发表新帖
发表新帖

Add a remote node in rundeck

后端 未结
关注
3 1267
别那么骄傲
别那么骄傲 2020-12-15 14:00

I want to be able to execute shell commands on remote nodes using Rundeck and I found this video that explains how to do that but I don\'t understand the private-key part an

相关标签:
3条回答
  • 逝去的感伤
    2020-12-15 14:41

    In my case I had a passpharse in my private key. Make sure your private key passpharse is empty.

    0 讨论(0)
  • 不思量自难忘°
    2020-12-15 14:51

    Rundeck host server connects to the node by means of private key authentication which is exactly similar to SSH private key authentication. Follow these steps to add a node to your server rundeck.

    Open up the resources.xml file and add the following.

    <node name="rundeck node2" description="Rundeck node2" tags="node2" hostname="10.1.0.1" osArch="amd64" osFamily="unix" osName="Linux" osVersion="3.11.10-03111015-generic" username="leo" ssh-keypath="/var/lib/rundeck/node2.key"/>

    You can change the SSH user name in node and private key file name. In addition to that, you can change all the other naming parameters too like node name and tags etc.

    Now get into your node server.

    1. Create a ssh user, here its leo
    2. switch to user leo. Generate a SSH key
    3. ssh-keygen
    4. Append the public key to authorized_keys
    5. leo@c1a5f48a6c4c:~/.ssh$ pwd /home/leo/.ssh leo@c1a5f48a6c4c:~/.ssh$ cat id_rsa.pub >> authorized_keys leo@c1a5f48a6c4c:~/.ssh$ chmod g-w authorized_keys
    6. Copy the private key
    7. leo@c1a5f48a6c4c:~/.ssh$ cat id_rsa

    Save the private key to the file "/var/lib/rundeck/node2.key" on rundeck host. Now the authentication is okay and ready to execute adhoc commands from rundeck dashboard

    0 讨论(0)
  • 谎友^
    2020-12-15 15:03

    Documentation is fairly all over the place with different versions having different keywords and there being no warnings in case you are using the wrong one.

    The relevant documentation is here: https://docs.rundeck.com/2.11.3/plugins-user-guide/ssh-plugins.html

    You need to specify:

    ssh-authentication: privateKey

    ...and:

    ssh-keypath: /path/directly/to/.ssh/id_rsa

    (Assuming you are using filesystem key storage.)

    Remove passphrase from your keys with:

    ssh-keygen -p -m PEM -f /path/to/your/.ssh/id_rsa

    ...and do not forget to mke sure the id_rsa file is owned by rundeck and has suitably restricted permissions.

    0 讨论(0)
 看不清?
提交回复
热议问题