RunDeck

1. Rundeck Introduction and use cases Vincent Behar <vincent@behar.name> Bruno Bonﬁls <asyd@asyd.net>jeudi 10 mars 2011

2. Rundeck?jeudi 10 mars 2011

3. What? • Job automation • Job schedulingjeudi 10 mars 2011

4. How? • Connect to nodes and execute a script/command • SSH (private key) • WebUI (Grails) • CLIjeudi 10 mars 2011

5. The conﬁguration • One instance can handle multiple projects • Per project: • one XML ﬁle describe all available nodes • osArch, osFamily, tags • one XML per jobjeudi 10 mars 2011

6. A node resource sample <node name="asuka" type="Node" description="xen dom0" tags="xen" hostname="asuka.asyd.net" osArch="amd64" osFamily="unix" osName="Linux" osVersion="2.6.32-5-xen-amd64" username="asyd"/>jeudi 10 mars 2011

7. A job sample[..] <name>www.rtl.fr</name> <group>lab/webapps/deploy</group> <context> <project>rtlnet</project> <options> <option name=version value=LATEST enforcedvalues=true required=true valuesUrl=http://..../ /> </options> </context> <sequence threadcount=1 keepgoing=false strategy=node-first> <command> <exec>cp /repository/${option.version} $CATALINA_HOME/webapps</exec> </command> </sequence> node-first: execute toute les commandes sur un node <nodefilters> avant de passer au node suivant <include> <tags>lab</tags> </include> step-first: execute la premiere sur chaque node </nodefilters> avant d’executer la commande suivante <dispatch> <threadcount>2</threadcount> <keepgoing>true</keepgoing> </dispatch> [..]jeudi 10 mars 2011

8. Model providers • Rundeck can use remote URL to get • the list of nodes (resource model provider) (XML) • already available: Amazon EC2, Puppet, Chef • the list of available options for a speciﬁc job (option model provider) (JSON) • Jenkins, Nexusjeudi 10 mars 2011

9. Access control • Users are authenticated via JAAS (LDAP, flat file, etc.) • Access control can be defined via policies • Rules by project, group, jobjeudi 10 mars 2011

10. Limitations of 1.1 • Only one private key (w/o passphrase) for all nodes • No ofﬁcial remote API (REST in 1.2) • Basic notiﬁcations by email (will extended in 1.3)jeudi 10 mars 2011

11. Real case @RTLjeudi 10 mars 2011

12. Background • Technologies: Java, Tomcat, SQL • CI with Jenkins • Artifacts managed by Nexus •A test environnment •A production environmentjeudi 10 mars 2011

13. 0-click deployjeudi 10 mars 2011

14. Success story • One click deployment • Automated and reproductible deployment • The test environment is always the HEAD • The production deployment process is exactly the same as the test • More small deployments in production (less risky) • Easy rollback in productionjeudi 10 mars 2011

RunDeck

Bruno Bonfils

RunDeck