stackoom
  简体   繁体   中英

Rundeck SSH Execution

 原文  2021-10-27 08:39:23       rundeck

Question

We've setup Rundeck community but have some questions regarding SSH execution.

From what I can see it looks like the user who executes the job is configured at the project level and there is no way to change that at a per job per level.

We want to be able to login to Rundeck using our AD credentials (currently working) and run jobs as our individual user id's, is this possible or not?

Thanks

1 answers

solution1
 0  2021-10-27 13:04:18

It's possible to use a job level authentication in Rundeck, and it's possible to use the user name as an SSH user (of course the SSH server must be configured with that user to access it).

I made a XML entry node example:

  <node name="node00" 
        description="Node 00" 
        tags="mytag" 
        hostname="192.168.33.20" 
        osArch="amd64" 
        osFamily="unix" 
        osName="Linux" 
        osVersion="3.10.0-1062.4.1.el7.x86_64"   
        username="${job.username}" 
        ssh-authentication="password" 
        ssh-password-option="option.sshPassword1"/>

If you check carefully, you can see the username attribute is set with ${job.username} , this is a context variable that gets the current username (from, LDAP, AD or realm.properties file), you can see all Rundeck context variables here .

This example uses a secure option to pass the password and achieve the SSH authentication, this option is called sshPassword1 (see the ssh-password-option attribute).

Now the job definition example in YAML format:

- defaultTab: nodes
  description: ''
  executionEnabled: true
  id: b188c66c-c057-4bb7-98bf-7c84632bc144
  loglevel: INFO
  name: Whoami
  nodeFilterEditable: false
  nodefilters:
    dispatch:
      excludePrecedence: true
      keepgoing: false
      rankOrder: ascending
      successOnEmptyNodeFilter: false
      threadcount: '1'
    filter: 'name: node00'
  nodesSelectedByDefault: true
  options:
  - name: sshPassword1
    secure: true
  plugins:
    ExecutionLifecycle: null
  scheduleEnabled: true
  sequence:
    commands:
    - exec: whoami
    keepgoing: false
    strategy: node-first
  uuid: b188c66c-c057-4bb7-98bf-7c84632bc144

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Rundeck not setting up environment variable for remote execution with different ssh port Rundeck 4.0.0 - Remote node command execution using ssh Rundeck ssh connection refused rundeck SSH Authentication failure Rundeck - dynamic mapping for ssh keys Rundeck - Working with execution logs & Caching Rundeck - flow execution with error handler Where to store password file for rundeck ssh login? rundeck - ConfigurationFailure: SSH Keyfile does not exist Rundeck: running command in remote server using ssh
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM