堆栈内存溢出
  简体   繁体   English

Rundeck SSH 执行

[英]Rundeck SSH Execution

 原文  2021-10-27 08:39:23       rundeck

问题描述

We've setup Rundeck community but have some questions regarding SSH execution.我们已经建立了 Rundeck 社区,但对 SSH 执行有一些疑问。

From what I can see it looks like the user who executes the job is configured at the project level and there is no way to change that at a per job per level.从我所见,执行作业的用户似乎是在项目级别配置的,并且无法在每个级别的每个作业中更改它。

We want to be able to login to Rundeck using our AD credentials (currently working) and run jobs as our individual user id's, is this possible or not?我们希望能够使用我们的 AD 凭据(当前有效)登录 Rundeck 并以我们的个人用户 ID 运行作业,这可能吗?

Thanks谢谢

1 个解决方案

解决方案1
 0  2021-10-27 13:04:18

It's possible to use a job level authentication in Rundeck, and it's possible to use the user name as an SSH user (of course the SSH server must be configured with that user to access it).在 Rundeck 中可以使用作业级别的身份验证,并且可以使用用户名作为 SSH 用户(当然 SSH 服务器必须配置有该用户才能访问它)。

I made a XML entry node example:我做了一个 XML 入口节点示例:

  <node name="node00" 
        description="Node 00" 
        tags="mytag" 
        hostname="192.168.33.20" 
        osArch="amd64" 
        osFamily="unix" 
        osName="Linux" 
        osVersion="3.10.0-1062.4.1.el7.x86_64"   
        username="${job.username}" 
        ssh-authentication="password" 
        ssh-password-option="option.sshPassword1"/>

If you check carefully, you can see the username attribute is set with ${job.username} , this is a context variable that gets the current username (from, LDAP, AD or realm.properties file), you can see all Rundeck context variables here .如果仔细检查,您可以看到username属性设置为${job.username} ,这是一个获取当前用户名的上下文变量(来自 LDAP、AD 或realm.properties文件),您可以看到所有 Rundeck 上下文变量在这里

This example uses a secure option to pass the password and achieve the SSH authentication, this option is called sshPassword1 (see the ssh-password-option attribute).本示例使用安全选项来传递密码并实现 SSH 身份验证,此选项称为sshPassword1 (请参阅ssh-password-option属性)。

Now the job definition example in YAML format:现在是 YAML 格式的作业定义示例:

- defaultTab: nodes
  description: ''
  executionEnabled: true
  id: b188c66c-c057-4bb7-98bf-7c84632bc144
  loglevel: INFO
  name: Whoami
  nodeFilterEditable: false
  nodefilters:
    dispatch:
      excludePrecedence: true
      keepgoing: false
      rankOrder: ascending
      successOnEmptyNodeFilter: false
      threadcount: '1'
    filter: 'name: node00'
  nodesSelectedByDefault: true
  options:
  - name: sshPassword1
    secure: true
  plugins:
    ExecutionLifecycle: null
  scheduleEnabled: true
  sequence:
    commands:
    - exec: whoami
    keepgoing: false
    strategy: node-first
  uuid: b188c66c-c057-4bb7-98bf-7c84632bc144

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Rundeck未设置环境变量以使用其他ssh端口进行远程执行 - Rundeck not setting up environment variable for remote execution with different ssh port Rundeck 4.0.0 - 使用 ssh 执行远程节点命令 - Rundeck 4.0.0 - Remote node command execution using ssh Rundeck ssh 连接被拒绝 - Rundeck ssh connection refused rundeck SSH 身份验证失败 - rundeck SSH Authentication failure Rundeck-SSH密钥的动态映射 - Rundeck - dynamic mapping for ssh keys Rundeck-使用执行日志和缓存 - Rundeck - Working with execution logs & Caching Rundeck - 带有错误处理程序的流程执行 - Rundeck - flow execution with error handler 在哪里存储用于rundeck ssh登录的密码文件? - Where to store password file for rundeck ssh login? rundeck - ConfigurationFailure:SSH密钥文件不存在 - rundeck - ConfigurationFailure: SSH Keyfile does not exist Rundeck:使用SSH在远程服务器中运行命令 - Rundeck: running command in remote server using ssh
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM