Open SeungwookL opened 4 years ago
jjethwa
commented
4 years ago Hi @SeungwookL
Thanks for the issue, Hope you and yours and keeping safe 😄
For the plugin, it's https://github.com/rundeck-plugins/rundeck-ec2-nodes-plugin ?
How did you add the plugin? To the /opt/rundeck-plugins volume?
Do you see the plugin listed under the plugins menu of the UI? It should be listed under the Resource Model Sources section
SeungwookL
commented
4 years ago Hi @jjethwa
Thank you for the reply.
Yes, I am trying to install the rundeck-ec2-nodes-plugin on version 1.5.2 which is the newest version released. I have tried the following ways:
Install the plugin jar file into /opt/rundeck-plugins, and restart the container Install the plugin jar file into /var/lib/rundeck/libext, and restart the container Manual installation through Rundeck UI under plugin tab However, for all the following methods above, I simply could not use any functionalities under the plugin tab.
Below is when I tried to use the plugin through the project's setting to add ResourceModelSource
Below is when I try to access the plugin tab
I don't believe this is the problem to do with plugin version. I think the plugin functionality itself is not working on the Rundeck for some reason.
Let me know if you need any more details.
jjethwa
commented
4 years ago Looks like it's something with the proxy or SSL setup. You should be able to see a list of plugins even if you browse to https://localhost:4443/artifact/index/configurations Can you provide the full command you are using to start the container?
SeungwookL
commented
4 years ago I didn't get what you meant by command to start the container, but here are the configurations that I have set up for Rundeck and Nginx
[Rundeck] /etc/rundeck/framework.properties
# framework.properties -
#
# ----------------------------------------------------------------
# Rundeck server connection information
# ----------------------------------------------------------------
framework.server.name = localhost
framework.server.hostname = localhost
framework.server.port = 4443
framework.server.url = https://MY_DOMAIN:4443
# ----------------------------------------------------------------
# Installation locations
# ----------------------------------------------------------------
rdeck.base=/var/lib/rundeck
framework.projects.dir=/var/lib/rundeck/projects
framework.etc.dir=/etc/rundeck
framework.var.dir=/var/lib/rundeck/var
framework.tmp.dir=/var/lib/rundeck/var/tmp
framework.logs.dir=/var/lib/rundeck/logs
framework.libext.dir=/var/lib/rundeck/libext
# ----------------------------------------------------------------
# SSH defaults for node executor and file copier
# ----------------------------------------------------------------
framework.ssh.keypath = /var/lib/rundeck/.ssh/id_rsa
framework.ssh.user = rundeck
# ssh connection timeout after a specified number of milliseconds.
# "0" value means wait forever.
framework.ssh.timeout = 0
# ----------------------------------------------------------------
# Auto generated server UUID: 1dbdf395-b6bf-41e0-9d0d-a87785a98292
# ----------------------------------------------------------------
rundeck.server.uuid = 1dbdf395-b6bf-41e0-9d0d-a87785a98292/etc/rundeck/rundeck-config.properties
#loglevel.default is the default log level for jobs: ERROR,WARN,INFO,VERBOSE,DEBUG
loglevel.default=INFO
rdeck.base=/var/lib/rundeck
#rss.enabled if set to true enables RSS feeds that are public (non-authenticated)
rss.enabled=false
# change hostname here
grails.serverURL=https://MY_DOMAIN:4443
server.useForwardHeaders=true
rundeck.security.httpHeaders.provider.csp.enabled=false
# rundeck.security.httpHeaders.provider.csp.config.form-action=self https://MY_DOMAIN:4443
dataSource.url = jdbc:mysql://localhost/rundeckdb?autoReconnect=true
# Encryption for key storage
rundeck.storage.provider.1.type=db
rundeck.storage.provider.1.path=keys
rundeck.storage.converter.1.type=jasypt-encryption
rundeck.storage.converter.1.path=keys
rundeck.storage.converter.1.config.encryptorType=custom
rundeck.storage.converter.1.config.password=e82d2347a2c4f1b0
rundeck.storage.converter.1.config.algorithm=PBEWITHSHA256AND128BITAES-CBC-BC
rundeck.storage.converter.1.config.provider=BC
# Encryption for project config storage
rundeck.projectsStorageType=db
rundeck.config.storage.converter.1.type=jasypt-encryption
rundeck.config.storage.converter.1.path=projects
rundeck.config.storage.converter.1.config.password=e82d2347a2c4f1b0
rundeck.config.storage.converter.1.config.encryptorType=custom
rundeck.config.storage.converter.1.config.algorithm=PBEWITHSHA256AND128BITAES-CBC-BC
rundeck.config.storage.converter.1.config.provider=BC
rundeck.log4j.config.file = /etc/rundeck/log4j.properties
rundeck.feature.repository.enabled=true
dataSource.driverClassName = com.mysql.jdbc.Driver
dataSource.username = rundeck
dataSource.password = Kw1kOrbfg4nY5hz[Nginx]
/etc/nginx/nginx.conf
worker_processes 1;
events { worker_connections 1024; }
http {
sendfile on;
upstream docker-rundeck {
server rundeck:4443;
}
server {
listen 80;
location / {
proxy_pass http://docker-rundeck;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 20m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_stapling on;
ssl_stapling_verify on;
ssl_ciphers 'SOME_CIPHER_BLOB';
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://docker-rundeck;
proxy_redirect https://MY_DOMAIN:4443 https://MY_DOMAIN;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}Sorry for the messy bulk codes. I set up both rundeck and nginx behind separate Docker containers using the docker-compose.yml.
docker-compose.yml
version: '2'
services:
reverseproxy:
image: nginx:latest
ports:
- 80:80
- 443:443
restart: always
rundeck:
depends_on:
- reverseproxy
- jordan-rudeck
image: jordan/rundeck:latest
ports:
- 4440:4440
- 4443:4443
restart: always I believe ssl has been turned on for the Rundeck. I can use https://MY_DOMAIN:443 to access rundeck server I have installed on my EC2 instance. I can click into every menu tabs, except for the plugin part for some reason.
Hope this is what you asked for.
jjethwa
commented
4 years ago Hi @SeungwookL Thanks for all of the details. Your configurations seem correct, but I don't know why the errors you see in the browser console show https://localhost:4443 and not https://MY_DOMAIN:4443
As a test, can you try changing
framework.server.name = localhost
framework.server.hostname = localhostto
framework.server.name = MY_DOMAIN
framework.server.hostname = MY_DOMAIN
Hello,
I am currently running the Rundeck on Docker container behind nginx revese-proxy, also on another container. I have the containers running in AWS EC2 instance. Here are the details you may want:
[Details] EC2: OS: Ubuntu 18.04 domain name: MY_OWN_DOMAIN_NAME
Rundeck: image: jordan/rundeck:latest server: https://localhost:4443 port used: 4443
Nginx: image: nginx:latest proxy pass: https://localhost:4443 proxy redirect: https://localhost:4443 https://MY_OWN_DOMAIN_NAME:4443
rundeck-ec2-nodes-plugin version: 1.5
[Error] Rundeck is up and running fine behind nginx reverse-proxy. However, the plugin functionality in the software is not working at all while all other functionalities are working just fine. I have installed the rundeck-ec2-nodes-plugin in the directory where other plugins reside; however, I cannot view this plugin.
Let me know if you need any further details.
Thank you, Kevin