Rundeck 没有为使用不同 ssh 端口的远程执行设置环境变量
Rundeck not setting up environment variable for remote execution with different ssh port
Rundeck 将传递给作业的所有选项设置为环境变量,如 $RD_OPTION_* 但当在具有不同 ssh 端口的远程节点中执行作业时,它不会设置这些变量。该脚本成功登录到远程节点,但环境变量不存在。请帮我解决一下。
示例作业定义:
<joblist>
<job>
<context>
<options preserveOrder='true'>
<option name='option1' required='true' />
</options>
</context>
<description>job description</description>
<dispatch>
<excludePrecedence>true</excludePrecedence>
<keepgoing>false</keepgoing>
<rankOrder>ascending</rankOrder>
<threadcount>1</threadcount>
</dispatch>
<executionEnabled>true</executionEnabled>
<id>id</id>
<loglevel>DEBUG</loglevel>
<name>job name</name>
<nodefilters>
<filter>name: remote_node</filter>
</nodefilters>
<nodesSelectedByDefault>true</nodesSelectedByDefault>
<notification>
<onfailure>
<email attachLog='true' recipients='abcdef@xyz.com' subject='job failure :(' />
</onfailure>
<onsuccess>
<email recipients='abcdef@xyz.com' subject='job succes' />
</onsuccess>
</notification>
<scheduleEnabled>true</scheduleEnabled>
<sequence keepgoing='false' strategy='step-first'>
<command>
<exec>python path/to/script.py $RD_OPTION_OPTION1 > /path/to/logfile_$RD_JOB_EXECID.log 2>&1</exec>
</command>
<command>
<exec>java -jar path/to/jarfile.jar ${option.option1} >> "/path/to/logfile_${job.execid}.log" 2>&1</exec>
</command>
</sequence>
<uuid>job-uuid</uuid>
</job>
</joblist>
<!--
Here
$RD_JOB_EXECID,${job.execid},${option.option1},$RD_OPTION_OPTION1 are not being setup as environment variables when remote node is selected for execution
but the same variables are set up as environment variables when executed locally.
Rundeck logins to the remote node as user successfully.
Log entries are seen in /path/to/logfile_.log file in remote node since $RD_JOB_EXECID has not been set up.
the options @option.option1@ are working fine since they have been replaced by rundeck before executing command.
Rundeck details:
user: rundeck
shell: /bin/nologin
rundeck logs into remote server as normal user who has all permissions to execute all these scripts/jars.
-->
注:
Rundeck 在具有不同 ssh 端口的远程实例上执行时未设置环境变量。在本例中,端口为 2808,并且已在 resources.xml 中更新为 123.456.789.0:2808。 Rundeck 登录服务器并成功执行脚本(没有环境变量)。远程实例 sshd_config 已配置为接受 RD_* 变量。使用端口 22.
登录时会设置和访问相同的环境变量
我认为您混淆了 Rundeck 命令参数 和 Rundeck 环境变量
这是 "Commands, Script Arguments and Job Reference Arguments":
${job.execid}
正如其名称所示,您可以将其用作命令参数。就像您在工作定义中所做的那样。
这是 "Environment Variables":
$RD_JOB_EXECID
没有任何设置,如果你是 运行 Rundeck 服务器本身的工作,两者都可以正常工作,但如果你想将你的工作分派到一个节点,$RD_JOB_EXECID 将无法开箱即用.
To pass environment variables through remote command dispatches, it is
required to properly configure the SSH server on the remote end. See
the AcceptEnv directive in the "sshd_config(5)" manual page for
instructions.
Use a wild card pattern to permit RD_ prefixed variables to provide
open access to Rundeck generated environment variables.
Example in sshd_config:
# pass Rundeck variables
AcceptEnv RD_*
在 Rundeck 服务器上
确保在 ssh_config
中设置了 SendEnv RD_*
对于您的用例,${job.execid}、${option.option1} 可以完美地工作而不会乱用 sshd_config
它确实适用于不同的 SSH 端口。
XML
中的职位定义
<joblist>
<job>
<context>
<options preserveOrder='true'>
<option name='nodeFilter' />
</options>
</context>
<description></description>
<dispatch>
<excludePrecedence>true</excludePrecedence>
<keepgoing>false</keepgoing>
<rankOrder>ascending</rankOrder>
<threadcount>1</threadcount>
</dispatch>
<executionEnabled>true</executionEnabled>
<group>TEST</group>
<id>63b6f283-39b2-479d-bba9-b1742bc2ea53</id>
<loglevel>INFO</loglevel>
<name>test rundeck job context</name>
<nodefilters>
<filter>${option.nodeFilter}</filter>
</nodefilters>
<nodesSelectedByDefault>true</nodesSelectedByDefault>
<scheduleEnabled>true</scheduleEnabled>
<sequence keepgoing='false' strategy='node-first'>
<command>
<script><![CDATA[#!/usr/bin/python
import sys
print "I know ENV_VAR will not work as command line arguments %s " % sys.argv
]]></script>
<scriptargs> ">${job.execid}< >$RD_JOB_EXECID<"</scriptargs>
</command>
<command>
<script><![CDATA[#!/bin/bash
echo "But it works in Bash"
echo $RD_JOB_ID
echo $RD_JOB_EXECID
echo "Which port does sshd listening on?"
sudo netstat -tulpn | grep 2808]]></script>
<scriptargs />
</command>
</sequence>
<uuid>63b6f283-39b2-479d-bba9-b1742bc2ea53</uuid>
</job>
</joblist>
正如杨所说,这是由于 ssh 配置。同样 sshd_config 中的 AcceptEnv 变量 ssh_config 中有 SendEnv 变量所以我必须在 SendEnv 中指定 RD_* 像这样 SendEnv RD_*在 localhost ssh_config 中,它将指示 ssh 将这些环境变量发送到服务器。我发现在使用环境变量时需要做以下事情
SendEnv 需要在 localhost 的 ssh_config 文件中设置以发送环境变量。AcceptEnv 需要在 远程节点 的 sshd_config 文件中设置,以便接受传递到服务器的环境变量。
对于那些仍在寻找的人,在 Rundeck 3.4.1
可能说您还必须启用:
传递 RD_* 变量
在项目设置/编辑配置/默认节点执行器中
(当然,这个信息在官方文档中找不到,但我们已经习惯了不是吗)
Rundeck 将传递给作业的所有选项设置为环境变量,如 $RD_OPTION_* 但当在具有不同 ssh 端口的远程节点中执行作业时,它不会设置这些变量。该脚本成功登录到远程节点,但环境变量不存在。请帮我解决一下。
示例作业定义:
<joblist>
<job>
<context>
<options preserveOrder='true'>
<option name='option1' required='true' />
</options>
</context>
<description>job description</description>
<dispatch>
<excludePrecedence>true</excludePrecedence>
<keepgoing>false</keepgoing>
<rankOrder>ascending</rankOrder>
<threadcount>1</threadcount>
</dispatch>
<executionEnabled>true</executionEnabled>
<id>id</id>
<loglevel>DEBUG</loglevel>
<name>job name</name>
<nodefilters>
<filter>name: remote_node</filter>
</nodefilters>
<nodesSelectedByDefault>true</nodesSelectedByDefault>
<notification>
<onfailure>
<email attachLog='true' recipients='abcdef@xyz.com' subject='job failure :(' />
</onfailure>
<onsuccess>
<email recipients='abcdef@xyz.com' subject='job succes' />
</onsuccess>
</notification>
<scheduleEnabled>true</scheduleEnabled>
<sequence keepgoing='false' strategy='step-first'>
<command>
<exec>python path/to/script.py $RD_OPTION_OPTION1 > /path/to/logfile_$RD_JOB_EXECID.log 2>&1</exec>
</command>
<command>
<exec>java -jar path/to/jarfile.jar ${option.option1} >> "/path/to/logfile_${job.execid}.log" 2>&1</exec>
</command>
</sequence>
<uuid>job-uuid</uuid>
</job>
</joblist>
<!--
Here
$RD_JOB_EXECID,${job.execid},${option.option1},$RD_OPTION_OPTION1 are not being setup as environment variables when remote node is selected for execution
but the same variables are set up as environment variables when executed locally.
Rundeck logins to the remote node as user successfully.
Log entries are seen in /path/to/logfile_.log file in remote node since $RD_JOB_EXECID has not been set up.
the options @option.option1@ are working fine since they have been replaced by rundeck before executing command.
Rundeck details:
user: rundeck
shell: /bin/nologin
rundeck logs into remote server as normal user who has all permissions to execute all these scripts/jars.
-->
注:
Rundeck 在具有不同 ssh 端口的远程实例上执行时未设置环境变量。在本例中,端口为 2808,并且已在 resources.xml 中更新为 123.456.789.0:2808。 Rundeck 登录服务器并成功执行脚本(没有环境变量)。远程实例 sshd_config 已配置为接受 RD_* 变量。使用端口 22.
我认为您混淆了 Rundeck 命令参数 和 Rundeck 环境变量
这是 "Commands, Script Arguments and Job Reference Arguments":
${job.execid}
正如其名称所示,您可以将其用作命令参数。就像您在工作定义中所做的那样。
这是 "Environment Variables":
$RD_JOB_EXECID
没有任何设置,如果你是 运行 Rundeck 服务器本身的工作,两者都可以正常工作,但如果你想将你的工作分派到一个节点,$RD_JOB_EXECID 将无法开箱即用.
To pass environment variables through remote command dispatches, it is required to properly configure the SSH server on the remote end. See the AcceptEnv directive in the "sshd_config(5)" manual page for instructions.
Use a wild card pattern to permit RD_ prefixed variables to provide open access to Rundeck generated environment variables.
Example in sshd_config:
# pass Rundeck variables
AcceptEnv RD_*
在 Rundeck 服务器上
确保在 ssh_config
中设置了SendEnv RD_*
对于您的用例,${job.execid}、${option.option1} 可以完美地工作而不会乱用 sshd_config
它确实适用于不同的 SSH 端口。
XML
中的职位定义<joblist>
<job>
<context>
<options preserveOrder='true'>
<option name='nodeFilter' />
</options>
</context>
<description></description>
<dispatch>
<excludePrecedence>true</excludePrecedence>
<keepgoing>false</keepgoing>
<rankOrder>ascending</rankOrder>
<threadcount>1</threadcount>
</dispatch>
<executionEnabled>true</executionEnabled>
<group>TEST</group>
<id>63b6f283-39b2-479d-bba9-b1742bc2ea53</id>
<loglevel>INFO</loglevel>
<name>test rundeck job context</name>
<nodefilters>
<filter>${option.nodeFilter}</filter>
</nodefilters>
<nodesSelectedByDefault>true</nodesSelectedByDefault>
<scheduleEnabled>true</scheduleEnabled>
<sequence keepgoing='false' strategy='node-first'>
<command>
<script><![CDATA[#!/usr/bin/python
import sys
print "I know ENV_VAR will not work as command line arguments %s " % sys.argv
]]></script>
<scriptargs> ">${job.execid}< >$RD_JOB_EXECID<"</scriptargs>
</command>
<command>
<script><![CDATA[#!/bin/bash
echo "But it works in Bash"
echo $RD_JOB_ID
echo $RD_JOB_EXECID
echo "Which port does sshd listening on?"
sudo netstat -tulpn | grep 2808]]></script>
<scriptargs />
</command>
</sequence>
<uuid>63b6f283-39b2-479d-bba9-b1742bc2ea53</uuid>
</job>
</joblist>
正如杨所说,这是由于 ssh 配置。同样 sshd_config 中的 AcceptEnv 变量 ssh_config 中有 SendEnv 变量所以我必须在 SendEnv 中指定 RD_* 像这样 SendEnv RD_*在 localhost ssh_config 中,它将指示 ssh 将这些环境变量发送到服务器。我发现在使用环境变量时需要做以下事情
SendEnv需要在 localhost 的ssh_config文件中设置以发送环境变量。AcceptEnv需要在 远程节点 的sshd_config文件中设置,以便接受传递到服务器的环境变量。
对于那些仍在寻找的人,在 Rundeck 3.4.1
可能说您还必须启用: 传递 RD_* 变量
在项目设置/编辑配置/默认节点执行器中
(当然,这个信息在官方文档中找不到,但我们已经习惯了不是吗)