SEND_BUFFER_BYTES=4194304TCP_RECV_BUFFER_BYTES=6291456# Core 配置, Session 定义, SESSION_COOKIE_AGE 表示闲置多少秒后 session 过期, SESSION_EXPIRE_AT_BROWSER_CLOSE=True 表示关闭浏览器即 session 过期# SESSION_COOKIE_AGE=86400SESSION_EXPIRE_AT_BROWSER_CLOSE=True# Koko Lion XRDP 组件配置CORE_HOST=http://core:8080JUMPSERVER_ENABLE_FONT_SMOOTHING=True## 终端使用宿主 HOSTNAME 标识SERVER_HOSTNAME=${HOSTNAME}# 额外的配置CURRENT_VERSION=
# 安装./jmsctl.sh install# 启动./jmsctl.sh start
# 安装完成后配置文件 /opt/jumpserver/config/config.txt
cd /opt/jumpserver-installer-v2.22.2# 启动./jmsctl.sh start# 停止./jmsctl.sh down# 卸载./jmsctl.sh uninstall# 帮助./jmsctl.sh -h
离线部署(arm64)
从飞致云社区 下载最新的 linux/arm64 离线包, 并上传到部署服务器的 /opt 目录
cd /opttar -xf jumpserver-offline-installer-v2.22.2-arm64-207.tar.gzcd jumpserver-offline-installer-v2.22.2-arm64-207
# 根据需要修改配置文件模板, 如果不清楚用途可以跳过修改cat config-example.txt
# 以下设置如果为空系统会自动生成随机字符串填入## 迁移请修改 SECRET_KEY 和 BOOTSTRAP_TOKEN 为原来的设置## 完整参数文档 https://docs.jumpserver.org/zh/master/admin-guide/env/## 安装配置, amd64 默认使用华为云加速下载, arm64 请注释掉 DOCKER_IMAGE_PREFIX=swr.cn-south-1.myhuaweicloud.com# DOCKER_IMAGE_PREFIX=swr.cn-south-1.myhuaweicloud.comVOLUME_DIR=/opt/jumpserverDOCKER_DIR=/var/lib/dockerSECRET_KEY=BOOTSTRAP_TOKEN=LOG_LEVEL=ERROR## MySQL 配置, USE_EXTERNAL_MYSQL=1 表示使用外置数据库, 请输入正确的 MySQL 信息USE_EXTERNAL_MYSQL=0DB_HOST=mysqlDB_PORT=3306DB_USER=rootDB_PASSWORD=DB_NAME=jumpserver## Redis 配置, USE_EXTERNAL_REDIS=1 表示使用外置数据库, 请输入正确的 Redis 信息USE_EXTERNAL_REDIS=0REDIS_HOST=redisREDIS_PORT=6379REDIS_PASSWORD=## Compose 项目设置, 如果 192.168.250.0/24 网段与你现有网段冲突, 请修改然后重启 JumpServerCOMPOSE_PROJECT_NAME=jmsCOMPOSE_HTTP_TIMEOUT=3600DOCKER_CLIENT_TIMEOUT=3600DOCKER_SUBNET=192.168.250.0/24## IPV6 设置, 容器是否开启 ipv6 nat, USE_IPV6=1 表示开启, 为 0 的情况下 DOCKER_SUBNET_IPV6 定义不生效USE_IPV6=0DOCKER_SUBNET_IPV6=fc00:1010:1111:200::/64## 访问配置HTTP_PORT=80SSH_PORT=2222MAGNUS_MYSQL_PORT=33060MAGNUS_MARIADB_PORT=33061## HTTPS 配置, 参考 https://docs.jumpserver.org/zh/master/admin-guide/proxy/ 配置# USE_LB=1# HTTPS_PORT=443# SERVER_NAME=your_domain_name# SSL_CERTIFICATE=your_cert# SSL_CERTIFICATE_KEY=your_cert_key## Nginx 文件上传大小CLIENT_MAX_BODY_SIZE=4096m## Task 配置, 是否启动 jms_celery 容器, 单节点必须开启USE_TASK=1## XPack, USE_XPACK=1 表示开启, 开源版本设置无效USE_XPACK=0RDP_PORT=3389MAGNUS_POSTGRE_PORT=54320TCP_SEND_BUFFER_BYTES=4194304TCP_RECV_BUFFER_BYTES=6291456# Core 配置, Session 定义, SESSION_COOKIE_AGE 表示闲置多少秒后 session 过期, SESSION_EXPIRE_AT_BROWSER_CLOSE=True 表示关闭浏览器即 session 过期# SESSION_COOKIE_AGE=86400SESSION_EXPIRE_AT_BROWSER_CLOSE=True# Koko Lion XRDP 组件配置CORE_HOST=http://core:8080JUMPSERVER_ENABLE_FONT_SMOOTHING=True## 终端使用宿主 HOSTNAME 标识SERVER_HOSTNAME=${HOSTNAME}# 额外的配置CURRENT_VERSION=
# 安装./jmsctl.sh install# 启动./jmsctl.sh start
# 安装完成后配置文件 /opt/jumpserver/config/config.txt
cd /opt/jumpserver-installer-v2.22.2# 启动./jmsctl.sh start# 停止./jmsctl.sh down# 卸载./jmsctl.sh uninstall# 帮助./jmsctl.sh -h
Kubernetes
helm repo add jumpserver https://jumpserver.github.io/helm-chartshelm repo listvi values.yaml
# 模板 https://github.com/jumpserver/helm-charts/blob/main/charts/jumpserver/values.yaml# Default values for jumpserver.# This is a YAML-formatted file.# Declare variables to be passed into your templates.nameOverride: ""fullnameOverride: ""## @param global.imageRegistry Global Docker image registry## @param global.imagePullSecrets Global Docker registry secret names as an array## @param global.storageClass Global StorageClass for Persistent Volume(s)## @param global.redis.password Global Redis™ password (overrides `auth.password`)##global:imageRegistry: "docker.io" # 国内可以使用华为云加速 swr.cn-south-1.myhuaweicloud.comimageTag: v2.22.2 # 版本号## E.g.# imagePullSecrets:# - name: harborsecret## storageClass: "jumpserver-data"##imagePullSecrets: []# - name: yourSecretKeystorageClass: "" # (*必填) NFS SC## Please configure your MySQL server first## Jumpserver will not start the external MySQL server.##externalDatabase: # (*必填) 数据库相关设置engine: mysqlhost: localhostport: 3306user: rootpassword: ""database: jumpserver## Please configure your Redis server first## Jumpserver will not start the external Redis server.##externalRedis: # (*必填) Redis 设置host: localhostport: 6379password: ""serviceAccount:# Specifies whether a service account should be createdcreate: false# The name of the service account to use.# If not set and create is true, a name is generated using the fullname templatename:ingress:enabled: true # 不使用 ingress 可以关闭annotations:# kubernetes.io/tls-acme: "true"compute-full-forwarded-for: "true"use-forwarded-headers: "true"kubernetes.io/ingress.class: nginxnginx.ingress.kubernetes.io/configuration-snippet: |proxy_set_header Upgrade "websocket";proxy_set_header Connection "Upgrade";hosts:- "test.jumpserver.org" # 对外域名tls: []# - secretName: chart-example-tls# hosts:# - chart-example.localcore:enabled: truelabels:app.jumpserver.org/name: jms-coreconfig:# Generate a new random secret key by execute `cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`# secretKey: "B3f2w8P2PfxIAS7s4URrD9YmSbtqX4vXdPUL217kL9XPUOWrmy"secretKey: "" # (*必填) 加密敏感信息的 secret_key, 长度推荐大于 50 位# Generate a new random bootstrap token by execute `cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`# bootstrapToken: "7Q11Vz6R2J6BLAdO"bootstrapToken: "" # (*必填) 组件认证使用的 token, 长度推荐大于 24 位# Enabled it for debugdebug: falselog:level: ERRORreplicaCount: 1image:registry: docker.iorepository: jumpserver/coretag: v2.22.2pullPolicy: IfNotPresentcommand: []env:# See: https://docs.jumpserver.org/zh/master/admin-guide/env/#coreSESSION_EXPIRE_AT_BROWSER_CLOSE: true# SESSION_COOKIE_AGE: 86400# SECURITY_VIEW_AUTH_NEED_MFA: truelivenessProbe:failureThreshold: 30httpGet:path: /api/health/port: webreadinessProbe:failureThreshold: 30httpGet:path: /api/health/port: webpodSecurityContext: {}# fsGroup: 2000securityContext: {}# capabilities:# drop:# - ALL# readOnlyRootFilesystem: true# runAsNonRoot: true# runAsUser: 1000service:type: ClusterIPweb:port: 8080ws:port: 8070resources: {}# We usually recommend not to specify default resources and to leave this as a conscious# choice for the user. This also increases chances charts run on environments with little# resources, such as Minikube. If you do want to specify resources, uncomment the following# lines, adjust them as necessary, and remove the curly braces after 'resources:'.# limits:# cpu: 1000m# memory: 2048Mi# requests:# cpu: 500m# memory: 1024Mipersistence:storageClassName: jumpserver-dataaccessModes:- ReadWriteManysize: 100Gi# annotations: {}finalizers:- kubernetes.io/pvc-protection# subPath: ""# existingClaim:volumeMounts: []volumes: []nodeSelector: {}tolerations: []affinity: {}koko:enabled: truelabels:app.jumpserver.org/name: jms-kokoconfig:log:level: ERRORreplicaCount: 1image:registry: docker.iorepository: jumpserver/kokotag: v2.22.2pullPolicy: IfNotPresentcommand: []env: []# See: https://docs.jumpserver.org/zh/master/admin-guide/env/#koko# LANGUAGE_CODE: zh# REUSE_CONNECTION: true# ENABLE_LOCAL_PORT_FORWARD: true# ENABLE_VSCODE_SUPPORT: truelivenessProbe:failureThreshold: 30httpGet:path: /koko/health/port: webreadinessProbe:failureThreshold: 30httpGet:path: /koko/health/port: webpodSecurityContext: {}# fsGroup: 2000securityContext:privileged: true# capabilities:# drop:# - ALL# readOnlyRootFilesystem: true# runAsNonRoot: true# runAsUser: 1000service:type: ClusterIPweb:port: 5000ssh:port: 2222resources: {}# We usually recommend not to specify default resources and to leave this as a conscious# choice for the user. This also increases chances charts run on environments with little# resources, such as Minikube. If you do want to specify resources, uncomment the following# lines, adjust them as necessary, and remove the curly braces after 'resources:'.# limits:# cpu: 100m# memory: 128Mi# requests:# cpu: 100m# memory: 128Mipersistence:storageClassName: jumpserver-dataaccessModes:- ReadWriteManysize: 10Gi# annotations: {}finalizers:- kubernetes.io/pvc-protectionvolumeMounts: []volumes: []nodeSelector: {}tolerations: []affinity: {}lion:enabled: truelabels:app.jumpserver.org/name: jms-lionconfig:log:level: ERRORreplicaCount: 1image:registry: docker.iorepository: jumpserver/liontag: v2.22.2pullPolicy: IfNotPresentcommand: []env:# See: https://docs.jumpserver.org/zh/master/admin-guide/env/#lionJUMPSERVER_ENABLE_FONT_SMOOTHING: true# JUMPSERVER_COLOR_DEPTH: 32# JUMPSERVER_ENABLE_WALLPAPER: true# JUMPSERVER_ENABLE_THEMING: true# JUMPSERVER_ENABLE_FULL_WINDOW_DRAG: true# JUMPSERVER_ENABLE_DESKTOP_COMPOSITION: true# JUMPSERVER_ENABLE_MENU_ANIMATIONS: truelivenessProbe:failureThreshold: 30httpGet:path: /lion/health/port: webreadinessProbe:failureThreshold: 30httpGet:path: /lion/health/port: webpodSecurityContext: {}# fsGroup: 2000securityContext: {}# capabilities:# drop:# - ALL# readOnlyRootFilesystem: true# runAsNonRoot: true# runAsUser: 1000service:type: ClusterIPweb:port: 8081resources: {}# We usually recommend not to specify default resources and to leave this as a conscious# choice for the user. This also increases chances charts run on environments with little# resources, such as Minikube. If you do want to specify resources, uncomment the following# lines, adjust them as necessary, and remove the curly braces after 'resources:'.# limits:# cpu: 100m# memory: 512Mi# requests:# cpu: 100m# memory: 512Mipersistence:storageClassName: jumpserver-dataaccessModes:- ReadWriteManysize: 50Gi# annotations: {}finalizers:- kubernetes.io/pvc-protectionvolumeMounts: []volumes: []nodeSelector: {}tolerations: []affinity: {}magnus:enabled: truelabels:app.jumpserver.org/name: jms-magnusconfig:log:level: ERRORreplicaCount: 1image:registry: docker.iorepository: jumpserver/magnustag: v2.21.0pullPolicy: IfNotPresentcommand: []env: []livenessProbe:failureThreshold: 30tcpSocket:port: mysqlreadinessProbe:failureThreshold: 30tcpSocket:port: mysqlpodSecurityContext: {}# fsGroup: 2000securityContext: {}# capabilities:# drop:# - ALL# readOnlyRootFilesystem: true# runAsNonRoot: true# runAsUser: 1000service:type: ClusterIPmysql:port: 33060mariadb:port: 33061postgre:port: 54320resources: {}# We usually recommend not to specify default resources and to leave this as a conscious# choice for the user. This also increases chances charts run on environments with little# resources, such as Minikube. If you do want to specify resources, uncomment the following# lines, adjust them as necessary, and remove the curly braces after 'resources:'.# limits:# cpu: 100m# memory: 512Mi# requests:# cpu: 100m# memory: 512Mipersistence:storageClassName: jumpserver-dataaccessModes:- ReadWriteManysize: 10Gi# annotations: {}finalizers:- kubernetes.io/pvc-protectionvolumeMounts: []volumes: []nodeSelector: {}tolerations: []affinity: {}xpack:enabled: false # 企业版本打开此选项omnidb:labels:app.jumpserver.org/name: jms-omnidbconfig:log:level: ERRORreplicaCount: 1image:registry: registry.fit2cloud.comrepository: jumpserver/omnidbtag: v2.22.2pullPolicy: IfNotPresentcommand: []env: []livenessProbe:failureThreshold: 30tcpSocket:port: webreadinessProbe:failureThreshold: 30tcpSocket:port: webpodSecurityContext: {}# fsGroup: 2000securityContext: {}# capabilities:# drop:# - ALL# readOnlyRootFilesystem: true# runAsNonRoot: true# runAsUser: 1000service:type: ClusterIPweb:port: 8082resources: {}# We usually recommend not to specify default resources and to leave this as a conscious# choice for the user. This also increases chances charts run on environments with little# resources, such as Minikube. If you do want to specify resources, uncomment the following# lines, adjust them as necessary, and remove the curly braces after 'resources:'.# limits:# cpu: 100m# memory: 128Mi# requests:# cpu: 100m# memory: 128Mipersistence:storageClassName: jumpserver-dataaccessModes:- ReadWriteManysize: 10Gi# annotations: {}finalizers:- kubernetes.io/pvc-protectionvolumeMounts: []volumes: []nodeSelector: {}tolerations: []affinity: {}xrdp:labels:app.jumpserver.org/name: jms-xrdpconfig:log:level: ERRORreplicaCount: 1image:registry: registry.fit2cloud.comrepository: jumpserver/xrdptag: v2.22.2pullPolicy: IfNotPresentcommand: []env:# tcp_send_buffer_bytes and tcp_recv_buffer_bytes See: https://github.com/neutrinolabs/xrdp/issues/1483TCP_SEND_BUFFER_BYTES: 4194304TCP_RECV_BUFFER_BYTES: 6291456JUMPSERVER_ENABLE_FONT_SMOOTHING: true# JUMPSERVER_ENABLE_WALLPAPER: true# JUMPSERVER_ENABLE_THEMING: true# JUMPSERVER_ENABLE_FULL_WINDOW_DRAG: true# JUMPSERVER_ENABLE_DESKTOP_COMPOSITION: true# JUMPSERVER_ENABLE_MENU_ANIMATIONS: truelivenessProbe:failureThreshold: 30tcpSocket:port: rdpreadinessProbe:failureThreshold: 30tcpSocket:port: rdppodSecurityContext: {}# fsGroup: 2000securityContext: {}# capabilities:# drop:# - ALL# readOnlyRootFilesystem: true# runAsNonRoot: true# runAsUser: 1000service:type: ClusterIPrdp:port: 3389resources: {}# We usually recommend not to specify default resources and to leave this as a conscious# choice for the user. This also increases chances charts run on environments with little# resources, such as Minikube. If you do want to specify resources, uncomment the following# lines, adjust them as necessary, and remove the curly braces after 'resources:'.# limits:# cpu: 100m# memory: 128Mi# requests:# cpu: 100m# memory: 128Mipersistence:storageClassName: jumpserver-dataaccessModes:- ReadWriteManysize: 50Gi# annotations: {}finalizers:- kubernetes.io/pvc-protectionvolumeMounts: []volumes: []nodeSelector: {}tolerations: []affinity: {}web:enabled: truelabels:app.jumpserver.org/name: jms-webreplicaCount: 1image:registry: docker.iorepository: jumpserver/webtag: v2.22.2pullPolicy: IfNotPresentcommand: []env: []# nginx client_max_body_size, default 4G# CLIENT_MAX_BODY_SIZE: 4096mlivenessProbe:failureThreshold: 30httpGet:path: /api/health/port: webreadinessProbe:failureThreshold: 30httpGet:path: /api/health/port: webpodSecurityContext: {}# fsGroup: 2000securityContext: {}# capabilities:# drop:# - ALL# readOnlyRootFilesystem: true# runAsNonRoot: true# runAsUser: 1000service:type: ClusterIPweb:port: 80resources: {}# We usually recommend not to specify default resources and to leave this as a conscious# choice for the user. This also increases chances charts run on environments with little# resources, such as Minikube. If you do want to specify resources, uncomment the following# lines, adjust them as necessary, and remove the curly braces after 'resources:'.# limits:# cpu: 100m# memory: 128Mi# requests:# cpu: 100m# memory: 128Mipersistence:storageClassName: jumpserver-dataaccessModes:- ReadWriteManysize: 1Gi# annotations: {}finalizers:- kubernetes.io/pvc-protectionvolumeMounts: []volumes: []nodeSelector: {}tolerations: []affinity: {}
# 安装helm install jms-k8s jumpserver/jumpserver -n default -f values.yaml# 卸载helm uninstall jms-k8s -n default
当前内容版权归 JumpServer 或其关联方所有,如需对内容或内容相关联开源项目进行关注与资助,请访问 JumpServer .
