Install Rudder Root server on Debian or Ubuntu

Add the Rudder packages repository

Run the following commands as root:

apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 474A19E8
echo "deb http://www.rudder-project.org/apt-2.10/ $(lsb_release -cs) main" > /etc/apt/sources.list.d/rudder.list
aptitude update

This will add the GPG key used to sign the Rudder repository, then add the package repository itself and finally update the local package cache.

[Tip]Tip

If the HTTP Keyserver Protocol (11371/tcp) port is blocked on your network you can use this alternate command:

wget --quiet -O- "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x474A19E8" | sudo apt-key add -

Java on Debian/Ubuntu

The Rudder Root server needs a compatible Java Runtime Environment to run. In most cases, this will be installed automatically thanks to packaging dependencies, however in some cases manual installation is required.

On Debian Wheezy (7) and above and Ubuntu Precise (12.04) and above, the available package is OpenJDK 7 JRE, namely openjdk-7-jre. It will be installed automatically as a dependency of the Rudder packages, and does not require the non-free component.

On Debian Squeeze (6) and Debian Lenny (5), the available package is Oracle Java 6 JRE, namely sun-java-6-jre, which is in the non-free component. You must make sure this is enabled in your apt sources. Check that /etc/apt/sources.list contains the following lines:

deb http://ftp.fr.debian.org/debian/ squeeze main contrib non-free
deb http://security.debian.org/ squeeze/updates main contrib non-free
[Tip]Tip

Your mirror may differ, ftp.fr.debian.org is only an example. Also, please adapt the distribution name if needed (squeeze could be replaced by lenny).

On Ubuntu Natty (11.04) and previous Ubuntu versions, you will have to install Java yourself as the packaging of the Oracle JVM is now restricted by Oracle™ and Rudder is not compatible with OpenJDK 6, which is the only available JDK from Ubuntu. See http://www.java.com/fr/download/ to get Oracle's JVM.

Install your Rudder Root Server

To begin the installation, you should simply install the rudder-server-root metapackage, which will install the required components:

aptitude install rudder-server-root

Now jump to the next section to configure your server.

[Note]Note

If Oracle Java 6 JRE is installed (usually on Debian Lenny (5) or Squeeze (6) only), you will be asked to accept the license of the product during installation.

Compatibility with RHEL/CentOS 5 and syslogd

[Warning]Warning

For users running the Rudder server on Ubuntu Server 12.04 or later, any nodes running syslogd (not syslog-ng or rsyslog) will fail to send any reports about the configuration rules they have applied. This is the case by default on RHEL/CentOS 5, but not on any other supported platforms.

Rudder will apply rules on nodes but will never get reports from those using syslogd. Therefore Rudder will not be able to calculate compliance.

Several workarounds are available to fix this:

  1. Install another syslog server on your nodes, such as rsyslog or syslog-ng.
  2. Change the rsyslog configuration on the Rudder server (running Ubuntu 12.04 or later) to use port 514 and authorize this in the rsyslog configuration.
  3. Setup iptables on the node to send syslog traffic to the correct port on your Rudder server.
  4. Use a different OS for your Rudder server that Ubuntu Server 12.04 or later.