incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Brockmeier (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-400) Document procedure to update CloudStack MySQL account password
Date Fri, 02 Nov 2012 02:46:13 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13489216#comment-13489216
] 

Joe Brockmeier commented on CLOUDSTACK-400:
-------------------------------------------

Hi Kirk,

What area(s) of the documentation do you think this is appropriate for? (Admin guide?) 

Thanks,

Joe
                
> Document procedure to update CloudStack MySQL account password
> --------------------------------------------------------------
>
>                 Key: CLOUDSTACK-400
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-400
>             Project: CloudStack
>          Issue Type: Improvement
>          Components: Doc
>    Affects Versions: 4.0.0
>            Reporter: Kirk Kosinski
>            Assignee: Radhika Nair
>            Priority: Minor
>              Labels: adminguide, database, mysql
>
> An administrator may occasionally want to change the password for the MySQL account used
by CloudStack. When password encryption is used as recommended, this procedure is complicated
and should be documented. I wrote the following procedure for the "file" encryption type and
QA verified it. The procedure for "web" encryption is likely similar. It may also be useful
to include a procedure for no encryption.
> 1. Stop CloudStack and (if applicable) the usage engine.
> service cloud-management stop
> service cloud-usage stop
> 2. Update the password for the CloudStack user on the MySQL server. Open a
> MySQL prompt:
> mysql -u root -p
> Run the following:
> update mysql.user set password=PASSWORD("newpassword123") where User='cloud';
> flush privileges;
> And exit the prompt:
> quit
> 3. Encrypt the password and copy the resulting ciphertext:
> java -classpath /usr/share/java/cloud-jasypt-1.8.jar
> org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI encrypt.sh
> input="newpassword123" password="`cat /etc/cloud/management/key`" verbose=false
> Note: If using db.cloud.encryption.type=web, use:
> password="management_server_secret_key"
> 4. Update /etc/cloud/management/db.properties with the new ciphertext:
> db.cloud.password=ENC(encrypted_password_from_above)
> db.usage.password=ENC(encrypted_password_from_above)
> 5. Start CloudStack and (if applicable) the usage engine.
> service cloud-management start
> service cloud-usage start 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message