[TOC]
What is Rundeck?
Rundeck is a free and open source software for automatically managing servers ( Linux , Windows and MacOS ) through scheduled jobs .
Rundeck is built around the idea of managing all servers in a computer network from one management server. Rundeck provides a web interface for performing these management tasks.
Rundeck is written in the Java programming language and distributed under the Apache Software 2.0 license.
Rundeck provides enterprise edition (commercial) and community edition (free) . Compared with Rundeck Community Edition, Rundeck Enterprise provides more functions, but you need to pay for it.
Rundeck features:
The core functions of Rundeck are:
- Web API
- Pluggable execution system (default is SSH)
- Distributed command execution
- Multi-step workflow
- Graphical web console for executing commands and jobs
- Role-based access control strategy
- Run jobs on demand or on schedule
- Command line interface tool
- History and audit log
Environmental specifications:
- CPU : 3.4 GHz (2 cores)
- RAM : 2 GB
- Storage space : 20 GB
- Operating system : CentOS 8.2
- Host name : rundeck.lianglab.cn
- IP address : 192.168.6.200/24
Step 1: Install the software upgrade on CentOS 8
Use the SSH tool to connect with rundeck.lianglab.cn as the root user .
Use the dnf command to upgrade all installed packages in CentOS 8.
[root@mariadb ~]# hostnamectl set-hostname rundeck.lianglab.cn
[root@mariadb ~]# dnf update -y
Dependencies resolved.
Nothing to do.
Complete!
Our CentOS 8 server is already up to date, so it has nothing to do with the Linux package manager.
Step 2: Install Java on CentOS 8
Rundeck is written in the Java programming language, so it needs JRE (Java Runtime Environment) to execute.
Therefore, we install OpenJDK on CentOS 8 in our standard yum repository as shown below.
[root@mariadb ~]# dnf install -y java-1.8.0-openjdk
...
Installed:
java-1.8.0-openjdk-1:1.8.0.252.b09-2.el8_1.x86_64
gtk2-2.24.32-4.el8.x86_64
alsa-lib-1.1.9-4.el8.x86_64
copy-jdk-configs-3.7-1.el8.noarch
fribidi-1.0.4-7.el8_1.x86_64
gdk-pixbuf2-modules-2.36.12-5.el8.x86_64
giflib-5.1.4-3.el8.x86_64
graphite2-1.3.10-10.el8.x86_64
gtk-update-icon-cache-3.22.30-4.el8.x86_64
harfbuzz-1.7.5-3.el8.x86_64
hicolor-icon-theme-0.17-2.el8.noarch
jasper-libs-2.0.14-4.el8.x86_64
java-1.8.0-openjdk-headless-1:1.8.0.252.b09-2.el8_1.x86_64
javapackages-filesystem-5.3.0-1.module_el8.0.0+11+5b8c10bd.noarch
jbigkit-libs-2.1-14.el8.x86_64
libX11-1.6.7-1.el8.x86_64
libX11-common-1.6.7-1.el8.noarch
libXau-1.0.8-13.el8.x86_64
libXcomposite-0.4.4-14.el8.x86_64
libXcursor-1.1.15-3.el8.x86_64
libXdamage-1.1.4-14.el8.x86_64
libXext-1.3.3-9.el8.x86_64
libXfixes-5.0.3-7.el8.x86_64
libXft-2.3.2-10.el8.x86_64
libXi-1.7.9-7.el8.x86_64
libXinerama-1.1.4-1.el8.x86_64
libXrandr-1.5.1-7.el8.x86_64
libXrender-0.9.10-7.el8.x86_64
pixman-0.36.0-1.el8.x86_64
ttmkfdir-3.0.9-54.el8.x86_64
tzdata-java-2019c-1.el8.noarch
xorg-x11-font-utils-1:7.5-40.el8.x86_64
xorg-x11-fonts-Type1-7.5-19.el8.noarch
avahi-libs-0.7-19.el8.x86_64
cups-libs-1:2.2.6-28.el8.x86_64
dejavu-fonts-common-2.35-6.el8.noarch
dejavu-sans-fonts-2.35-6.el8.noarch
fontconfig-2.13.1-3.el8.x86_64
fontpackages-filesystem-1.44-22.el8.noarch
gdk-pixbuf2-2.36.12-5.el8.x86_64
lksctp-tools-1.0.18-3.el8.x86_64
Complete!
To verify the installation of the Java Runtime Environment , check the version of the java command.
[root@rundeck ~]# java -version
openjdk version "11.0.9" 2020-10-20 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.9+11-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.9+11-LTS, mixed mode, sharing)
Step 3: Install Rundeck Yum repository on CentOS 8
The Rundeck software is distributed through its official yum repository. Therefore, we need to add Rundeck yum repository in CentOS 8 server.
Rundeck provides an RPM package to install yum repository on CentOS 8. Therefore, we use the dnf command to install.
[root@rundeck ~]# dnf install -y http://repo.rundeck.org/latest.rpm
Last metadata expiration check: 2:56:08 ago on Sun 27 Dec 2020 07:03:07 PM CST.
latest.rpm 1.8 kB/s | 3.0 kB 00:01
Dependencies resolved.
=====================================================================================================================
Package Architecture Version Repository Size
=====================================================================================================================
Installing:
rundeck-repo noarch 4-0 @commandline 3.0 k
Transaction Summary
=====================================================================================================================
Install 1 Package
Total size: 3.0 k
Installed size: 181
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : rundeck-repo-4-0.noarch 1/1
Verifying : rundeck-repo-4-0.noarch 1/1
Installed products updated.
Installed:
rundeck-repo-4-0.noarch
Complete!
Build a cache for Rundeck repo.
[root@rundeck ~]# dnf makecache
CentOS-8 - Base - mirrors.tongdun.cn 1.7 MB/s | 3.9 kB 00:00
CentOS-8 - Extras - mirrors.tongdun.cn 772 kB/s | 1.5 kB 00:00
CentOS-8 - AppStream - mirrors.tongdun.c 2.5 MB/s | 4.3 kB 00:00
MariaDB 4.4 kB/s | 2.9 kB 00:00
bintray--apache-couchdb-rpm 4.2 kB/s | 1.3 kB 00:00
Extra Packages for Enterprise Linux 8 - 3.0 MB/s | 4.7 kB 00:00
Extra Packages for Enterprise Linux 8 - 1.5 MB/s | 3.0 kB 00:00
Extra Packages for Enterprise Linux 8 - 1.8 MB/s | 3.5 kB 00:00
Rundeck - Release 1.1 kB/s | 1.3 kB 00:01
Metadata cache created.
[root@rundeck ~]#
Rundeck yum repository is installed.
Seven
Step 4: Install RunDeck on CentOS 8
Now, we can install the Rundeck software using the dnf command.
[root@rundeck ~]# dnf install -y rundeck
Last metadata expiration check: 0:00:53 ago on Sun 27 Dec 2020 10:00:45 PM CST.
Dependencies resolved.
=========================================================================
Package Arch Version Repository Size
=========================================================================
Installing:
rundeck noarch 3.3.7.20201208-1 rundeck-release-bintray 172 M
Transaction Summary
=========================================================================
Install 1 Package
Total download size: 172 M
Installed size: 185 M
Downloading Packages:
rundeck-3.3.7.20201208-1.noarch.rpm 10 MB/s | 172 MB 00:16
-------------------------------------------------------------------------
Total 10 MB/s | 172 MB 00:16
warning: /var/cache/dnf/rundeck-release-bintray-330204ab97cd1651/packages/rundeck-3.3.7.20201208-1.noarch.rpm: Header V3 RSA/SHA1 Signature, key ID e2d1065b: NOKEY
Rundeck - Release 1.7 kB/s | 3.1 kB 00:01
Importing GPG key 0xE2D1065B:
Userid : "Rundeck Build (automated builds) <[email protected]>"
Fingerprint: 85E9 DBC7 4FCB 329E DEDA DD2E 9077 0E1B E2D1 065B
From : http://rundeck.org/keys/BUILD-GPG-KEY-Rundeck.org.key
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Running scriptlet: rundeck-3.3.7.20201208-1.noarch 1/1
Preparing : 1/1
Running scriptlet: rundeck-3.3.7.20201208-1.noarch 1/1
Installing : rundeck-3.3.7.20201208-1.noarch 1/1
Running scriptlet: rundeck-3.3.7.20201208-1.noarch 1/1
Verifying : rundeck-3.3.7.20201208-1.noarch 1/1
Installed products updated.
Installed:
rundeck-3.3.7.20201208-1.noarch
Complete!
Start and set up the self-starting rundeckd service
[root@rundeck ~]# systemctl enable --now rundeckd.service
rundeckd.service is not a native service, redirecting to systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable rundeckd
View the status of the rundeckd service and service listening port information
[root@rundeck ~]# systemctl start rundeckd.service
[root@rundeck ~]# systemctl status rundeckd.service
● rundeckd.service - SYSV: rundeckd, providing rundeckd
Loaded: loaded (/etc/rc.d/init.d/rundeckd; generated)
Active: active (running) since Sun 2020-12-27 22:05:33 CST; 1s ago
Docs: man:systemd-sysv-generator(8)
Process: 140032 ExecStart=/etc/rc.d/init.d/rundeckd start (code=exited, status=0/SUCCESS)
Main PID: 140042 (runuser)
Tasks: 0 (limit: 49642)
Memory: 2.0M
CGroup: /system.slice/rundeckd.service
‣ 140042 runuser -s /bin/bash -l rundeck -c java -Drundeck.jaaslogin=true >
Dec 27 22:05:33 rundeck.lianglab.cn systemd[1]: Starting SYSV: rundeckd, providing rundeckd.>
Dec 27 22:05:33 rundeck.lianglab.cn rundeckd[140032]: Starting rundeckd: [ OK ]
Dec 27 22:05:33 rundeck.lianglab.cn systemd[1]: Started SYSV: rundeckd, providing rundeckd.
lines 1-14/14 (END)
[root@rundeck ~]# netstat -anptl | grep 4440
tcp 0 0 0.0.0.0:4440 0.0.0.0:* LISTEN 140074/java
Rundeck service port: 4440 is allowed in the CentOS firewall .
[root@rundeck ~]# firewall-cmd --permanent --add-port=4440/tcp
success
[root@rundeck ~]# firewall-cmd --reload
success
If you access the Rundeck Web interface from another computer, some errors may occur. To solve this problem, we need to edit the Rundeck configuration file.
[root@rundeck-01 ~]# vi /etc/rundeck/rundeck-config.properties
Find and update the grails.serverURL parameter as shown below.
修改之前
grails.serverURL=http://localhost:4440
修改之后
grails.serverURL=http://192.168.6.200:4440
Restart the rundeckd service to reload the process with the new configuration.
[root@rundeck ~]# systemctl restart rundeckd.service
[root@rundeck ~]# systemctl status rundeckd.service
● rundeckd.service - SYSV: rundeckd, providing rundeckd
Loaded: loaded (/etc/rc.d/init.d/rundeckd; generated)
Active: active (running) since Sun 2020-12-27 22:12:07 CST; 20s ago
Docs: man:systemd-sysv-generator(8)
Process: 140813 ExecStop=/etc/rc.d/init.d/rundeckd stop (code=exited, status=0/SUCCESS)
Process: 140848 ExecStart=/etc/rc.d/init.d/rundeckd start (code=exited, status=0/SUCCESS)
Main PID: 140858 (runuser)
Tasks: 0 (limit: 49642)
Memory: 1.9M
CGroup: /system.slice/rundeckd.service
‣ 140858 runuser -s /bin/bash -l rundeck -c java -Drundeck.jaaslogin=true >
Dec 27 22:12:07 rundeck.lianglab.cn systemd[1]: Starting SYSV: rundeckd, providing rundeckd.>
Dec 27 22:12:07 rundeck.lianglab.cn rundeckd[140848]: Starting rundeckd: [ OK ]
Step 5: Rundeck configures the MySQL database backend
By default, Rundeck uses the H2 database as its repository. However, it is not recommended to use H2 database in a production environment . Therefore, we configured MySQL as Rundeck 's database backend.
[1] Connect to the MySQL database server. If you do not have a running MySQL database server, you need CentOS 8.2 to deploy MariaDB 10.5.3 database service .
[root@rundeck ~]# mysql -u root -plianglab@123
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 10.5.8-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
[2] Create a database for Rundeck server.
MariaDB [(none)]> create database rundeck;
Query OK, 1 row affected (0.001 sec)
[3] Create a database user and grant the privileges required by the Rundeck database.
MariaDB [(none)]> grant ALL on rundeck.* to 'rundeckuser'@'localhost' identified by 'lianglab123';
Query OK, 0 rows affected (0.001 sec)
[4] Reload the privilege table.
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.001 sec)
Exit from MySQL Shell.
MariaDB [(none)]> exit
Bye
[5] Now edit the Rundeck configuration file.
[root@rundeck-01 ~]# vi /etc/rundeck/rundeck-config.properties
[6] Find and update the following parameters in this file. (If you can't find any parameters, please add them)
修改前
# change hostname here
grails.serverURL=http://192.168.6.200:4440
dataSource.dbCreate = update
dataSource.url = jdbc:h2:file:/var/lib/rundeck/data/rundeckdb;MVCC=true
修改后
# change hostname here
grails.serverURL=http://192.168.6.200:4440
dataSource.dbCreate = update
#dataSource.url = jdbc:h2:file:/var/lib/rundeck/data/rundeckdb;MVCC=true
dataSource.url = jdbc:mysql://192.168.6.200/rundeck?autoReconnect=true
dataSource.username=rundeckuser
dataSource.password=lianglab123
dataSource.driverClassName=com.mysql.jdbc.Driver
[7] Restart the rundeckd service to apply the changes.
[root@rundeck ~]# systemctl restart rundeckd.service
[root@rundeck ~]# systemctl status rundeckd.service
● rundeckd.service - SYSV: rundeckd, providing rundeckd
Loaded: loaded (/etc/rc.d/init.d/rundeckd; generated)
Active: active (running) since Sun 2020-12-27 22:22:50 CST; 9s ago
Docs: man:systemd-sysv-generator(8)
Process: 141411 ExecStop=/etc/rc.d/init.d/rundeckd stop (code=exited, status=0/SUCCESS)
Process: 141451 ExecStart=/etc/rc.d/init.d/rundeckd start (code=exited, status=0/SUCCESS)
Main PID: 141461 (runuser)
Tasks: 0 (limit: 49642)
Memory: 1.9M
CGroup: /system.slice/rundeckd.service
‣ 141461 runuser -s /bin/bash -l rundeck -c java -Drundeck.jaaslogin=true >
Dec 27 22:22:50 rundeck.lianglab.cn systemd[1]: Starting SYSV: rundeckd, providing rundeckd.>
Dec 27 22:22:50 rundeck.lianglab.cn rundeckd[141451]: Starting rundeckd: [ OK ]
[8] If you have trouble starting the rundeckd service, you should look for errors in the Rundeck log file in the /var/log/rundeck/ directory.
[2020-12-27T22:54:48,841] ERROR pool.ConnectionPool [main] - Unable to create initial connections of pool.
java.sql.SQLException: Unable to load class: com.mysql.jdbc.Driver from ClassLoader:org.springframework.boot.loader.LaunchedURLClassLoader@7a07c5b4;ClassLoader:org.springframework.boot.loader.LaunchedURLClassLoader@7a07c5b4
配置rundeck配置文件使其连接数据库
vim /etc/rundeck/rundeck-config.properties
grails.serverURL=http://192.168.6.200:4440
dataSource.dbCreate = update
#dataSource.url = jdbc:h2:file:/var/lib/rundeck/data/rundeckdb;MVCC=true
dataSource.url = jdbc:mysql://192.168.6.200:3306/rundeck?autoReconnect=true&useSSL=false
dataSource.username=rundeckuser
dataSource.password=lianglab123
dataSource.driverClassName=com.mysql.jdbc.Driver
[root@rundeck ~]# systemctl restart rundeckd.service
查看rundeck日志
tailf /var/log/rundeck/service.log
Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
解决:
vim /etc/my.cnf
[mysqld]
wait_timeout=31536000
interactive_timeout=31536000
重启生效,需要同时修改这两个参数
【9】Log view
[root@rundeck ~]# ls -alt /var/log/rundeck/
total 3084
-rw-r--r--. 1 rundeck rundeck 1569895 Dec 27 22:23 rundeck.log
-rw-rw-r--. 1 root root 1573703 Dec 27 22:23 service.log
drwxrwxr-x. 2 rundeck rundeck 4096 Dec 27 22:05 .
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.executions.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.options.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.audit.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.jobs.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.cleanup.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.webhooks.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.api.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.storage.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.project.log
-rw-r--r--. 1 rundeck rundeck 0 Dec 27 22:05 rundeck.access.log
drwxr-xr-x. 21 root root 4096 Dec 27 22:02 ..
Step 6: Create your first Rundeck project
Browse the URL http://192.168.6.200:4440 in a browser such as [Google Chrome .
Use the default username: admin and password: admin to log in to the Rundeck web interface .
Click the New Project+ button to create a new project.
Fill in the necessary details about the project and click Create.
Our project has been created and is now on the " Edit Node" page.
You may find that a node "Local" has been added to the Rundeck list . This is our Rundeck server computer, which will be automatically added when creating this project.
Step 7: Create a new Job
I create a new shell.sh under this path under Linux: /opt/shell, and grant execution permissions. The script content:
[root@rundeck shell]# vi shell.sh
[root@rundeck shell]# cat shell.sh
#!/bin/bash
date
uptime
[root@rundeck shell]# chmod 755 shell.sh
[1] Create our task
[2] Select a local URL path, enter the file path and click to save
[3] Rundeck's timing scheduling
[4] We can view the real-time task running interface at the ACTIVITY location:
Our Rundeck server has been successfully installed and configured. For information on using the Rundeck web interface, refer to the Rundeck documentation .