在 rundeck 中添加远程节点
[英]Add a remote node in rundeck
问题描述
I want to be able to execute shell commands on remote nodes using Rundeck and I found this video that explains how to do that but I don't understand the private-key part and how to configure it.
我希望能够使用 Rundeck 在远程节点上执行 shell 命令,我发现这个视频解释了如何做到这一点,但我不了解私钥部分以及如何配置它。 I keep getting the following error:我不断收到以下错误:
Authentication failure connecting to node: "test-001".
I have a remote server set up and I configured the resource.xml file like the following:我设置了一个远程服务器,我配置了 resource.xml 文件,如下所示:
<node name="test-001" description="demo for test" tags="demo" hostname="10.10.10.10:22" osFamily="unix" osName="Linux" osVersion="2.6.32" username="demo" />
Do I need to add the ssh-key value to the xml file?我是否需要将ssh-key值添加到 xml 文件中? If so, do I have to copy the public or private keys from the Rundeck server to the host server?如果是这样,我是否必须将公钥或私钥从 Rundeck 服务器复制到主机服务器?
Also, the username demo has a password too, so how can I define it?另外,用户名 demo 也有密码,那么我该如何定义呢?
3 个解决方案
解决方案1
16 已采纳 2016-03-28 12:25:03
Rundeck host server connects to the node by means of private key authentication which is exactly similar to SSH private key authentication. Rundeck 主机服务器通过私钥认证的方式连接到节点,这与 SSH 私钥认证完全相似。 Follow these steps to add a node to your server rundeck.按照以下步骤将节点添加到您的服务器 rundeck。
Open up the resources.xml file and add the following.打开 resources.xml 文件并添加以下内容。
<node name="rundeck node2" description="Rundeck node2" tags="node2" hostname="10.1.0.1" osArch="amd64" osFamily="unix" osName="Linux" osVersion="3.11.10-03111015-generic" username="leo" ssh-keypath="/var/lib/rundeck/node2.key"/>
You can change the SSH user name in node and private key file name.您可以更改节点中的 SSH 用户名和私钥文件名。 In addition to that, you can change all the other naming parameters too like node name and tags etc.除此之外,您还可以更改所有其他命名参数,例如节点名称和标签等。
Now get into your node server.现在进入您的节点服务器。
- Create a ssh user, here its leo创建一个 ssh 用户,这里是 leo
- switch to user leo.切换到用户 leo。 Generate a SSH key生成 SSH 密钥
- ssh-keygen ssh-keygen
- Append the public key to authorized_keys将公钥附加到authorized_keys
-
leo@c1a5f48a6c4c:~/.ssh$ pwd /home/leo/.ssh leo@c1a5f48a6c4c:~/.ssh$ cat id_rsa.pub >> authorized_keys leo@c1a5f48a6c4c:~/.ssh$ chmod gw authorized_keys - Copy the private key复制私钥
leo@c1a5f48a6c4c:~/.ssh$ cat id_rsa
Save the private key to the file "/var/lib/rundeck/node2.key" on rundeck host.将私钥保存到 rundeck 主机上的文件“/var/lib/rundeck/node2.key”。 Now the authentication is okay and ready to execute adhoc commands from rundeck dashboard现在身份验证正常,可以从 rundeck 仪表板执行临时命令
解决方案2
1 2020-06-26 12:13:02
Documentation is fairly all over the place with different versions having different keywords and there being no warnings in case you are using the wrong one.文档随处可见,不同的版本有不同的关键字,如果您使用了错误的关键字,则不会有任何警告。
The relevant documentation is here: https://docs.rundeck.com/2.11.3/plugins-user-guide/ssh-plugins.html相关文档在这里: https : //docs.rundeck.com/2.11.3/plugins-user-guide/ssh-plugins.html
You need to specify:您需要指定:
ssh-authentication: privateKey
...and: ...和:
ssh-keypath: /path/directly/to/.ssh/id_rsa
(Assuming you are using filesystem key storage.) (假设您正在使用文件系统密钥存储。)
Remove passphrase from your keys with:使用以下命令从您的密钥中删除密码:
ssh-keygen -p -m PEM -f /path/to/your/.ssh/id_rsa
...and do not forget to mke sure the id_rsa file is owned by rundeck and has suitably restricted permissions. ...并且不要忘记确保 id_rsa 文件归 rundeck 所有并且具有适当限制的权限。
解决方案3
0 2019-03-19 07:20:34
In my case I had a passpharse in my private key.就我而言,我的私钥中有一个密码。 Make sure your private key passpharse is empty.确保您的私钥密码为空。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.