Skip to main content

Overview of Projects

Overview of Projects

Introduction

Projects are a core element of Rundeck, Runbook Automation and Process Automation. Most of the elements that you interact with, such as Jobsopen in new window, Nodesopen in new window and Commandsopen in new window will be contained within the context of a Project. Individual Projects are created to serve the needs of a particular team or to contain a set of related Jobs or Nodes. Access to each Project can be controlled through Access Control.open in new window

Steps for Getting Started with a new Project

Step 1: Create a new Projectopen in new window

To get started, the first step is to create a new Project. To do so, you need to be logged in as admin or a Full User. In addition to jobs and nodes, the project contains specific configurations like node executor and file copier.

Step 2: Add your first nodeopen in new window

The next step is to add a remote node on the Project to dispatch commands and jobs against them. Generally, nodes are added by defining node sources which might gather information from existing sources like AWS, Ansible or Service Now’s CMDB.

Step 3: Add a key to Rundeck Key Storageopen in new window

To access remote Linux nodes, the server needs a private SSH key to trust the Rundeck server. This step adds the private key to Rundeck Key Storage. Over time, passwords and keys needed for target nodes should be added to Key Storage in this same way.

Step 4: Create a new job dispatched to example remote nodeopen in new window

Create a new job with an example command step (e.g: whoami), go to "nodes" section and enter the node name as a filter, then save the job and run it.

Step 5: Add a new useropen in new window

By default, Rundeck creates an admin user. A good practice is to add new users to run jobs and limit some Rundeck functions.

Step 6: Add a new user/role based ACL focused on the new Project

The new user is full restricted by default, now let's create an ACLopen in new window focused on that user to access and execute the Project's jobs. The Following ACL definition illustrates this:

description: project context.
context:
 project: ProjectEXAMPLE
for:
 resource:
   - allow: [run,read]
 job:
   - allow: [read,view,update,run]
 node:
   - allow: [read,run]
by:
 username: my_new_user
---

description: app context.
context:
 application: 'rundeck'
for:
 project:
 - allow: read
   match:
     name: ProjectEXAMPLE
 storage:
    - allow: [read]
by:
 username: my_new_user

Now enter using the new user's credentials and you can run jobs contained in this Project.