Part 4.a: Rundeck on CentOS6
Simply because I think it’s a great way to store, control, and verify the success of scripts. Check out some videos.
Download and Install Rundeck:
We’ll be building off a baseline minimal install of CentOS with NTP and DNS configured. We expect that it has network connectivity to the computers which it will target.
1) Install the rundeck yum repo and install rundeck:
rpm -Uvh http://repo.rundeck.org/latest.rpm yum -y install rundeck chkconfig --list | grep rundeckd
2) Add a firewall rule for configuration purposes: [[ Later I’ll change this step to use the apache reverse proxy to proxy back to the java bound port for access to the web UI as I did with rhodecode ]]
vim /etc/sysconfig/iptables #add the following where applicable: ## -A INPUT -m state --state NEW -m tcp -p tcp --dport 4440 -j ACCEPT service iptables restart
3) Open the web UI via http://SERVERNAME:4440. Use the admin credentials out of the following two existing users:
4) After logging in you are prompted to create a “project.” A “project” contains a “resource model” which is a list of target hosts. You can then execute ad-hoc scripts/commands or jobs (collections of scripts/commands) against these hosts.
5) I have written a python script that queries an active directory based LDAP(S) server and outputs a resource model as XML. Access your server, download and “install” as follows:
mkdir /var/rundeck/resourcemodel yum -y install python-ldap curl https://gist.github.com/raw/4453803/ > /usr/lib/python2.6/ldaphelper.py #the location may be different curl https://gist.github.com/raw/4455988/ > /var/rundeck/resourcemodel/ldap_resmodel.py chmod +x /var/rundeck/resourcemodel/ldap_resmodel.py
Note the scope is always to include everything below the base DN (aka subtree), and to query for all objects who’s `objectClass` is `computer`.
6) Back in the web UI, enter the following info for the first test project:
Project Name: TEST Resource Model Sources: Script (remember to click Save) Script File Path: /var/rundeck/resourcemodel/ldap_resmodel.py Arguments: -f -q -u USERNAME@domain.local -p 'USERNAME\'s\ password' -b 'OU=SiteContainer,DC=domain,DC=local' -e 'user' #(see /var/rundeck/resourcemodel/ldap_resmodel.py) Resource Format: resourcexml Default Node Executor: We will cover this more later when I write or find a Node Executor wrapper around some remote execution magic (whether that be the knife-windows gem, wmi, python wmi, some other winrm wrapper, some DCOM wrapper, who knows). For now, configure this as Stub. Default Node File Copier: Same situation as node executor. For now, configure this as Stub.
… script currently produces “Script output was empty” which is strange.