Table of Contents
From version 3.0 Rudder can be divided into 4 different components:
- rudder-web: an instance with the webapp and the central policy server
- rudder-ldap: the inventory endpoint and its ldap backend
- rudder-db: the postgresql storage
- rudder-relay-top: the contact point for nodes
You need the setup scripts provided at https://github.com/normation/rudder-tools/tree/master/scripts/rudder-multiserver-setup. You can download them with this command:
mkdir rudder-multiserver-setup cd rudder-multiserver-setup for i in add_repo detect_os.sh rudder-db.sh rudder-ldap.sh rudder-relay-top.sh rudder-web.sh do wget --no-check-certificate https://raw.githubusercontent.com/Normation/rudder-tools/master/scripts/rudder-multiserver-setup/$i done chmod 755 * cd ..
You need 4 instances of supported OS, one for each component. Only the rudder-web instance need at least 2GB of RAM.
Register the 4 names in the DNS or add them in /etc/hosts
on each instance.
Add firewall rules:
- from rudder-web to rudder-db port pgsql TCP
- from rudder-* to rudder-web port rsyslog 514 TCP
- from rudder-relay-top to rudder-ldap port 8080 TCP
- from rudder-web to rudder-ldap port 8080 TCP
- from rudder-web to rudder-ldap port 389 TCP
- from rudder-web to rudder-relay-top port 5309
Copy the rudder-multiserver-setup directory to you instance.
Run rudder-relay-top.sh as root, replace <rudder-web> with the hostname of the rudder-web instance:
cd rudder-multiserver-setup ./rudder-relay-top.sh <rudder-web>
Take note of the UUID. If you need it later read, it is in the file /opt/rudder/etc/uuid.hive
Copy the rudder-multiserver-setup directory to you instance.
Run rudder-db.sh as root, replace <rudder-web> with the hostname of the rudder-web instance, replace <allowed-network> with the network containing the rudder-web instances:
cd rudder-multiserver-setup ./rudder-db.sh <rudder-web> <allowed-network>
Copy the rudder-multiserver-setup directory to you instance.
Run rudder-ldap.sh as root, replace <rudder-web> with the hostname of the rudder-web instance:
cd rudder-multiserver-setup ./rudder-ldap.sh <rudder-web>
Copy the rudder-multiserver-setup directory to you instance.
Run rudder-relay-top.sh as root, replace <rudder-*> with the hostname of the corresponding instance:
cd rudder-multiserver-setup ./rudder-web.sh <rudder-web> <rudder-ldap> <rudder-db> <rudder-relay-top>
Connect rudder web interface and accept all nodes. Then run the following command where <relay-uuid> is the uuid from rudder-relay-top setup.
/opt/rudder/bin/rudder-node-to-relay <relay-uuid>