- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with rundeck
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
The rundeck puppet module for installing and managing Rundeck
This module provides a way to manage the installation and configuration of rundeck, it's projects, jobs and plugins.
The rundeck module primary class, guides the basic installation and management of rundeck on your system
Parameters within rundeck
:
Ensure the state of the rundeck package, either present, absent or a specific version
The method used to authenticate to Rundeck. Options: file, ldap, active_directory, ldap_shared, active_directory_shared. Default is file.
The template used for admin acl policy. Default is rundeck/aclpolicy.erb.
The template used for apitoken acl policy. Default is rundeck/aclpolicy.erb.
The path to the configuration directory where the properties file are stored.
The path to the directory to store logs.
The user that Rundeck is installed as.
The group that the Rundeck user is a member of.
The installation directory for Rundeck.
Web context path to use, such as "/rundeck". http://host.domain:port/server_web_context
Enable ssl for the Rundeck web application.
If ssl_enabled is True, you must supply this parameter. It is recommended that you provide the .crt and .key files separately via other means, such as a role or profile manifest.
How to: eg: environments/role/manifests/rundeck.pp
class role::rundeck (
...
$ssl_keyfile = hiera('rundeck::config::ssl_keyfile', "/etc/rundeck/ssl/$fqdn.key"),
$ssl_certfile = hiera('rundeck::config::ssl_certfile', "/etc/rundeck/ssl/$fqdn.crt"),
..
){
...
validate_string($ssl_keyfile)
validate_string($ssl_certfile)
...
class { 'rundeck':
...
ssl_keyfile => $ssl_keyfile,
ssl_certfile => $ssl_certfile,
...
}
...
}
Am End please add the module below to your environments/Puppetfile to use java_ks:
mod 'java_ks',
:git => 'https://github.com/puppetlabs/puppetlabs-java_ks.git',
:tag => '1.4.1'
Time limit (in minutes) for a logged in Rundeck web application user which as been inactive for a period of time.
The hash of projects in your instance.
The organization value that will be set by default for any projects.
The description that will be set by default for any projects.
The maximum number of threads used by Rundeck for concurrent jobs by default is set to 10.
The log4j logging level to be set for the Rundeck application.
Allows you to use your own profile template instead of the default from the package maintainer
Boolean value if set to true enables RSS feeds that are public (non-authenticated)
Boolean value if set to true enables cluster mode
The url used in sending email notifications.
A hash of the data Source configuration.
Full path to the java keystore to be used by Rundeck.
The password for the given keystore.
The default key password.
The full path to the java truststore to be used by Rundeck.
The password for the given truststore.
The name of the rundeck service.
A hash of the notification email configuraton.
A hash of the rundeck security configuration.
The name of the role that is required for all users to be allowed access.
Boolean value if set to true enables security_roles_array.
Array value if you want to have more role in web.xml
Whether to manage the bintray YUM/APT repository containing the Rundeck rpm/deb. Defaults to true.
The location of stored data like public keys, private keys.
A definition for creating custom acl policy files
An array containing ACL policies. See rundeck::params::acl_policies / rundeck::params::api_policies as an example.
The user that rundeck is installed as.
The group permission that rundeck is installed as.
The rundeck configuration directory.
A definition for installing rundeck plugins
Parameters within rundeck::config::plugin
:
The http source or local path from which to get the jar plugin.
Default set to 'present' and can be set to 'absent' to remove the plugin for the system.
Timeout in seconds. Default is set to 300 seconds which is the default for the Exec type.
A definition for managing rundeck projects
Parameters within rundeck::project
:
The type of proivder that will be used for copying files to each of the nodes
The type of provider that will be used to gather node resources
A hash of rundeck::config::resource_source that will be used to specifiy the node resources for this project
The path the the ssh key that will be used by the ssh/scp providers
The directory where rundeck is configured to store project information
The user that rundeck is installed as.
The group permission that rundeck is installed as.
A definition for managing the resource sources for a given project
Parameters within rundeck::resource_source
:
The name of the project for which this resource in intended to be a part.
The sequential number of the resource within the project.
The source type where resources will come from: file, directory, url or script.
Boolean value to decide whether or not to include the server node in your list of avaliable nodes.
The format of the resource that will procesed, either resourcexml or resourceyaml.
When the url source_type is specified this is the path to that url.
An integer value in seconds that rundeck will wait for resources from the url before timing out.
Boolean value. Keep a local cache of the resources pulled from the url.
When the directory source_type is specified this is the path to that directory.
When the script source_type is specified this is the path that that script.
A string of the full arguments to pass the the specified script.
Boolean value. Quote the arguments of the script.
The interpreter to use in executing the script. Defaults to: '/bin/bash'
The directory where rundeck is configured to store project information.
The user that rundeck is installed as.
The group permission that rundeck is installed as.
To perform LDAP authentication and file authorization see example examples/ldap_shared.pp
To use an external MySQL database, the database_config
hash must be set to
override the default values which result in a local file based storage. To
enable key
and project
storage in the database, you must also set the two
parameters associated parameters.
class { '::rundeck':
key_storage_type => 'db',
projects_storage_type => 'db',
database_config => {
'type' => 'mysql',
'url' => $db_url,
'username' => 'rundeck',
'password' => $db_pass,
'driverClassName' => 'com.mysql.jdbc.Driver',
}
}
rundeck
: Guides the basic installation of rundeck
rundeck::install
: Manages the installation of the rundeck packagesrundeck::service
: Manages the rundeck servicerundeck::config
: Manages all the global configuration of the rundeck applicationrundeck::config::global::framework
: Manage the configuration of shell tools and core rundeck servicesrundeck::config::global::project
: Managed the rundeck project configurationrundeck::config::global::rundeck_config
: Manages the rundeck webapp configuration filerundeck::config::global::ssl
: Manages the ssl configuration for the rundeck webapp
rundeck::config::aclpolicyfile
: Manages a acl policy filerundeck::config::plugin
: Manages the installation of rundeck pluginsrundeck::config::project
: Manages the configuration of rundeck projectsrundeck::config::resource_source
: Manages resource sources for each project
This module is tested on the following platforms:
- CentOS 5
- CentOS 6
- CentOS 7
- Ubuntu 12.04
- Ubuntu 14.04
It is tested with the OSS version of Puppet only.
Please read CONTRIBUTING.md for full details on contributing to this project.