Public | Automated Build

Last pushed: 2 years ago
Short Description
CentOS 6.7 Base Rundeck 2.6.2 Install - Updated 1/22/2016
Full Description

CentOS 6.7 Base Rundeck 2.6.2 Install - 536 MB - Updated 1/22/2016

This container is built from centos:6.7

Description:

Turn your operations procedures into self-service jobs. Safely give others the control and visibility they need.

Rundeck, the human interface to your operations. Rundeck features fine-grain access controls, a built-in job scheduler, and the ability to define workflows that dispatch commands and scripts to your nodes.

Official Rundeck Website:

This containers purpose is to get a customizable rundeck instance up and running with a single docker run statement. The container is built with environment variables that allow the user to plug in custom values which will allow the container to configure itself on first run. This will give the user a fully customized experience just as if you set up rundeck on your own from scratch.

 

Container Variables:

The container is built to allow several configurable variables to be passed in at runtime. The values are as follows:

  • APP_NAME - This is the fully qualified domain name such as example.com. This should be passed without any prefix such as www.
  • APP_PORT - The port that rundeck will listen on (default is 4440)
  • MODE - The operational mode that the container will run as (filesystem, standalone, remote, existing)
  • MYSQL_SERVER - This is the Host server that runs the MySQL instance where the Application DB will be stored.
  • MYSQL_CLIENT - This is the hostname or the IP address of the computer making the connection to the database.
  • MYSQL_DB - The name of the MySQL DB that the Application will use.
  • APP_USER - The username that the Application will use in order to connect to the MySQL DB.
  • APP_PASS - The password of the user that the Application uses to connect to the MySQL DB.
  • TERMTAG - Environment variable to hold the highlighted bash shell tag. Currently set to the repo name, but can be change from within the container via TERMTAG="Whatever You Want"

Running the Container:

docker run -d -it --name rundeck -h rundeck -p 4440:4440 sciquest/rundeck

This will assume the following

  • MODE = filesystem
  • APP_NAME = rundeck.local
  • APP_PORT = 4440
  • MYSQL_SERVER = localhost
  • MYSQL_CLIENT = localhost
  • MYSQL_DB = rundeck
  • APP_USER = admin
  • APP_PASS = PAssw0rd
  • TERMTAG = RUNDECK

Running the container in standalone mode, with customized variable values:

docker run -it \
--name rundeck \
-h rundeck \
-p 4440:4440 \
-p 4500:4500 \
-e APP_NAME='testapp.com' \
-e APP_PORT='4500' \
-e MODE='standalone' \
-e MYSQL_SERVER='localhost' \
-e MYSQL_CLIENTS='localhost' \
-e MYSQL_USER='admin' \
-e MYSQL_PASS='adminpassword123' \
-e MYSQL_DB='rundeck_sa' \
-e APP_USER='rundeck' \
-e APP_PASS='PAssw0rd' \
-e TERMTAG=RUNDECK \
sciquest/rundeck

This example will start a new container named rundeck, It will set rundeck's URL to testapp.com, and rundeck will listen on port 4500, The restart policy will be set to always, meaning that if the container crashes unexpectedly, it will automatically kick itself back off. Mode is set to standalone, meaning that rundeck will run fully within the single container. It will leave the default database instance on the localhost and configure mysql to have a root password of "PAssw0rd", with the rundeck database being named rundeck. It will create a user named "admin" with a password of "PAssword" and set a grant statment on the testapp database to allow all privileges to be granted to the admin@localhost user. At this point rundeck is fully configured and you need just to go the default URL via HTTP. The default URL will be http://testapp.com:4500. You may need to put a host file entry in mapping the host IP with testapp.com, allowing you to hit testapp.com directly from a browser. The container IP which can be obtained with a docker inspect apache | grep IP

Mode Values:

  • filesystem - This will use the local filesystem to store the rundeck information. It will create a local h2 filesystem db file.
  • standalone - Start a local mysql instance, and install a new database on the localhost mysql instance.
  • Remote - Connect to an exsiting remote database server and install a new database on the remote mysql instance.
  • Existing - Connect to an existing remote database on an existing remote mysql instance.
  • DataVol - This mode will uninstall the mysql, mysql-server, and mysql-client packages. This mode is intended to be used solely as a data volume, allowing another instance to connect to the installed directory structure of the application for persistent storage.

    Note: If "Remote" or "Existing" is selected, then before running the container the user must know a mysql superuser username/password, or connect to the database and ensure that the APP_USER and APP_PASS that will be used in the run statement, already have permission to either create a new database and publish a new grant (remote), or read the MYSQL_DB (existing).

Note: Keeping the default mode of "standalone" will start the local MySQL instance, and set it to run on start, setting the mode to either "remote" or "existing" will not configure the local instance of mysql, and will not set it to start at run time, it will also automatically remove the installed mysql packages from the container.

MODE "Remote" or "remote":

In this example lets assume the following scenario:
The database will live on "mydbserver.mydomain.mytld".
The database will be named "rundeck".
A connection to the existing database server will be made using the existing mysql user "superuser".
The "superuser" user also has an existing password set to "superpassword".
The rundeck user that will be used to connect to the new database will be named "appadmin".
The rundeck user "appadmin", password will be set to "flappyjacks".
Connections to the rundeck database will be allowed from any host (%).

The superuser/superuserpassword users must already exist on the mysql server, and will be used to allow the container, to create a connection, and create the database for rundeck. This means that the superuser, user must have the appropriate permissions with the grant option in order to effectively make the connection, create the database, the application user, the application password and he necessary grants to allow the application to interact accordingly with the database.

The above scenario correlates to the following configuration given at container runtime.

  • MODE="remote"
  • MYSQL_USER="superuser"
  • MYSQL_PASS="superpassword"
  • MYSQL_SERVER="mydbserver.mydomain.mytld"
  • MYSQL_CLIENT="%"
  • MYSQL_DB="rundeck"
  • APP_USER="appadmin"
  • APP_PASS="flappyjacks"

Note: The following assumes that on the mysql user a user named superuser has been created with the grant option, and has permissions on all databases or you are firing this connection off as the mysql root user, which has been configured already to allow connections from %. If you are using a user other than root, ensure that the MySQL connecting user has all privileges including grant, so that the mysql script can create the app user and publish the grant to the newly created database for the application. An appropriate grant statement is as follows

GRANT ALL PRIVILEGES ON *.* TO 'superuser'@'%' IDENTIFIED BY 'superpassword' WITH GRANT OPTION;

Running the container in remote mode, with customized variable values:

docker run -it \
--name rundeck \
-h rundeck \
-p 80:4440 \
-e APP_NAME='testapp.com' \
-e APP_PORT='4440' \
-e MODE='remote' \
-e MYSQL_SERVER='mydbserver.mydomain.mytld' \
-e MYSQL_CLIENTS='%' \
-e MYSQL_DB='rundeck' \
-e APP_USER='appadmin' \
-e APP_PASS='flappyjacks' \
-e TERMTAG=RUNDECK \
sciquest/rundeck

As stated above, In this scenario, the container will connect to the MYSQL_SERVER (mysql), as superuser (MYSQL_USER)suppling the MYSQL_PASS of superpassword, which will grant access to the mysql server instance. A query will be made against the database instance to check to see if the database already exists.. If it exits then it will do nothing further, however if it does not exist then, the superuser mysql user, will create the rundeck database, and place a "GRANT ALL PRIVILEGES" on that database to the APP_USER 'appadmin'@'%' (% signifies wild as in accept from any connecting IP, this can be substituted with an IP of the connecting host or from the connecting subnet like 172.17.0.%) and with the APP_PASS of "flappyjacks". It will then flush mysql privileges, and finally remove the "test" database if it exits. Finally the local mysql-server package will be removed from the rundeck instance.

MODE "Existing" or "existing":

In the following example, the assumption is made that there is a remote database server, that already contains a pre-existing rundeck database, and there is already a grant statement allowing the APP_USER/APP_PASS all privileges on the existing rundeck database.

Note: If you are unsure if the APP_USER/APP_PASS credentials have the appropriate permissions on the existing rundeck database, then you can connect to the existing database server and issue the following grant substituting the variables with actual values that will be used in the run statement.

GRANT ALL PRIVILEGES ON $MYSQL_DB.* TO '$APP_USER'@'%' IDENTIFIED BY '$APP_PASS';
FLUSH PRIVILEGES;

Running the container in existing mode, with customized variable values:

docker run -d -it \
--name rundeck \
-h rundeck \
-p 80:4440 \
-e MODE='existing' \
-e APP_NAME='testapp.com' \
-e MYSQL_SERVER='mydbserver.mydomain.mytld' \
-e MYSQL_DB='rundeck' \
-e APP_USER='appadmin' \
-e APP_PASS='flappyjacks' \
-e TERMTAG=prod \
sciquest/rundeck

Note: Using the existing mode also tells the rundeck instance to remove the local mysql-server package from the rundeck instance.

MODE "Datavol" or "datavol":

As stated above the intention of the datavol mode is to set up a shell of the rundeck directory structure that will be set as persistent storage. The idea is that the /var/rundeck, /var/lib/rundeck, and /etc/rundeck directories will be flagged as persistent. A second actual instance container will then run connected to the persistent volume and will perform the configuration of the rundeck application. This configuration will allow you to remove the rundeck container to upgrade to a new one or reset it, without loosing any of your rundeck configuration data.

Running the container in datavol mode, with customized variable values:

docker run -it \
--name rundeck_data \
-h rundeck_data \
-v /var/rundeck \
-v /var/lib/rundeck \
-v /etc/rundeck \
-e MODE="datavol" \
-e TERMTAG=wp_data \
sciquest/rundeck \
sleep 1

Note: This mode removes all mysql packages from the datavol container. It is intended to be used a persistent storage only, and not actually run any application services.

 

Access the new Install:

Simply Navigate to the IP address of the host/container via a standard http or https request, and you will be presented with the rundeck login GUI. (4440 default). You also could put a host file entry in mapping the host IP with the configured $APP_NAME, allowing you to hit that URL directly from a browser, or if the container is running locally, then you can hit it via localhost, 127.0.0.1, or by the container IP which can be obtained with a docker inspect rundeck | grep IP.

Once the container is up and running you can attach to the container via docker exec -it rundeck bash or you can copy existing project data from your local machine via docker cp /path/to/your/data rundeck:/path/to/file/. Lastly is the abiliity to simply attach to the container via docker attach rundeck (hit enter twice), which will make the container act like a standard VM, allowing you to stop and start services normally. When you are finished in either the attached or exceed container, do not type exit (which would shut down the container), but instead use the detach key combination of CTL P + CTL Q.

 

Launching the Container via docker-compose in filesystem mode:

Copy the text below and paste it into a file named docker-compose.yml. Then you can navigate to the directory and if you have docker-compose installed, just issue the following command:
docker-compose up -d

NOTE: If you need assistance setting up docker-compose please visit http://www.appcontainers.com to watch the tutorial or read about the installation process.

Centos:

data:
  image: sciquest/rundeck
  hostname: rundeck-data
  stdin_open: true
  tty: true
  volumes:
  - /var/rundeck
  - /etc/rundeck
  - /var/lib/rundeck
  environment:
  - TERMTAG=RD-DATA
  command: sleep 1

web:
  image: sciquest/rundeck
  hostname: rundeck
  stdin_open: true
  tty: true
  restart: always
  volumes_from:
  - data
  ports:
  - "80:4440"
  environment:
  - APP_Name='testapp.com'
  - APP_PORT=4440
  - TERMTAG=RUNDECK
  command: /bin/bash

 

Launching the Container via docker-compose in filesystem mode:

Copy the text below and paste it into a file named docker-compose.yml. Then you can navigate to the directory and if you have docker-compose installed, just issue the following command:
docker-compose up -d

NOTE: If you need assistance setting up docker-compose please visit http://www.appcontainers.com to watch the tutorial or read about the installation process.

Centos:

dbdata:
  image: centos:6.7
  hostname: dbdata
  stdin_open: true
  tty: true
  volumes:
  - /var/lib
  environment:
  - TERMTAG=DBDATA
  command: sleep 1

db:
  image: appcontainers/mysql
  hostname: db
  stdin_open: true
  tty: true
  restart: always
  volumes_from:
  - dbdata
  environment:
  - MYSQL_USER=appadmin
  - MYSQL_PASS=adminpassword123
  - ENV=production
  - TERMTAG=DB

data:
  image: sciquest/rundeck
  hostname: rundeck-data
  stdin_open: true
  tty: true
  volumes:
  - /etc/rundeck
  - /var/rundeck
  - /var/lib/rundeck
  environment:
  - MODE=datavol
  - TERMTAG=RD-DATA
  command: sleep 1

web:
  image: sciquest/rundeck
  hostname: rundeck
  stdin_open: true
  tty: true
  restart: always
  volumes_from:
  - data
  links:
  - db
  ports:
  - "80:4440"
  environment:
  - APP_Name='testapp.com'
  - APP_PORT=4440
  - MODE=remote
  - MYSQL_SERVER=db
  - MYSQL_CLIENTS=172.17.0.%
  - MYSQL_USER=appadmin
  - MYSQL_PASS=adminpassword123
  - MYSQL_DB=rundeck
  - APP_USER=appadmin
  - APP_PASS=adminpassword123
  - TERMTAG=RUNDECK
  command: /bin/bash

Dockerfile Change-log:

01/22/2016 - Initial Build

 

Verification

------------------------
Test Filesystem Version
------------------------
docker run -it \
--name rundeck \
-h rundeck \
-p 4440:4440 \
-e APP_NAME='testapp.com' \
-e APP_PORT='4500' \
-e MODE='filesystem' \
-e TERMTAG=RUNDECK \
sciquest/rundeck


-----------------------
Test Standalone Version
------------------------
docker run -it \
--name rundeck \
-h rundeck \
-p 4440:4440 \
-p 4500:4500 \
-e APP_NAME='testapp.com' \
-e APP_PORT='4500' \
-e MODE='standalone' \
-e MYSQL_SERVER='localhost' \
-e MYSQL_CLIENTS='localhost' \
-e MYSQL_USER='admin' \
-e MYSQL_PASS='adminpassword123' \
-e MYSQL_DB='rundeck_sa' \
-e APP_USER='rundeck' \
-e APP_PASS='PAssw0rd' \
-e TERMTAG=RUNDECK \
sciquest/rundeck


------------------------
Test Datavol/Remote
------------------------
# Launch the following, then remove the rundeck container, and run another rundeck web container only, leaving the datavolume in tact.

docker run -it -d \
--name mysql \
-h mysql \
-p 3306:3306 \
-e CREATEDB=false \
-e MYSQL_USER='admin' \
-e MYSQL_PASS='adminpassword123' \
-e MYSQL_CLIENT='172.17.0.%' \
-e TERMTAG=mysql \
appcontainers/mysql \
/bin/bash

docker run -it \
--name rundeck_data \
-h rundeck_data \
-v /var/rundeck \
-v /var/lib/rundeck \
-v /etc/rundeck \
-e MODE="datavol" \
-e TERMTAG=wp_data \
sciquest/rundeck \
sleep 1

docker run -it \
--name rundeck \
-h rundeck \
-p 4440:4440 \
-p 4500:4500 \
--volumes-from rundeck_data \
--link mysql:mysql \
-e APP_NAME='testapp.com' \
-e APP_PORT='4500' \
-e MODE='remote' \
-e MYSQL_SERVER='mysql' \
-e MYSQL_CLIENTS='172.17.0.%' \
-e MYSQL_DB='rundeck_rem' \
-e MYSQL_USER='admin' \
-e MYSQL_PASS='adminpassword123' \
-e APP_USER='admin' \
-e APP_PASS='adminpassword123' \
-e TERMTAG=RUNDECK \
sciquest/rundeck


----------------------------------
Test Existing off of previous test
Make sure to first remove containers:
rundeck
----------------------------------
docker run -it \
--name rundeck \
-h rundeck \
-p 4500:4500 \
--volumes-from rundeck_data \
--link mysql:mysql \
-e MODE='existing' \
-e TERMTAG=RUNDECK \
sciquest/rundeck

-------------------------------------
Test docker-compose front end upgrade
-------------------------------------
docker-compose up -d

docker kill rundeck_web_1
docker rm rundeck_web_1

docker-compose up -d
Docker Pull Command
Owner
sciquest
Source Repository