Authorization statement: This article authorizes the official Amazon Cloud Technology article to forward and rewrite the rights, including but not limited to Amazon Cloud Technology official channels such as Developer Centre, Zhihu, self-media platforms, third-party developer media, etc.
Article directory
- Preface
- 1. What is EC2?
- 2. Deploy JumpServer based on Amazon EC2
-
- 1.EC2 environment initialization
- 2.JumpServer introduction
- 3. Connect to EC2
- 4. Install JumpServer online
- 5.Environmental access
- Summarize
Foreword
Recently, the company is expanding its business overseas and organized some overseas technology selection meetings. At the meeting, we agreed that the infrastructure of Amazon Cloud Technology should be used as a support for the company’s business. After all, Amazon Cloud Technology has long been the leader in overseas services. , so I came to familiarize myself with the infrastructure in advance to facilitate the subsequent overseas cloud architecture.
1. What is EC2?
First of all, we need to understand some virtualization services. S3 corresponds to domestic storage services, Lightsail corresponds to domestic lightweight application servers, and cloud hosts are on Amazon Cloud The product in technology is called EC2, and EC2, as one of the indispensable products of cloud computing, plays a decisive role in business systems, Amazon Elastic Compute Cloud (Amazon EC2)offers the broadest and deepest computing platform, with over500 instances and a choice of the latest processors, storage, networking, operating systems and purchasing models, regardless of No matter what level of load system it is, it can be fully supported. And Amazon Cloud Technology is the first major cloud provider to support Intel, AMD and Arm processors. It is the only cloud with on-demand EC2 Mac instances and the only one with 400 Gbps Ethernet network for the cloud.
For friends who have machine learning needs, EC2 can also easily meet the needs, and the cost is relatively low. Here I mainly experience EC2. New users can receive a free 12 month usage package by registering
2. Deploy JumpServer based on Amazon EC2
1.EC2 environment initialization
You can log in to your Amazon Cloud Technology account and select EC2 in the console
You can create a cloud server by starting a new instance through the console of EC2
Here we need to choose the operating system of the cloud host
As you can see, there are various operating systems, which is very comprehensive.
- Amazon Linux
- Ubuntu
- Windows
- ReadHat
- SUSE Linux
- Debian
- …
Here is an Amazon optimized system Amazon Linux, which is more stable and has stronger performance. If there are no special needs, you can consider using this as the default system, which is also Linux
Just keep the rest of the configuration as default, and then click Start a new instance
Wait a moment and the instance will appear in the instance list
I have already created it here, so I won’t create it again.
2.JumpServer introduction
JumpServer is an open source bastion machine, which is very convenient for managing our network assets. Many companies have deployed their open source version. For those who have strict internal asset management, you can try it. It complies with the 4A specification. Fortress machine. Support prior authorization, in-process supervision, and post-event auditing to meet the compliance requirements of Class A guarantees.
Without further ado, let’s start building!
3. Connect to EC2
EC2 provides online shell interactive services, which can be interacted directly through the web browser
Click Connect. When you reach this page, you are connected to our EC2
4. Install JumpServer online
Here we use online installation
curl -sSL https://github.com/jumpserver/jumpserver/releases/latest/download/quick_start.sh | bash 100% [Success]: download install script to /opt/jumpserver-installer-v3.8.0 [Info]: Start executing the installation script. [Info]: In an automated script deployment, note the message prompts on the screen. 100% [Success]: The Installation is Complete. For more commands, you can enter jmsctl --help to view help information.
After the installation is complete, the JumpServer configuration file path is: /opt/jumpserver/config/config.txt
- After the first installation, you need to modify the configuration file. After defining the
DOMAINSfield, it can be used normally. - If the server is a one-click install and the previous version already had
HTTPSturned on usingJumpServer, no changes are required. - In scenarios where you need to use an IP address to access
JumpServer, you can fill inconfig.txtaccording to your own IP type. TheDOMAINSfield in the configuration file is the public network. IP or intranet IP.
# Open the config.txt configuration file and define the DOMAINS field vim /opt/jumpserver/config/config.txt # Trusted DOMAINS definition, # Define the trusted access IP. Please modify it according to the actual situation. If it is a public network IP, please change it to the corresponding public network IP. # DOMAINS="demo.jumpserver.org" # Use domain name to access DOMAINS="172.17.200.191" # Use IP access # DOMAINS="demo.jumpserver.org,172.17.200.191" # Use IP and domain name to access DOMAINS=
Here we can directly configure IP for access. If you have a domain name, you can configure the domain name.
- Start the service ./jmsctl.sh start
cd /opt/jumpserver-installer-v3.8.0 # start up ./jmsctl.sh start # stop ./jmsctl.sh down # uninstall ./jmsctl.sh uninstall # help ./jmsctl.sh -h
There is another situation that will be different. If you have docker on your machine, you may build and deploy through docker, and the following output will appear.
5. Environment access
Eventually, there will be many installed applications. After successful installation, log in to JumpServer by accessing the IP address through the browser.
After logging in, you can see all your cloud assets.
Summary
We implemented asset management through Amazon Cloud Technology’s EC2 cloud server deployment JumpServer and found that the process of use was relatively smooth. First, we created the instance by selecting a few You can get a brand new cloud host by setting the parameters, and it also provides web shell interaction, which is very conducive to our online debugging. Many people may not have installed some shell tools and services. The cloud experience can be rated 9 points on aws. I look forward to the subsequent product experience on aws.