Rundeck is open source software that helps automate routine operational procedures in data center or cloud environments
Installation:
Rundeck can be configured to use RDB instead of default file-based data storage. RDB is recommended in large environment.In this post we’ll use file-based storage.
Rundeck requires java
# yum install java-1.8.0-openjdk java-1.8.0-openjdk-devel -y
Create java.sh file in /etc/profile.d and and content below:
#!/bin/bash JAVA_HOME=/usr/bin/java PATH=$JAVA_HOME/bin:$PATH export PATH JAVA_HOME export CLASSPATH=.
Then make file executable
chmod +x /etc/profile.d/java.sh source /etc/profile.d/java.sh
Rundeck is available on port 4440-that port needs to be open:
Add below line into file: /etc/sysconfig/iptables
-A INPUT -p tcp -m state --state NEW -m tcp --dport 4440 -j ACCEPT /etc/init.d/iptables restart
Installing Rundeck:
rpm -Uvh http://repo.rundeck.org/latest.rpm yum install rundeck /etc/init.d/rundeckd start
To make sure the service is running:
/etc/init.d/rundeckd status netstat -anp | grep '4440\|4443'
The default username and password is admin:admin, if password change for admin is required then edit the file: /etc/rundeck/realm.properties
Comment out the following line in file: /etc/rundeck/rundeck-config.properties
# Comment this out from:
grails.serverURL=http://localhost:4440
# To:
grails.serverURL=http://ip address:4440
Modify the below lines in file: /etc/rundeck/framework.properties
framework.server.name = localhost framework.server.hostname = localhost framework.server.port = 4440 framework.server.url = http://localhost:4440 to framework.server.name = ip address framework.server.hostname = ip address framework.server.port = 4440 framework.server.url = http://ip address:4440
Now, restart the service and try to login: http://ipaddress:4440
Adding nodes
At this moment, there is no feature which would allow adding nodes using GUI
https://github.com/rundeck/rundeck/issues/1584
Create New project
Clear SSH key path
And click Create
Go to /var/rundeck/projects//etc
Edit resources.xml file
Add following line for every new node (server which needs to be managed)
New node appears in Web interface
To add another node just copy node line and change name and node IP address
Creating keypair on Rundeck server
ssh-keygen
Copy private key to clipboard:
cat /root/.ssh/id_rsa
copy content to clipboard
Now, on Rundeck interface click settings (cog icon)-Key Storage
Click Add or Upload a Key
Make sure Private Key is selected from drop-down list, paste content of ~/.ssh/id_rsa
And give key a name. Note:storage path and key name must reflect names in /var/rundeck/projects/etc resources.xml file
(ssh-key-storage-path=”keys/Linuxtopic/server.key”)
Instead of Private/Public keys, password can be used as authentication method
On client (node) create authorized_keys file (under /root/.ssh)
Copy content of id_rsa.pub file (public key) from Rundeck server to authorized_keys file on node machine
Repeat same step for every new node (copy public key from Rundeck server to /root/.ssh/authorized_keys file on every node
Running command
Now when we added node, we can run command on it, from Rundeck server go to commands-type command
From nodes, type node name-Click Run on node
Key storage
Private key uploaded to Rundeck server in previous steps are located locally on Rundeck server
/var/lib/rundeck/var/storage/content/keys// folder
Passing Rundeck password storage to script
Create password storage:
Create job-add option-specify secure-select password storage created in previous step
In script option specify arguments
In script body specify argument:
jira_password=$1 curl -XN -u user:$1
Allowing null/empty values as parameter
If you have a script which accepts optional parameters then in Rundeck set Default value as " "
(Only works if step is Local command)
Scheduling jobs
Rundeck uses Quartz cron syntax for scheduling jobs
CRON job to run every first day of the month at 09:00 AM
0 00 09 1 * ? *
Run every hour:
0 0 0/1 1/1 * ? *
Run every 55 minutes:
0 0/55 * 1/1 * ? *
Run every 2nd friday
0 15 10 ? * 6#2 *
6 – day of the week
2 – week number
Run last friday in month:
0 15 10 ? * 6L *
6 – day of the week
L – last week of month
This one is carried out Quarterly so March, June, September, December 4th Sunday of month at 10:14 AM)
0 14 10 ? MAR,JUN,SEP,DEC 1#4 *
Changing “from” Rundeck email address
edit /etc/rundeck/rundeck-config.properties
and add
grails.mail.default.from=some@mail.com
Script to test if Rundeck service is running:
#!/usr/bin/python import sys import os import commands sys.stdout = open('log.txt','wt') output = commands.getoutput('ps -A') if 'runuser' in output: print("Rundeck is up an running!") else: os.system("systemctl start rundeckd") print("Rundeck service started")
We can execute this script via cron:
*/5 * * * * /usr/bin/python /root/scripts/service.py
Thanks for the recipe, I am going through it now (after failing to the Rundeck install under Tomcat working properly.) Maybe this will clarify the former too.
There is a typo here:
“Create java.sh file in /etc/profile/d and and content below:” (should be profile.d)
Also I think you have set the wrong JAVA_HOME? As shown above, with JAVA_HOME=/usr/bin/java you will next be adding to the the PATH /usr/bin/java/bin. I think JAVA_HOME needs to point to the JRE directory, one above where the bin folder containing JAVA is? For example, JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.x86_64/jre. Perhaps I am missing something…..
LikeLike
Thanks Scott, typo corrected,for JAVA_HOME:i used code i posted here multiple times for new installations and no issues
LikeLiked by 1 person
[…] this post we installed Rundeck, in this one we’ll access to Rundeck by typing https://FQDN, without […]
LikeLike