Setup Rundeck on CentOS 7

From Bitbull Wiki
Jump to navigation Jump to search

1 DESCRIPTION

install rundeck on centos 7

2 FILES

   framework.properties  -> internal auth (run, rd-job)
   realm.properties      -> user and pw

   /var/rundeck/projects -> Project Home
   /var/lib/rundeck      -> APP Root
   /var/log/rundeck/*log -> Logs

3 EXAMPLES

  • run job within script:
run --follow --nokeepgoing -p UserVerwaltung -j last06 -F 'hostname: vm.*' -- -User @option.User@
  • execute comands on remote nodes:
dispatch -p UserVerwaltung -F 'os-family: unix' -f -- uptime

4 INSTALL NOTES

yum makecache
yum -y upgrade
yum -y install java-1.7.0
yum -y install http://repo.rundeck.org/latest.rpm
yum makecache
yum -y install rundeck
systemctl enable rundeckd

firewall-cmd --permanent --add-port=4440/tcp
firewall-cmd --reload
sed -i "s/localhost/$(uname -n)/g" /etc/rundeck/*
systemctl start rundeckd

5 MARIADB NOTES

yum -y install mariadb-server mariadb
cd /var/lib/rundeck/exp/webapp/WEB-INF/lib
wget http://central.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/1.4.2/mariadb-java-client-1.4.2.jar
service rundeckd stop
systemctl enable mariadb
systemctl restart mariadb

mysql -u root
   create database rundeckdb;
   grant ALL on rundeckdb.* to 'rundeckuser'@'localhost' identified by 'myRD55';

cd /etc/rundeck
cp rundeck-config.properties rundeck-config.properties.orig

echo '
#loglevel.default is the default log level for jobs: ERROR,WARN,INFO,VERBOSE,DEBUG
loglevel.default=INFO
rdeck.base=/var/lib/rundeck

#rss.enabled if set to true enables RSS feeds that are public (non-authenticated)
rss.enabled=false
# change hostname here
grails.serverURL=http://localhost:4440
dataSource.dbCreate = update
dataSource.url=jdbc:mysql://localhost/rundeckdb?autoReconnect=true
dataSource.username=rundeckuser
dataSource.password=myRD55
dataSource.driverClassName=org.mariadb.jdbc.Driver
' > /etc/rundeck/rundeck-config.properties
chmod 400 /var/lib/rundeck/data/rundeckdb.h2.db
systemctl restart rundeckd

cat /etc/rundeck/realm.properties
chmod -R o-rwx /etc/rundeck

6 INSTALL SSL

systemctl stop rundeckd
su - rundeck
cd /etc/rundeck/ssl
keytool -keystore /etc/rundeck/ssl/keystore -alias rundeck -genkey -keyalg RSA -keypass adminadmin -storepass adminadmin
cp /etc/rundeck/ssl/keystore /etc/rundeck/ssl/truststore
chmod o-rwx * .
cd /etc/rundeck

vi framework.properties
------
framework.server.port = 4443
framework.server.url = https://vm01:4443
------

vi rundeck-config.properties
------
grails.serverURL=https://vm01:4443
------

vi profile
------
# SSL Configuration - Uncomment the following to enable.  Check SSL.properties for details.
export RDECK_JVM="$RDECK_JVM -Drundeck.ssl.config=/etc/rundeck/ssl/ssl.properties -Dserver.https.port=${RDECK_HTTPS_PORT}"
------
exit

firewall-cmd --permanent --add-port=4443/tcp
firewall-cmd --permanent --remove-port=4440/tcp
firewall-cmd --reload
systemctl start rundeckd


7 run replaced by rd

Here you find a workaround, to recreate it
vi /usr/local/bin/run
------
#!/bin/bash

# DO NOT FORGET TO FEED USER CREDENTIALS
# /var/lib/rundeck/.rd/rd.conf
# export RD_URL=https://rundeck:4443
# export RD_USER=admin
# export RD_PASSWORD=mysecret...
# export RD_INSECURE_SSL=true

source /var/lib/rundeck/.rd/rd.conf
export JAVA_HOME=$(ls -l /etc/alternatives/java | sed 's/.*-> //;s@/bin/java@@')
ARG="$(echo $* | sed 's/--keepgoing//g')"

/usr/bin/rd run $ARG
Retrieved from "http://www.bitbull.ch/wiki/index.php?title=Setup_Rundeck_on_CentOS_7&oldid=5393"