Unable to execute script/command on a different node
81 views
Skip to first unread message
skp15
Feb 1, 2023, 7:45:40 PM2/1/23
to rundeck-discuss
Hello,
I followed the instructions here - https://docs.rundeck.com/docs/manual/creating-jobs.html#node-dispatching-and-filtering to execute a command on a different node other than the Rundeck node.
Even though I select this node (Node B), the job runs on the local node. Am I doing something incorrect or can you please suggest me any other alternative approach?
Regards,
rac...@rundeck.com
Feb 2, 2023, 6:05:18 AM2/2/23
to rundeck-discuss
Hi,
Which Rundeck version are you using? Could you share the job definition example to test? (please include the node filter).
Regards!
skp15
Feb 2, 2023, 1:23:02 PM2/2/23
to rundeck-discuss
I am using Rundeck 4.8.0.
For now, I am testing to dispatch on one other node. But eventually, I want to have 13 nodes that matches the filter. The only key word in all these 13 instances is "mirth".
I am trying to run a simple "uname -a" on that external node.
Attached is the job definition.
rac...@rundeck.com
Feb 2, 2023, 2:35:00 PM2/2/23
to rundeck-discuss
Hi,
I've checked your job definition, try changing your filter by:
`name: your-node`
If you want to match to multiple nodes use a wildcard like: `mynode.*`.
You can see the node filter syntax here.
Greetings.
skp15
Feb 2, 2023, 5:18:04 PM2/2/23
to rundeck-discuss
It selecting the right node after I apply the filter but it's still running locally. I am not sure where I am going wrong.
rac...@rundeck.com
Feb 3, 2023, 7:13:32 AM2/3/23
to rundeck-discuss
Hi,
Could you share your model source file? (resources.yaml or resources.xml) Please hide or change any sensitive information.
Regards.
skp15
Feb 3, 2023, 10:57:52 AM2/3/23
to rundeck-discuss
Hi,
Where do I find that? Also, is there anything incorrect in the images that I have captured above?
rac...@rundeck.com
Feb 3, 2023, 11:28:25 AM2/3/23
to rundeck-discuss
It seems correct. Probably your remote node is using the localhost info.
To see your available model sources Go to Project Settings > Edit Nodes.
(you can see the available remote nodes on the "Sources" tab and you can see/edit the file content on the Edit tab > Modify button.
More info here.
Regards.
skp15
Feb 3, 2023, 11:41:55 AM2/3/23
to rundeck-discuss
I have 3 node sources. One is the local source, one for EC2 from the same AWS account as where Rundeck is hosted, and another source for a different AWS account in the same organization.
How can I check that remote node is using the localhost info? And how to modify that?
rac...@rundeck.com
Feb 6, 2023, 7:59:09 AM2/6/23
to rundeck-discuss
Hi!
Check my last message:
To see your available model sources Go to Project Settings > Edit Nodes.
(you can see the available remote nodes on the "Sources" tab and
you can see/edit the file content on the Edit tab > Modify button.)
Another possible cause could be the default node executor, probably it's defined as a "local". Go to Project Settings > Edit Configuration > Default Node Executor (tab) and check the default node executor defined, make sure to use SSH (or SSHJ). Take a look at this.
Pretty sure that's the reason.
Let me know! Greetings!
skp15
Feb 6, 2023, 11:46:58 AM2/6/23
to rundeck-discuss
Yes, that's the problem.
Looks like if I change the `Default Node Executor` for one project, all the other projects were updated to this setting.
Also, I want to SSH into about 15 nodes/EC2 instances. How do I go about this?
Message has been deleted
skp15
Feb 6, 2023, 2:15:40 PM2/6/23
to rundeck-discuss
I already have listed the set of nodes. I can see it under the `Nodes` section in the project.
I want to run remote commands on these nodes. I don't have AWS creds/cert of the another account where I have to run remote commands on. So, I think SSH is the better option?
Should I allow the Rundeck local node to have permissions to run SSH on the remote nodes?
Here's the screenshot of remote node sources.
rac...@rundeck.com
Feb 6, 2023, 3:33:43 PM2/6/23
to rundeck-discuss
Yes, the traditional SSH way should work in that case. Just make sure to configure the Security Groups correctly (to access EC2 instances).
Greetings!
skp15
Feb 6, 2023, 5:35:49 PM2/6/23
to rundeck-discuss
Will try that.
Thank you!
skp15
Feb 6, 2023, 6:37:10 PM2/6/23
to rundeck-discuss
I created the ssh keys from within the Rundeck machine and added the public key under the authorized_keys of the node that I want to authenticate to, but I am receiving this error when I run the job.
Failed: AuthenticationFailure: Authentication failure connecting to node: "node-name". Could not authenticate.
Any suggestions?
rac...@rundeck.com
Feb 7, 2023, 7:37:06 AM2/7/23
to rundeck-discuss
Hi,
1. Make sure to access the remote machine from the rundeck server "manually".
2. Try changing the SSH node executor, if you're using an ed25519 key, a good solution is to use SSHJ instead of the default SSH node executor.
3. Make sure that you're well defined the model source, take a look at this step-by-step guide.
Regards.
skp15
Feb 7, 2023, 11:52:51 AM2/7/23
to rundeck-discuss
Hello,
- Yes, I am able to SSH into the remote machine from Rundeck server manually.
- I am using RSA key and updated the private key to -----BEGIN RSA PRIVATE KEY-----
- I am using the model source as AWS EC2 resources and not from resources.yaml/xml file. Is that okay?
- I have stored the SSH keys under keys/Rundeck, will the uppercase R make any issue?
rac...@rundeck.com
Feb 8, 2023, 8:33:28 AM2/8/23
to rundeck-discuss
Hi, could you test using the resources.yaml/xml way? like any other usual ssh node.
Message has been deleted
Message has been deleted
skp15
Feb 8, 2023, 2:06:44 PM2/8/23
to rundeck-discuss
Hi,
Is this the right documentation to follow for that effort?
Also, should I generate the SSH keys from as a root user or as `rundeck` user? What does the Rundeck job assume its role as when it SSHs to the remote nodes?
There's no `/var/lib/rundeck/` directory as many documents mention in my installation. What's the alternative?
rac...@rundeck.com
Feb 9, 2023, 7:20:23 AM2/9/23
to rundeck-discuss
Hello!
What kind of instance are you using? If you're using a docker image instance the path is /home/rundeck. (Basically, the docker image is a war-based instance).
Regards.
skp15
Feb 9, 2023, 1:43:38 PM2/9/23
to rundeck-discuss
Rundeck is installed from a docker image as a ECS service.
So, I have to create the ssh-rsa key under /home/rundeck? Also, when the Rundeck job tries to SSH into the EC2 instance, what user will it be trying to SSH as? Is it 'rundeck' or 'root' or something else?
rac...@rundeck.com
Feb 9, 2023, 2:58:14 PM2/9/23
to rundeck-discuss
Hi!
I have to create the ssh-rsa key under /home/rundeck?
You can create it directly but the best way is to create a volume with your own keys (the target node needs the rundeck server public key in their user autorized_keys file). Take a look at this.
Also, when the Rundeck job tries to SSH into the EC2 instance, what user
will it be trying to SSH as? Is it 'rundeck' or 'root' or something
else?
That's defined in the model source file (the "username" attribute in the node definition). Check these example.
--
Maybe this is a good starting point to understand how to configure a Rundeck Docker image.
And this to learn more about Rundeck + SSH protocol.
Greetings.
skp15
Feb 10, 2023, 12:51:56 PM2/10/23
to rundeck-discuss
Thank you for the constant guidance.
I have the setup working as required.
rac...@rundeck.com
Feb 10, 2023, 12:57:35 PM2/10/23
to rundeck-discuss
Awesome! Cheers!
Reply all
Reply to author
Forward
0 new messages