Hi David, Many thanks! It's working like a charm.
Regards, Fabrice -----Message d'origine----- De : David Comerford [mailto:davest...@gmail.com] Envoyé : jeudi 4 avril 2013 22:58 À : users@cloudstack.apache.org Objet : Re: reopened - "CS failed after changing vcenter password" I finely tuned that SQL query to get the host ID and password of the VMware hosts. Makes it slightly easier to make an accurate update on those hosts. SELECT host.id,host.hypervisor_type,host_details.name,host_details.value FROM host_details JOIN host WHERE host_details.host_id=host.id AND host.hypervisor_type='VMware' AND host_details.name='password'; On 4 April 2013 20:10, David Comerford <davest...@gmail.com> wrote: > Get your encryption key from /etc/cloud/management/key (default is > 'password') > > # Encrypt the new password 'dave-says-hi' with key 'password' > java -classpath /usr/share/java/cloud-jasypt-1.8.jar > org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI encrypt.sh > input="dave-says-hi" password="password" verbose=false > > # Decrypt the ciphertext with the same key 'password' > java -classpath /usr/share/java/cloud-jasypt-1.8.jar > org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh > input="S0TXOpxss68b2/RHicePqyXwrMje+OaI" password="password" > verbose=false > > Interestingly the encryption command will spit out different output > every time you run it. Well I think that's interesting anyway. > > Regards, > Dave Comerford > > > On 4 April 2013 19:30, Fabrice Brazier <fabrice.braz...@apalia.net> wrote: > >> Thanks David and Geoff. In my environment the password is the same >> for every hosts. >> But in the host_details table the password seems to be encrypted and >> the value is different for each host. >> >> What is the encryption process ? >> >> Thanks, >> Fabrice >> >> >> -----Message d'origine----- >> De : David Comerford [mailto:davest...@gmail.com] Envoyé : jeudi 4 >> avril 2013 20:22 À : users@cloudstack.apache.org Objet : Re: reopened >> - "CS failed after changing vcenter password" >> >> Fabrice, >> >> The vCenter password is stored in cloud.host_details table. >> > select * from host_details WHERE name='password'; >> >> Sorry I can't get at my lab to give you the exact UPDATE query at the >> moment. >> >> Regards, >> Dave Comerford >> >> On 4 April 2013 18:23, Geoff Higginbottom >> <geoff.higginbot...@shapeblue.com>wrote: >> >> > Hi Fabrice, >> > >> > These were taken from a set of instructions we did for a >> > CloudPlatform build a while back, it looks like the DB Schema may >> > have changed a little since then, but the latest admin guide still >> > has the same example >> in it. >> > >> > The actual password is stored in cloud.host.details, and you need >> > to cross reference the 'host_id' with the id from the cloud.host >> > table >> > >> > Regards >> > >> > Geoff Higginbottom >> > >> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 >> > >> > geoff.higginbot...@shapeblue.com >> > >> > >> > -----Original Message----- >> > From: Fabrice Brazier [mailto:fabrice.braz...@apalia.net] >> > Sent: 04 April 2013 18:18 >> > To: users@cloudstack.apache.org >> > Subject: RE: reopened - "CS failed after changing vcenter password" >> > >> > Hi Geoff, >> > >> > This command doesn't work: >> > update cloud.host set password='password' where id=5 or id=10 or >> > id=12; >> > >> > There is no "password" column in the host table. >> > >> > Regards, >> > Fabrice >> > >> > -----Message d'origine----- >> > De : Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] >> > Envoyé : jeudi 4 avril 2013 18:47 >> > À : users@cloudstack.apache.org >> > Objet : RE: reopened - "CS failed after changing vcenter password" >> > >> > Hi Fabrice, >> > >> > To change the Passwords for ESXi try this procedure. >> > >> > To change host passwords the password must be changed on both the >> > host and in the CloudStack database. >> > >> > ESXi >> > 1. Connect to the vCenter server using the vSphere client. >> > 2. Navigate to Home > Management > Host Profiles >> > 3. Right-click on the host profile and select Edit Profile >> > 4. Expand 'Security Configuration' and select 'Administrator >> > password' >> > 5. Select 'configure a fixed administrator password' and enter and >> > confirm the new password and click OK. >> > 6. Click on the 'Hosts and Clusters' tab >> > 7. Right click on each of the clusters and select 'check >> compliance' >> > in turn. >> > 8. Hold down the CTRL key and select all of the clusters and select >> > Apply Profile. >> > 9. Review the tasks which are displayed on screen and confirm (by >> > clicking Finish). >> > >> > >> > CloudStack >> > The password for a XenServer Node, KVM Node, or vSphere Node may be >> > changed in the database. Note that all Nodes in a Cluster must have >> > the same password. To change a Node's password: >> > >> > 1. Identify all hosts in the cluster. >> > 2. Change the password on all hosts in the cluster. Now the >> password >> > for the host and the password known to CloudStack will not match. >> > Operations on the cluster will fail until the two passwords match. >> > 3. Get the list of host IDs for the host in the cluster where you >> are >> > changing the password. You will need to access the database to >> > determine these host IDs. For each hostname "h" (or vSphere >> > cluster) that you are changing the password for, execute: >> > >> > mysql> select id from cloud.host where name like '%h%'; This >> > should return a single ID. Record the set of such IDs for these hosts. >> > 4. Update the passwords for the host in the database. In this >> > example, we change the passwords for hosts with IDs 5, 10, and 12 >> > to "password". >> > mysql> update cloud.host set password='password' where id=5 or >> > mysql> id=10 or id=12; >> > >> > >> > Regards >> > >> > Geoff Higginbottom >> > >> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 >> > >> > geoff.higginbot...@shapeblue.com >> > >> > >> > -----Original Message----- >> > From: Fabrice Brazier [mailto:fabrice.braz...@apalia.net] >> > Sent: 04 April 2013 17:38 >> > To: cloudstack-us...@incubator.apache.org >> > Subject: reopened - "CS failed after changing vcenter password" >> > >> > Hi All, >> > >> > I'm using CloudStack 3.0.2. I need to update the vCenter password >> > for every hosts in the zone. >> > I tried using API updateHostPassword: >> > http://download.cloud.com/releases/3.0.0/api_3.0.0/root_admin/updat >> > eHo >> > stPa >> > ssword.html >> > http://wiki.cloudstack.org/pages/viewpage.action?pageId=14322288 >> > >> > Everytime the same result: >> > <errorcode>431</errorcode> >> > <cserrorcode>4490</cserrorcode> >> > <errortext>This operation is not supported for this hypervisor >> > type</errortext> >> > >> > I tried to manually update the cluster_details table but the >> > previous password is still used (I can see the old password first >> > letter in the cloud-management log file after restarting cloud-management service). >> > Does someone know the correct process for VMware ? >> > >> > Thanks, >> > Fabrice >> > >> > -----Message d'origine----- >> > De : Koushik Das [mailto:koushik....@citrix.com] Envoyé : lundi 25 >> > février >> > 2013 18:54 À : cloudstack-us...@incubator.apache.org; 'asicando' >> > Objet : RE: CS failed after changing vcenter password >> > >> > One way is to update the vcenter password stored in CS db. Check >> > cluster_details table. >> > >> > > -----Original Message----- >> > > From: Jerry Jiang [mailto:jerry.ji...@tyxtech.com] >> > > Sent: Monday, February 25, 2013 3:25 PM >> > > To: cloudstack-us...@incubator.apache.org; 'asicando' >> > > Subject: CS failed after changing vcenter password >> > > >> > > Hello all, >> > > >> > > Assumed I am using CS to manage vCenter host, if I changed >> > > vCenter password from vcenter's UI. >> > > >> > > I found CS have to delete and re-add the vcenter back into CS. >> > > But I can't operate the instances because UUID modified. >> > > >> > > How can I handle this situation? >> > > >> > > Thanks >> > > >> > > Jerry Jiang >> > > >> > > >> > >> > This email and any attachments to it may be confidential and are >> > intended solely for the use of the individual to whom it is addressed. >> > Any views or opinions expressed are solely those of the author and >> > do not necessarily represent those of Shape Blue Ltd or related >> > companies. If you are not the intended recipient of this email, you >> > must neither take any action based upon its contents, nor copy or >> > show it to anyone. Please contact the sender if you believe you >> > have received this email in error. Shape Blue Ltd is a company >> > incorporated in England & Wales. ShapeBlue Services India LLP is >> > operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. >> > >> > This email and any attachments to it may be confidential and are >> > intended solely for the use of the individual to whom it is addressed. >> > Any views or opinions expressed are solely those of the author and >> > do not necessarily represent those of Shape Blue Ltd or related >> > companies. If you are not the intended recipient of this email, you >> > must neither take any action based upon its contents, nor copy or >> > show it to anyone. Please contact the sender if you believe you >> > have received this email in error. Shape Blue Ltd is a company >> > incorporated in England & Wales. ShapeBlue Services India LLP is >> > operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. >> > >> > >> > >