Part 4.a: Rundeck on CentOS6


Update January 15th, 2012: work in progress…

 

Why rundeck?
Simply because I think it’s a great way to store, control, and verify the success of scripts. Check out some videos.

Download and Install Rundeck:
We’ll be building off a baseline minimal install of CentOS with NTP and DNS configured. We expect that it has network connectivity to the computers which it will target.

1) Install the rundeck yum repo and install rundeck:

rpm -Uvh http://repo.rundeck.org/latest.rpm 
yum -y install rundeck
chkconfig --list | grep rundeckd

2) Add a firewall rule for configuration purposes: [[ Later I’ll change this step to use the apache reverse proxy to proxy back to the java bound port for access to the web UI as I did with rhodecode ]]

vim /etc/sysconfig/iptables
#add the following where applicable:
## -A INPUT -m state --state NEW -m tcp -p tcp --dport 4440 -j ACCEPT
service iptables restart

3) Open the web UI via http://SERVERNAME:4440. Use the admin credentials out of the following two existing users:

user

password

admin

admin

user

user

4) After logging in you are prompted to create a “project.” A “project” contains a “resource model” which is a list of target hosts. You can then execute ad-hoc scripts/commands or jobs (collections of scripts/commands) against these hosts.

5) I have written a python script that queries an active directory based LDAP(S) server and outputs a resource model as XML. Access your server, download and “install” as follows:

mkdir /var/rundeck/resourcemodel
yum -y install python-ldap
curl https://gist.github.com/raw/4453803/ > /usr/lib/python2.6/ldaphelper.py #the location may be different
curl https://gist.github.com/raw/4455988/ > /var/rundeck/resourcemodel/ldap_resmodel.py
chmod +x /var/rundeck/resourcemodel/ldap_resmodel.py

Note the scope is always to include everything below the base DN (aka subtree), and to query for all objects who’s `objectClass` is `computer`.

6) Back in the web UI, enter the following info for the first test project:

Project Name: TEST
Resource Model Sources: Script (remember to click Save)
Script File Path: /var/rundeck/resourcemodel/ldap_resmodel.py
Arguments: -f -q -u USERNAME@domain.local -p 'USERNAME\'s\ password' -b 'OU=SiteContainer,DC=domain,DC=local' -e 'user' #(see /var/rundeck/resourcemodel/ldap_resmodel.py)
Resource Format: resourcexml
Default Node Executor: We will cover this more later when I write or find a Node Executor wrapper around some remote execution magic (whether that be the knife-windows gem, wmi, python wmi, some other winrm wrapper, some DCOM wrapper, who knows).  For now, configure this as Stub.
Default Node File Copier: Same situation as node executor.  For now, configure this as Stub.

… script currently produces “Script output was empty” which is strange.

Reference:

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: