Hi David,

Many thanks! It's working like a charm.

Regards,
Fabrice


-----Message d'origine-----
De : David Comerford [mailto:davest...@gmail.com]
Envoyé : jeudi 4 avril 2013 22:58
À : users@cloudstack.apache.org
Objet : Re: reopened - "CS failed after changing vcenter password"

I finely tuned that SQL query to get the host ID and password of the
VMware hosts.
Makes it slightly easier to make an accurate update on those hosts.

SELECT host.id,host.hypervisor_type,host_details.name,host_details.value
FROM host_details JOIN host
WHERE host_details.host_id=host.id
AND host.hypervisor_type='VMware'
AND host_details.name='password';


On 4 April 2013 20:10, David Comerford <davest...@gmail.com> wrote:

> Get your encryption key from /etc/cloud/management/key   (default is
> 'password')
>
> # Encrypt the new password 'dave-says-hi' with key 'password'
> java -classpath /usr/share/java/cloud-jasypt-1.8.jar
> org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI encrypt.sh
> input="dave-says-hi" password="password" verbose=false
>
> # Decrypt the ciphertext with the same key 'password'
>  java -classpath /usr/share/java/cloud-jasypt-1.8.jar
> org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh
> input="S0TXOpxss68b2/RHicePqyXwrMje+OaI" password="password"
> verbose=false
>
> Interestingly the encryption command will spit out different output
> every time you run it. Well I think that's interesting anyway.
>
> Regards,
> Dave Comerford
>
>
> On 4 April 2013 19:30, Fabrice Brazier <fabrice.braz...@apalia.net>
wrote:
>
>> Thanks David and Geoff. In my environment the password is the same
>> for every hosts.
>> But in the host_details table the password seems to be encrypted and
>> the value is different for each host.
>>
>> What is the encryption process ?
>>
>> Thanks,
>> Fabrice
>>
>>
>> -----Message d'origine-----
>> De : David Comerford [mailto:davest...@gmail.com] Envoyé : jeudi 4
>> avril 2013 20:22 À : users@cloudstack.apache.org Objet : Re: reopened
>> - "CS failed after changing vcenter password"
>>
>> Fabrice,
>>
>> The vCenter password is stored in cloud.host_details table.
>> > select * from host_details WHERE name='password';
>>
>> Sorry I can't get at my lab to give you the exact UPDATE query at the
>> moment.
>>
>> Regards,
>> Dave Comerford
>>
>> On 4 April 2013 18:23, Geoff Higginbottom
>> <geoff.higginbot...@shapeblue.com>wrote:
>>
>> > Hi Fabrice,
>> >
>> > These were taken from a set of instructions we did for a
>> > CloudPlatform build a while back, it looks like the DB Schema may
>> > have changed a little since then, but the latest admin guide still
>> > has the same example
>> in it.
>> >
>> > The actual password is stored in cloud.host.details, and you need
>> > to cross reference the 'host_id' with the id from the cloud.host
>> > table
>> >
>> > Regards
>> >
>> > Geoff Higginbottom
>> >
>> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>> >
>> > geoff.higginbot...@shapeblue.com
>> >
>> >
>> > -----Original Message-----
>> > From: Fabrice Brazier [mailto:fabrice.braz...@apalia.net]
>> > Sent: 04 April 2013 18:18
>> > To: users@cloudstack.apache.org
>> > Subject: RE: reopened - "CS failed after changing vcenter password"
>> >
>> > Hi Geoff,
>> >
>> > This command doesn't work:
>> > update cloud.host set password='password' where id=5 or id=10 or
>> > id=12;
>> >
>> > There is no "password" column in the host table.
>> >
>> > Regards,
>> > Fabrice
>> >
>> > -----Message d'origine-----
>> > De : Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com]
>> > Envoyé : jeudi 4 avril 2013 18:47
>> > À : users@cloudstack.apache.org
>> > Objet : RE: reopened - "CS failed after changing vcenter password"
>> >
>> > Hi Fabrice,
>> >
>> > To change the Passwords for ESXi try this procedure.
>> >
>> > To change host passwords the password must be changed on both the
>> > host and in the CloudStack database.
>> >
>> > ESXi
>> > 1.      Connect to the vCenter server using the vSphere client.
>> > 2.      Navigate to Home > Management > Host Profiles
>> > 3.      Right-click on the host profile and select Edit Profile
>> > 4.      Expand 'Security Configuration' and select 'Administrator
>> > password'
>> > 5.      Select 'configure a fixed administrator password' and enter
and
>> > confirm the new password and click OK.
>> > 6.      Click on the 'Hosts and Clusters' tab
>> > 7.      Right click on each of the clusters and select 'check
>> compliance'
>> > in turn.
>> > 8.      Hold down the CTRL key and select all of the clusters and
select
>> > Apply Profile.
>> > 9.      Review the tasks which are displayed on screen and confirm
(by
>> > clicking Finish).
>> >
>> >
>> > CloudStack
>> > The password for a XenServer Node, KVM Node, or vSphere Node may be
>> > changed in the database. Note that all Nodes in a Cluster must have
>> > the same password. To change a Node's password:
>> >
>> > 1.      Identify all hosts in the cluster.
>> > 2.      Change the password on all hosts in the cluster. Now the
>> password
>> > for the host and the password known to CloudStack will not match.
>> > Operations on the cluster will fail until the two passwords match.
>> > 3.      Get the list of host IDs for the host in the cluster where
you
>> are
>> > changing the password. You will need to access the database to
>> > determine these host IDs. For each hostname "h" (or vSphere
>> > cluster) that you are changing the password for, execute:
>> >
>> >  mysql> select id from cloud.host where name like '%h%'; This
>> > should return a single ID. Record the set of such IDs for these
hosts.
>> > 4.      Update the passwords for the host in the database. In this
>> > example, we change the passwords for hosts with IDs 5, 10, and 12
>> > to "password".
>> > mysql> update cloud.host set password='password' where id=5 or
>> > mysql> id=10 or id=12;
>> >
>> >
>> > Regards
>> >
>> > Geoff Higginbottom
>> >
>> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>> >
>> > geoff.higginbot...@shapeblue.com
>> >
>> >
>> > -----Original Message-----
>> > From: Fabrice Brazier [mailto:fabrice.braz...@apalia.net]
>> > Sent: 04 April 2013 17:38
>> > To: cloudstack-us...@incubator.apache.org
>> > Subject: reopened - "CS failed after changing vcenter password"
>> >
>> > Hi All,
>> >
>> > I'm using CloudStack 3.0.2. I need to update the vCenter password
>> > for every hosts in the zone.
>> > I tried using API updateHostPassword:
>> > http://download.cloud.com/releases/3.0.0/api_3.0.0/root_admin/updat
>> > eHo
>> > stPa
>> > ssword.html
>> > http://wiki.cloudstack.org/pages/viewpage.action?pageId=14322288
>> >
>> > Everytime the same result:
>> > <errorcode>431</errorcode>
>> > <cserrorcode>4490</cserrorcode>
>> > <errortext>This operation is not supported for this hypervisor
>> > type</errortext>
>> >
>> > I tried to manually update the cluster_details table but the
>> > previous password is still used (I can see the old password first
>> > letter in the cloud-management log file after restarting
cloud-management service).
>> > Does someone know the correct process for VMware ?
>> >
>> > Thanks,
>> > Fabrice
>> >
>> > -----Message d'origine-----
>> > De : Koushik Das [mailto:koushik....@citrix.com] Envoyé : lundi 25
>> > février
>> > 2013 18:54 À : cloudstack-us...@incubator.apache.org; 'asicando'
>> > Objet : RE: CS failed after changing vcenter password
>> >
>> > One way is to update the vcenter password stored in CS db. Check
>> > cluster_details table.
>> >
>> > > -----Original Message-----
>> > > From: Jerry Jiang [mailto:jerry.ji...@tyxtech.com]
>> > > Sent: Monday, February 25, 2013 3:25 PM
>> > > To: cloudstack-us...@incubator.apache.org; 'asicando'
>> > > Subject: CS failed after changing vcenter password
>> > >
>> > > Hello all,
>> > >
>> > > Assumed I am using CS to manage vCenter host, if I changed
>> > > vCenter password from vcenter's UI.
>> > >
>> > > I found CS have to delete and re-add the vcenter back into CS.
>> > > But I can't operate the instances because UUID modified.
>> > >
>> > > How can I handle this situation?
>> > >
>> > > Thanks
>> > >
>> > > Jerry Jiang
>> > >
>> > >
>> >
>> > This email and any attachments to it may be confidential and are
>> > intended solely for the use of the individual to whom it is
addressed.
>> > Any views or opinions expressed are solely those of the author and
>> > do not necessarily represent those of Shape Blue Ltd or related
>> > companies. If you are not the intended recipient of this email, you
>> > must neither take any action based upon its contents, nor copy or
>> > show it to anyone. Please contact the sender if you believe you
>> > have received this email in error. Shape Blue Ltd is a company
>> > incorporated in England & Wales. ShapeBlue Services India LLP is
>> > operated under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.
>> >
>> > This email and any attachments to it may be confidential and are
>> > intended solely for the use of the individual to whom it is
addressed.
>> > Any views or opinions expressed are solely those of the author and
>> > do not necessarily represent those of Shape Blue Ltd or related
>> > companies. If you are not the intended recipient of this email, you
>> > must neither take any action based upon its contents, nor copy or
>> > show it to anyone. Please contact the sender if you believe you
>> > have received this email in error. Shape Blue Ltd is a company
>> > incorporated in England & Wales. ShapeBlue Services India LLP is
>> > operated under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.
>> >
>> >
>>
>
>

Reply via email to