ShutItDown RBS Setup: Step-by-Step Installation & ConfigurationShutItDown RBS is a robust shutdown and resource-management service designed to centralize, automate, and secure the shutdown procedures for servers, virtual machines, or other managed endpoints. This guide walks you through a complete step-by-step installation and configuration process, covering prerequisites, installation methods, basic and advanced configuration, testing, troubleshooting, and best practices for production deployment.
Before you begin — prerequisites and planning
- System requirements: Ensure target machines meet the minimum CPU, RAM, and storage requirements listed by ShutItDown RBS documentation (typical lightweight service: 1 vCPU, 512 MB RAM, 50–100 MB disk for agent).
- Supported platforms: Confirm support for your OS (Linux distributions, Windows Server versions, container environments). This guide focuses on Linux (Debian/Ubuntu, RHEL/CentOS) and Windows Server.
- Network and security:
- Open required ports (default agent-to-server port: 8443 for TLS API; adjust if customized).
- Ensure mutual TLS or token-based authentication is part of your security plan.
- Prepare firewall rules and VPN or secure LAN access if needed.
- Accounts and privileges:
- Administrator/root access on installation hosts.
- Service account for the management server with least privilege required to query and trigger shutdown operations.
- Backup and rollback plan: Snapshot VMs or back up configurations before installing in production.
Step 1 — Obtain the software
- Visit the official ShutItDown RBS download location or your internal package repository.
- Choose the appropriate package:
- Debian/Ubuntu: .deb
- RHEL/CentOS/Fedora: .rpm
- Windows: MSI or ZIP
- Docker image: registry/shutitdown-rbs:latest
- Verify package integrity with SHA256 checksum or signed package verification.
Step 2 — Install the management server
This section covers installing the central management server on Linux. For Windows, use the MSI installer and follow comparable steps.
Debian/Ubuntu (example):
sudo dpkg -i shutitdown-rbs-server_1.0.0_amd64.deb sudo apt-get install -f RHEL/CentOS:
sudo rpm -ivh shutitdown-rbs-server-1.0.0.x86_64.rpm Docker (alternative):
docker run -d --name shutitdown-rbs-server -p 8443:8443 -v /opt/shutitdown/data:/var/lib/shutitdown registry/shutitdown-rbs:latest After installation, start and enable the service:
sudo systemctl enable --now shutitdown-rbs-server sudo systemctl status shutitdown-rbs-server Step 3 — Initial server configuration
-
Configuration file locations:
- Linux package: /etc/shutitdown/server.conf
- Docker: /var/lib/shutitdown/config/server.conf
-
Core configuration options to set:
- server.listen_address = 0.0.0.0:8443
- auth.mode = mTLS | token (choose per policy)
- storage.backend = sqlite | postgres (use Postgres for production)
- tls.cert = /etc/shutitdown/certs/server.crt
- tls.key = /etc/shutitdown/certs/server.key
-
Generate or install TLS certificates. For production use CA-signed certs; for testing, generate self-signed:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/shutitdown/certs/server.key -out /etc/shutitdown/certs/server.crt -subj "/CN=shutitdown.example.local" -
Configure database (Postgres example):
# /etc/shutitdown/server.conf storage.backend = postgres storage.postgres.host = db.example.local storage.postgres.port = 5432 storage.postgres.user = shutit_user storage.postgres.password = securepassword storage.postgres.dbname = shutitdbRun migrations:
sudo shutitdown-admin migrate
Restart server after config changes:
sudo systemctl restart shutitdown-rbs-server Step 4 — Install and register agents on endpoints
Agents handle local shutdown commands and communicate with the management server.
Linux agent (Debian/Ubuntu):
sudo dpkg -i shutitdown-rbs-agent_1.0.0_amd64.deb sudo systemctl enable --now shutitdown-rbs-agent RHEL/CentOS:
sudo rpm -ivh shutitdown-rbs-agent-1.0.0.x86_64.rpm Windows agent:
- Run MSI installer as Administrator.
- Use PowerShell to set service startup to automatic.
Agent configuration (/etc/shutitdown/agent.conf):
- server.address = https://shutitdown.example.local:8443
- auth.mode = token
- auth.token =
Register agent with the server:
- On server UI or CLI, create an agent registration token (one-time).
- Paste token into agent.conf or run:
sudo shutitdown-agent register --token YOUR_TOKEN --server https://shutitdown.example.local:8443 - Confirm on server UI that the agent appears as online.
Step 5 — Define shutdown policies and schedules
ShutItDown RBS allows fine-grained policies, e.g., scheduled maintenance, emergency shutdown, resource-triggered shutdown, or conditional shutdown based on load.
Example policy concepts:
- Immediate shutdown with no delay (emergency).
- Graceful shutdown with pre-shutdown scripts and health checks.
- Scheduled shutdowns (cron-like schedule).
- Conditional shutdown when CPU > 95% for 10 minutes.
Create a policy via UI or CLI:
shutitdown-cli policy create --name "Nightly Maintenance" --targets "web-servers" --schedule "0 3 * * *" --grace-period 300 --pre-hook /opt/scripts/pre_shutdown.sh --post-hook /opt/scripts/post_shutdown.sh Step 6 — Hooks, scripts, and safe shutdown procedures
Configure pre-shutdown and post-shutdown hooks to run tasks such as notifying users, quiescing services, or taking snapshots.
Example pre-shutdown script (safe quiesce):
#!/bin/bash # /opt/scripts/pre_shutdown.sh systemctl stop nginx rsync -a /var/www/html /backups/www-$(date +%F).tar.gz Make executable:
sudo chmod +x /opt/scripts/pre_shutdown.sh Ensure graceful shutdown commands are used:
- Linux: systemctl poweroff or shutdown -h +0
- Windows: Stop-Computer or shutdown.exe /s /t 0
Step 7 — Testing and validation
- Test agent registration and communication: verify heartbeat and logs.
- Run a dry-run or simulation:
shutitdown-cli action simulate --policy "Nightly Maintenance" - Perform a controlled test on a non-production host:
shutitdown-cli action execute --policy "Nightly Maintenance" --target test-server-01 - Verify hooks executed, services stopped cleanly, and system state after shutdown.
Step 8 — Monitoring, logging, and alerting
- Configure centralized logging (syslog, journald, or ELK stack).
- Ship logs from server and agents to your logging pipeline.
- Enable alerting for failed shutdowns, agent disconnections, or policy errors.
- Use server metrics endpoint (Prometheus) to monitor agent counts, actions, and success rates.
Step 9 — High availability and scaling
For production, avoid single points of failure:
- Run multiple management server instances behind a load balancer.
- Use an external Postgres cluster for storage.
- Configure agents to fail-over to alternate server endpoints.
- Use container orchestration (Kubernetes) for horizontal scaling of the management server.
Troubleshooting — common issues and fixes
- Agent not connecting:
- Check network reachability to server (curl https://server:8443).
- Verify TLS certificates and server name.
- Confirm token validity and time synchronization (NTP).
- Policy execution fails:
- Inspect server logs (/var/log/shutitdown/server.log).
- Check hook script permissions and environment.
- Failed graceful shutdown:
- Increase grace-period and add retries.
- Ensure processes respond to SIGTERM; update service unit files.
Security best practices
- Use mutual TLS between agents and server where possible.
- Rotate registration tokens regularly.
- Limit admin accounts and use RBAC to control who can execute shutdowns.
- Keep server and agents updated; apply security patches promptly.
- Audit logs for shutdown actions and approvals.
Example topology
- HA load balancer -> multiple shutitdown-rbs-server instances -> Postgres cluster
- Agents on each host (physical servers, VMs, cloud instances) connecting to servers via TLS
- Central logging and monitoring (Prometheus + Grafana, ELK)
Final checklist before production rollout
- [ ] Confirm backups/snapshots of critical hosts
- [ ] Use signed TLS certificates and enforce mTLS
- [ ] Configure external database and run migrations
- [ ] Create and test recovery procedures
- [ ] Implement monitoring and alerting
- [ ] Conduct controlled rollout and verify agent behavior
If you want, I can generate example policy JSON/YAML, sample systemd unit files for custom hooks, or a Windows PowerShell pre-shutdown script for integration — tell me which you’d like.
Leave a Reply