Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Rundeck: The missing tool

4,231 views

Published on

Brief introduction about Rundeck.

Present in Devops Dublin Meetup.

Published in: Technology
  • Sex in your area is here: ♥♥♥ http://bit.ly/2Q98JRS ♥♥♥
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Dating for everyone is here: ♥♥♥ http://bit.ly/2Q98JRS ♥♥♥
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Rundeck: The missing tool

  1. 1. The missing tool Artur Martins
 (@arturmartins) Devops Dublin Meetup III
 8th July 2015
  2. 2. WHO AM I? • Name:Artur Martins (@arturmartins on twitter) • Senior Systems Engineer at • Using rundeck since April 2014 • I
  3. 3. WHAT IS RUNDECK • Operations Web Dashboard (and a REST API as well) • fine-grain access controls • builtin-job scheduler • jobs can have multiple sequence steps and corresponde error handling • ability to define workflows (coordinated sequences commands and scripts or jobs)
  4. 4. FEATURES • Import Node info from chef, puppet, amazon ec2, salt or make your own CMDB/node list. • Run multiple jobs or workflows in parallel • Follow job executions running (distributed tail -f) • Trigger 3rd parties using email or webhook • Plugins available: 
 JIRA, PagerDuty, Slack, HipChat, Redmine, Puppet, salt, nexus, jenkins, chef, Nexus,AWS EC2 Nodes, Kerberos, IRC, Jabber,AWS S3
  5. 5. BENEFITS • Formalisation of your IT Ops procedures • Safely enable Self-service dashboard • Visibility,Accountability, Logging
  6. 6. INFRASTRUCTURE source: http://rundeck.org/docs/administration/installation.html
  7. 7. DEV / OPS source: http://rundeck.org/news/2014/01/08/Jenkins-is-for-development-Rundeck-is-for-operations.html
  8. 8. source: http://blog.mattcallanan.net/2013_03_01_archive.html
  9. 9. OK, I GET IT…
  10. 10. TAXONOMY • Job - sequence of one or more commands or scripts • Workflow - sequence of one of more jobs • Node - a resource accessible through SSH
  11. 11. INSTALL / UPGRADE • Requirements:
 Java 1.7+ (Both Open JDK and Sun/Oracle)
 JAVA_HOME env var defined • Debian/Ubuntu scenario: version='2.5.2' wget http://dl.bintray.com/rundeck/rundeck-deb/rundeck-$ {version}-1-GA.deb sudo dpkg -i rundeck-${version}-1-GA.deb
  12. 12. INSTALL ADVICE • Install webserver (apache/nginx) and set a reverse proxy • Authentication should always be under HTTPS, right?
  13. 13. REMOTE NODES SETUP • Create (at least) one SSH account (depends on context) • Add ssh pub key • Add whitelist sudo permissions /etc/sudoers.d/$ {user} if administration are needed

  14. 14. POST INSTALL CONFIG • realm.properties (add a rundeck user)
 admin:admin,user,admin,architect,deploy,build
 user:password,user,role1,role2,role3 • project.properties
 project.organization = “Your company" • framework.properties
 general framework configs. • rundeck-config.properties
 grails.serverURL=http://rundeck.yourcompany.com
 dataSource.url=jdbc:(set your database jdbc connection string here)
  15. 15. NODE DEFINITION Rundeck also supports resources definition inYML <node name="app1"> <!-- Rundeck node attributes --> <attribute name="hostname" value="192.168.50.30"/> <attribute name="username" value="rundeckops"/> <attribute name="tags" value="demo,testing"/> <attribute name="description" value="Ubuntu server"/> <attribute name="osName" value="Ubuntu"/> <attribute name="osVersion" value=“14.04 LTS 64bit"/> <attribute name="osFamily" value="unix"/> <!-- Rundeck SSH related attributes --> <attribute name="ssh-key-storage-path" value="path/to/id_rsa"/> <!-- Custom attributes --> <attribute name="group" value="other"/> <attribute name="datacenter" value="CA,USA"/> <attribute name="osCodename" value="trusty"/> <attribute name="rdnsName" value="app1.example.com"/> <attribute name="provider" value="digitalocean"/> </node>
  16. 16. DEMO Demos always work if you useVAGRANT … or maybe not :)
  17. 17. CAVEATS • Some characters in password field might cause authentication to fail (/ etc/rundeck/realm.proprieties) • Assure no spaces a the end of a value in any /etc/rundeck/* config files • Node filter is tricky if you want to select different nodes by multiple parameters.Workaround: regex all the way. • Be aware of rundeck rules for quotes escaping for commands:
 http://rundeck.org/docs/manual/jobs.html#quoting-arguments-to-steps
  18. 18. FURTHER READING • http://rundeck.org/docs/ • https://github.com/rundeck/rundeck • http://www.slideshare.net/dev2ops/rundecks-history-and-future • http://lanyrd.com/2012/chefconf/stkdz/ • http://blog.mattcallanan.net/2013_03_01_archive.html • http://www.slideshare.net/dev2ops/nexus-live-1 • Mailing-list: https://groups.google.com/forum/#!forum/rundeck-discuss • IRC: #rundeck at freenode.
  19. 19. QUESTIONS? myself=‘arturmartins’ @{myself} {myself}@gmail.comie.linkedin.com/in/{myself} plus.google.com/+{myself}1

×