Testing Rundeck (in vagrant)

Rundeck is a tool to help manage/audit/log what you execute against servers http://rundeck.org.

In there words:

Human interface to your operations. Rundeck features fine-grain access controls, a built-in job scheduler, and the ability to define workflows that dispatch commands and scripts to your nodes

There is a github project that provides this out of the box here https://github.com/rundeck/anvils-demo
But I like to go through all setup steps so I understand the process which can be found below

Make your vagrant boxes (CentOS7)

Here we will create a vagrant setup to load up 2 machines, 1 for RunDeck and one as an application server.

Create a new Vagrantfile in a folder on your computer

vagrant up

You now have 2 machines running, both centOS7 boxes called rundeck and app1

Lets check that the rundeck server can see the app1 server

vagrant ssh rundeck
ssh vagrant@

password is vagrant
If you don’t get any errors then we can successfully access the app1 machine from the rundeck machine.
exit out of this box so you are now back in the rundeck machine

Setup RunDeck

(check the latest RPM version from http://rundeck.org/downloads.html)

vagrant ssh rundeck
sudo su
yum install java-1.7.0
rpm -Uvh http://repo.rundeck.org/latest.rpm
yum install rundeck
service rundeckd start

Now we can go to a browser to view the UI console

admin/admin is the default username/password for access

So we now have a RunDeck instance running we should try testing this
Create a new project
Project name: App1Server
Description: App1 server management
In Default Node File copier change SSH Key File path to /home/vagrant/.ssh/id_rsa
Click Create

Adding a Node

Click on commands tab (as it create the resources.xml file it seems at this point)
inside your rundeck machine

vi /var/rundeck/projects/App1Server/etc/resources.xml

Add to this file

<node name="App1" description="Application Server 1" tags="" hostname="" osArch="amd64" osFamily="unix" osName="Linux" osVersion="3.10.0-327.22.2.el7.x86_64" username="vagrant" />

so it looks like

Pass public key to App1

cat /var/lib/rundeck/.ssh/id_rsa.pub | ssh vagrant@ 'cat >> .ssh/authorized_keys'

password still is vagrant

Test a RunDeck command

Go to Commands in the navigation when in the App1Server project
Nodes: App1 and press search
Command: df -h
Run on App1 Node

You should now see the filesystem paths and sizes proving that RunDeck can now execute the on App1 machine

RunDeck Jobs

Lets run through a couple of Example Jobs

Pass a file to a server

In your rundeck machine lets create a file

vagrant ssh rundeck
cd /tmp
wget http://v4-alpha.getbootstrap.com/examples/jumbotron/ -O index.html

And allow the /srv path to be writable by the vagrant user

vagrant ssh app1
sudo chown vagrant:vagrant /srv

Click on Jobs in the navigation
Create a new Job
Job name: Add codebase
Description: Add website code to server
Workflow -> Add Step -> Copy File
Source Path: /home/vagrant/index.html
Destination Path: /srv/index.html
Step Description: Copying files to server
Tick Dispatch to Nodes
Node Filter
Run Job Now

You should now see this run successfully placing a file from the rundeck server to app1

Execute a command on a server – nginx setup and start

Click on Jobs in the navigation
Create a new Job
Job name: Setup Nginx
Description: Setup nginx to provide webpages
Workflow -> Add Step -> Command
Command: sudo yum -y install epel-release
Step description: Install epel
Add a step -> Command
Command: sudo yum -y install nginx
Step description: Install nginx
Add a step -> Command
Command: sudo systemctl start nginx
Step description: Start nginx
Add a step -> Command
Command: sudo systemctl enable nginx
Step description: Setting autostart for nginx
Add a step -> Command
Command: sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf_bak && sudo sed -i s/”\/usr\/share\/nginx\/html”/”\/srv”/g /etc/nginx/nginx.conf
Step description: Point to new default site
Add a step -> Command
Command: sudo systemctl restart nginx
Step description: Restart nginx

Tick Dispatch to Nodes
Node Filter

If no errors are thrown then you should be able to go to your browser
and see the bootstrap default page


Other areas to look at

API availability

Command line tools

If using for production you need to consider:

Backups http://rundeck.org/docs/administration/backup-and-recovery.html
Changing to a stronger database http://rundeck.org/docs/administration/setting-up-an-rdb-datasource.html
ACLs http://rundeck.org/docs/administration/access-control-policy.html
Running on SSL http://rundeck.org/docs/administration/configuring-ssl.html
Monitoring http://rundeck.org/docs/administration/scaling-rundeck.html#health-check

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *