Kirk Kosinski created CLOUDSTACK-400:
----------------------------------------
Summary: Document procedure to update CloudStack MySQL account
password
Key: CLOUDSTACK-400
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-400
Project: CloudStack
Issue Type: Improvement
Components: Doc
Affects Versions: 4.0.0
Reporter: Kirk Kosinski
Priority: Minor
An administrator may occasionally want to change the password for the MySQL
account used by CloudStack. When password encryption is used as recommended,
this procedure is complicated and should be documented. I wrote the following
procedure for the "file" encryption type and QA verified it. The procedure for
"web" encryption is likely similar. It may also be useful to include a
procedure for no encryption.
1. Stop CloudStack and (if applicable) the usage engine.
service cloud-management stop
service cloud-usage stop
2. Update the password for the CloudStack user on the MySQL server. Open a
MySQL prompt:
mysql -u root -p
Run the following:
update mysql.user set password=PASSWORD("newpassword123") where User='cloud';
flush privileges;
And exit the prompt:
quit
3. Encrypt the password and copy the resulting ciphertext:
java -classpath /usr/share/java/cloud-jasypt-1.8.jar
org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI encrypt.sh
input="newpassword123" password="`cat /etc/cloud/management/key`" verbose=false
Note: If using db.cloud.encryption.type=web, use:
password="management_server_secret_key"
4. Update /etc/cloud/management/db.properties with the new ciphertext:
db.cloud.password=ENC(encrypted_password_from_above)
db.usage.password=ENC(encrypted_password_from_above)
5. Start CloudStack and (if applicable) the usage engine.
service cloud-management start
service cloud-usage start
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
