Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

rundeck-alt (1) Versions 0.3.5

Installs and configures the Rundeck administration console

Berkshelf/Librarian
Policyfile
Knife
cookbook 'rundeck-alt', '~> 0.3.5'
cookbook 'rundeck-alt', '~> 0.3.5', :supermarket
knife cookbook site install rundeck-alt
knife cookbook site download rundeck-alt
README
Dependencies
Changelog
Quality

chef-rundeck

This is a Chef cookbook for the remote administration tool Rundeck. It installs the Rundeck package (either on deb or rpm format) and configures various aspects of the software.

The latest and greatest revision of this cookbook will always be available at https://github.com/priestjim/chef-rundeck

Requirements

Cookbooks

The following cookbooks are direct dependencies because they're used for common "default" functionality.

  • java
  • apt
  • yum
  • logrotate

In order to install the Chef discovery service, you'll need the supervisor cookbook.

In order to install the NGINX proxy site, you'll either need the openresty or nginx cookbook.

Platform

The following platforms are supported and tested using Vagrant 1.2:

  • Ubuntu 12.04
  • CentOS 6.4

Other Debian and RHEL family distributions are assumed to work.

Chef Server

The cookbook converges best on Chef installations >= 10.18.2

Attributes

Attributes are split in files semantically:

default.rb

  • node['rundeck']['deb_version'] - The Rundeck version to be installed for Debian-based distributions.

  • node['rundeck']['rpm_version'] - The Rundeck version to be installed for RPM-based distributions.

  • node['rundeck']['node_name'] - The Rundeck node name. Defaults to node.name

  • node['rundeck']['url'] - The URL that Rundeck will be running on. Change it if you're running it over a reverse proxy.

  • node['rundeck']['hostname'] - The hostname Rundeck servers from.

  • node['rundeck']['port'] - The port Rundeck HTTP server runs on.

  • node['rundeck']['log4j_port'] - The Rundeck Log4J port.

  • node['rundeck']['public_rss'] - Enables an unauthenticated RSS feed for jobs.

  • node['rundeck']['logging_level'] - The default logging level for Rundeck.

  • node['rundeck']['authentication']['file'] - The default authentication file to use for rundeck profile.

  • node['rundeck']['authentication']['name'] - The default authentication name to use for rundeck profile.

  • node['rundeck']['stub_config_files'] - The default rundeck stub config files. These may need to be configured by a wrapper cookbook so overriding this value to remove the files your wrapper cookbook manages is the desired usecase.

  • node['rundeck']['admin']['encrypted_data_bag'] - Enables loading the Rundeck administrator credentials using Chef encrypted data bags instead of simple ones.

  • node['rundeck']['admin']['data_bag'] - The data bag name for the administrator credentials.

  • node['rundeck']['admin']['data_bag_id'] - The data bag item name for the administrator credentials.

  • node['rundeck']['admin']['username'] - Hardcoded administrator username in case data bags are not available (i.e. chef-solo runs).

  • node['rundeck']['admin']['password'] - Hardcoded administrator password in case data bags are not available (i.e. chef-solo runs).

  • node['rundeck']['admin']['ssh_key'] - Hardcoded administrator private SSH key in case data bags are not available (i.e. chef-solo runs).

  • node['rundeck']['partial_search'] - Enables partial search support for mail credentials.

  • node['rundeck']['mail'] - Hash with various SMTP parameters used by Rundeck for notifications.

  • node['rundeck']['mail']['recipients_data_bag'] - The name of the data bag to be searched for recipients of mails for administrative purposes.

  • node['rundeck']['mail']['recipients_keys'] - A partial search compatible hash with the fields and the field paths to run the partial_search for.

  • node['rundeck']['mail']['recipients_query'] - A standard Chef query to use for searching for administrative contacts.

  • node['rundeck']['mail']['recipients_field'] - Field to use for the administrative e-mail. Must be in standard hash notation and will be eval'ed (i.e. "['email']")

  • node['rundeck']['rdbms']['enable'] - Enable external database. By default false, use internal hsqldb.

  • node['rundeck']['rdbms']['type'] - mysql or oracle. Defaults to "mysql"

  • node['rundeck']['rdbms']['location'] - Hostname of database. Defaults to "localhost"

  • node['rundeck']['rdbms']['dbname'] - Database name. Defaults to "rundeckdb"

  • node['rundeck']['rdbms']['dbuser'] - Database user. Defaults to "rundeckdb"

  • node['rundeck']['rdbms']['dbpassword'] - Database password. Defaults to "password"

  • node['rundeck']['rdbms']['dialect'] - Hibernate dialect. Only used when type is oracle. Defaults to "Oracle10gDialect"

  • node['rundeck']['custom_properties']['framework'] - Key/value pairs of custom properties present in framework.properties

  • node['rundeck']['custom_properties']['project'] = Key/value pairs of custom properties present in project.properties

chef.rb

  • node['rundeck']['chef']['port'] - TCP port to run the chef-rundeck discovery service

  • node['rundeck']['chef']['client_key'] - Hardcoded Chef client key in case data bags are not available

  • node['rundeck']['chef']['port'] - Hardcoded Chef client name in case data bags are not available

  • node['rundeck']['chef']['partial_search'] - Enable partial search support on the chef-rundeck gem

  • node['rundeck']['chef']['cache_timeout'] - Sets the time chef-rundeck will cache the Chef server results, in seconds

  • node['rundeck']['chef']['ssl_verify_mode'] - Sets the verify mode of the SSL connection to the Chef server

  • node['rundeck']['chef']['server_url'] - Chef Server URL to query for nodes to build Rundeck's resources model. Defaults to Chef::Config['chef_server_url']

ssh.rb

  • node['rundeck']['ssh']['user'] - Default SSH user with whom Rundeck will login to the servers.

  • node['rundeck']['ssh']['timeout'] - SSH connection timeout in milliseconds.

  • node['rundeck']['ssh']['port'] - Default SSH port to connect to.

java.rb

  • node['java']['jdk_version'] - Sets the version of jdk, defaults to 7

  • node['rundeck']['java']['enable_jmx'] - Defines a set of flags in order to enable JMX monitoring on the Rundeck installation

  • node['rundeck']['java']['allocated_memory'] - Defines the maximum heap memory available to Rundeck's JVM

  • node['rundeck']['java']['thread_stack_size'] - Defines the default thread stack size for the Rundeck's JVM

  • node['rundeck']['java']['perm_gen_size'] - Defines the permanent generation size for the Rundeck's JVM

proxy.rb

  • node['rundeck']['proxy']['hostname'] - Defines the default hostname used in the NGINX proxy instance.

  • node['rundeck']['proxy']['default'] - Set to true to enable the NGINX default server flags for the Rundeck proxy virtual host.

Recipes

default.rb

The default recipe will install the official Rundeck package for your specific distribution and install various configuration files needed for Rundeck to operate. If you need SSL support, it would be better to use a reverse proxy for this (such us NGINX or Apache2) since Rundeck's SSL support requires various complicated steps (all hail Java).

Log rotation of Rundeck's and Chef-Rundeck's logs is managed by a logrotate job.

The default recipe will install and enable either a SYSV-standard service for Redhat and Debian based distributions or an Upstart service for Ubuntu installations.

The cookbook also needs a custom Rundeck user that will be used to execute remote jobs. You need to create the user before installing Rundeck and then define a passwordless RSA SSH key for the user in this cookbook's properties.

All credentials used are retrieved from:

  • An encrypted data bag if the node['rundeck']['admin']['encrypted_data_bag'] attribute is enabled
  • A simple data bag otherwise
  • In case there is no data bag defined, administrative attributes are retrieved from node attributes

chef.rb

The chef recipe will install the chef-rundeck gem using the Ruby bundled with the Chef omnibus package. That way, no extra dependencies occur (i.e. rbenv or rvm or a packaged ruby).

Supervisor from the supervisor cookbook is used to start and supervise the service.

As with default, all credentials (Chef client key and client name) used are retrieved from:

  • An encrypted data bag if the node['rundeck']['admin']['encrypted_data_bag'] attribute is enabled
  • A simple data bag otherwise
  • In case there is no data bag defined, administrative attributes are retrieved from node attributes

proxy.rb

The proxy recipe will install an NGINX configuration file that exposes Rundeck through a reverse proxy HTTP interface.

Data bag format

The Rundeck cookbook requires some data to be available in data bags. Depending on the value of node['rundeck']['admin']['encrypted_data_bag'], the data bag data will be loaded via encrypted data bag methods or plain. You can select the data bag name and ID via the node['rundeck']['admin']['data_bag'] and node['rundeck']['admin']['data_bag_id'] attributes. The following attributes must be present in the selected data bag:

  • username: Used as the default administrator's username created during the initial installation of Rundeck.
  • password: Used the default administrator's password created during the initial installation of Rundeck.
  • ssh_key: Used in place of the Rundeck SSH user's RSA private key.

If you are using the rundeck::chef recipe, the following must be present in the data bag too:

  • client_key: The Chef client's private key in PEM format.
  • client_name: The Chef client's name.

In addition to administrative attributes, data bags are used in mail recipient search. The search query searches among the node['rundeck']['mail']['recipients_data_bag'] data bag using a standard Chef query defined in node['rundeck']['mail']['recipients_query'] and from the results retrieves the field defined in node['rundeck']['mail']['recipients_field'] using standard Ruby eval. So, if you are looking for the user['notifications']['email'] field in your data bags for your mail recipients, you should define it as:

node['rundeck']['mail']['recipients_field'] = "['notifications']['email']"

LWRP

user

This cookbook defines the rundeck_user LWRP. The LWRP can be used to create users in Rundeck (see http://rundeck.org/docs/administration/authentication.html#realm.properties) through the standard realm.properties file. Only MD5 and CRYPT encryption is supported as an encryption scheme, along with plain-text.

The following actions are supported:

  • create - Creates a Rundeck user if it does not exist already.
  • update - Updates a Rundeck user.
  • delete - Removes a Rundeck user.

The following attributes are used in the LWRP:

  • name - The actual Rundeck username.
  • password - The password in plain text.
  • roles - The Rundeck roles that this user is a member of.
  • encryption - One of crypt, md5, plain.

Usage sample:

rundeck_user 'ops' do
  password '123abc'
  encryption 'md5'
  roles %w{ user admin architect deploy build }
  action :create
end

plugin

This cookbook defines the rundeck_plugin LWRP. The LWRP can be used to install plugins in Rundeck (see http://rundeck.org/docs/plugins-user-guide/index.html). Plugin installation is fairly straight-forward as plugins can be installed/uninstalled just by moving/removing the plugin file from the libext directory in Rundeck's home.

The following actions are supported:

  • create - Installs a Rundeck plugin.
  • remove - Removes a Rundeck plugin.

The following attributes are used in the LWRP:

  • name - The plugin name. Plugin must end in .jar or .zip to be considered valid.
  • url - The URL to fetch the plugin from.
  • checksum - SHA-256 checksum of the plugin. Used in the same way as the remote_file resource.

Usage sample:

rundeck_plugin 'rundeck-hipchat-plugin-1.0.0.jar' do
  checksum 'd7fea03867011aa18ba5a5184aa1fb30befc59b8fbea5a76d88299abe05aec28'
  url 'http://search.maven.org/remotecontent?filepath=com/hbakkum/rundeck/plugins/rundeck-hipchat-plugin/1.0.0/rundeck-hipchat-plugin-1.0.0.jar'
end

Usage

Include the recipe on your node or role. Modify the attributes as required in a role cookbook to change how various configuration variables are applied per the attributes section above. It is important the data bags are properly set up. An example is given below for the minimum requirements to converge this cookbook.

The default 'credentials' data bag:

{
   "id": "rundeck",
   "username": "admin",
   "password": "admin"
}

The default 'users' data bag:

{
   "id": "users"
}

If you need to alter the location of various cookbook_file directives, use chef_rewind.

License and Author

Copyright 2013, Panagiotis Papadomitsos

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Dependent cookbooks

openresty >= 0.0.0
nginx >= 0.0.0
supervisor >= 0.0.0
partial_search >= 0.0.0
logrotate >= 0.0.0
java >= 0.0.0
apt >= 0.0.0
yum >= 0.0.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

CHANGELOG for chef-rundeck

This file is used to list changes made in each version of chef-rundeck.

0.3.5

  • Bump Rundeck version

0.3.4

  • Custom properties support for framework and project properties files
  • Added chef-rundeck cache timeout
  • Added chef-rundeck SSL verify mode

0.3.3

  • Rundeck version bump
  • Various JVM fixes
  • Added URL attribute to support Rundeck running behind a reverse proxy
  • Added support for external databases (PR #14)
  • Added support for SMTP mail authentication (PR #13)
  • Allow the rundeck profile to set authentication file and name via attributes

0.3.2

  • Move stub file array to an attribute to allow control from wrapper cookbooks.
  • Added the "hostname" attribute
  • Removed the aggressive JVM optimization option

0.3.0

  • Logic change on admin data bag and Chef credentials fetching
  • Moved chef-rundeck gem to the official one
  • Implemented plugin LWRP
  • Fixed double startup issue with Upstart supporting systems
  • Made Rundeck hostname configurable

0.2.1

  • Version bump to Rundeck
  • Fixed stub user creation issue
  • Added update action along with create action on admin user (resolves #6)
  • Added apt/yum recipe inclusion (resolves #7)
  • Fixed outdated jaas module declaration (resolves #8)
  • Added partial search support

0.2.0:

  • Version bump to Rundeck
  • Added support for encrypted data bags
  • Doc updates
  • Added support for RHEL distros
  • Various bugfixes

0.1.0:

  • Initial release of chef-rundeck

Collaborator Number Metric
            

0.3.5 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.3.5 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

0.3.5 failed this metric

FC007: Ensure recipe dependencies are reflected in cookbook metadata: rundeck-alt/recipes/proxy.rb:22
FC059: LWRP provider does not declare use_inline_resources: rundeck-alt/providers/plugin.rb:1
FC059: LWRP provider does not declare use_inline_resources: rundeck-alt/providers/user.rb:1
FC064: Ensure issues_url is set in metadata: rundeck-alt/metadata.rb:1
FC065: Ensure source_url is set in metadata: rundeck-alt/metadata.rb:1
FC066: Ensure chef_version is set in metadata: rundeck-alt/metadata.rb:1
FC069: Ensure standardized license defined in metadata: rundeck-alt/metadata.rb:1
Run with Foodcritic Version 11.1.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

License Metric
            

0.3.5 passed this metric

No Binaries Metric
            

0.3.5 passed this metric

Publish Metric
            

0.3.5 passed this metric

Supported Platforms Metric
            

0.3.5 passed this metric

Testing File Metric
            

0.3.5 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.3.5 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number