Good stuff. For future readers of this thread I've put together a step by step of the process: http://dave.ie/cloudstack-change-vcenter-username-and-password/
Cheers, Dave On 8 April 2013 15:32, Fabrice Brazier <fabrice.braz...@apalia.net> wrote: > Hi David, > > Many thanks! It's working like a charm. > > Regards, > Fabrice > > > -----Message d'origine----- > De : David Comerford [mailto:davest...@gmail.com] > Envoyé : jeudi 4 avril 2013 22:58 > À : users@cloudstack.apache.org > Objet : Re: reopened - "CS failed after changing vcenter password" > > I finely tuned that SQL query to get the host ID and password of the > VMware hosts. > Makes it slightly easier to make an accurate update on those hosts. > > SELECT host.id,host.hypervisor_type,host_details.name,host_details.value > FROM host_details JOIN host > WHERE host_details.host_id=host.id > AND host.hypervisor_type='VMware' > AND host_details.name='password'; > > > On 4 April 2013 20:10, David Comerford <davest...@gmail.com> wrote: > > > Get your encryption key from /etc/cloud/management/key (default is > > 'password') > > > > # Encrypt the new password 'dave-says-hi' with key 'password' > > java -classpath /usr/share/java/cloud-jasypt-1.8.jar > > org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI encrypt.sh > > input="dave-says-hi" password="password" verbose=false > > > > # Decrypt the ciphertext with the same key 'password' > > java -classpath /usr/share/java/cloud-jasypt-1.8.jar > > org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh > > input="S0TXOpxss68b2/RHicePqyXwrMje+OaI" password="password" > > verbose=false > > > > Interestingly the encryption command will spit out different output > > every time you run it. Well I think that's interesting anyway. > > > > Regards, > > Dave Comerford > > > > > > On 4 April 2013 19:30, Fabrice Brazier <fabrice.braz...@apalia.net> > wrote: > > > >> Thanks David and Geoff. In my environment the password is the same > >> for every hosts. > >> But in the host_details table the password seems to be encrypted and > >> the value is different for each host. > >> > >> What is the encryption process ? > >> > >> Thanks, > >> Fabrice > >> > >> > >> -----Message d'origine----- > >> De : David Comerford [mailto:davest...@gmail.com] Envoyé : jeudi 4 > >> avril 2013 20:22 À : users@cloudstack.apache.org Objet : Re: reopened > >> - "CS failed after changing vcenter password" > >> > >> Fabrice, > >> > >> The vCenter password is stored in cloud.host_details table. > >> > select * from host_details WHERE name='password'; > >> > >> Sorry I can't get at my lab to give you the exact UPDATE query at the > >> moment. > >> > >> Regards, > >> Dave Comerford > >> > >> On 4 April 2013 18:23, Geoff Higginbottom > >> <geoff.higginbot...@shapeblue.com>wrote: > >> > >> > Hi Fabrice, > >> > > >> > These were taken from a set of instructions we did for a > >> > CloudPlatform build a while back, it looks like the DB Schema may > >> > have changed a little since then, but the latest admin guide still > >> > has the same example > >> in it. > >> > > >> > The actual password is stored in cloud.host.details, and you need > >> > to cross reference the 'host_id' with the id from the cloud.host > >> > table > >> > > >> > Regards > >> > > >> > Geoff Higginbottom > >> > > >> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > >> > > >> > geoff.higginbot...@shapeblue.com > >> > > >> > > >> > -----Original Message----- > >> > From: Fabrice Brazier [mailto:fabrice.braz...@apalia.net] > >> > Sent: 04 April 2013 18:18 > >> > To: users@cloudstack.apache.org > >> > Subject: RE: reopened - "CS failed after changing vcenter password" > >> > > >> > Hi Geoff, > >> > > >> > This command doesn't work: > >> > update cloud.host set password='password' where id=5 or id=10 or > >> > id=12; > >> > > >> > There is no "password" column in the host table. > >> > > >> > Regards, > >> > Fabrice > >> > > >> > -----Message d'origine----- > >> > De : Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] > >> > Envoyé : jeudi 4 avril 2013 18:47 > >> > À : users@cloudstack.apache.org > >> > Objet : RE: reopened - "CS failed after changing vcenter password" > >> > > >> > Hi Fabrice, > >> > > >> > To change the Passwords for ESXi try this procedure. > >> > > >> > To change host passwords the password must be changed on both the > >> > host and in the CloudStack database. > >> > > >> > ESXi > >> > 1. Connect to the vCenter server using the vSphere client. > >> > 2. Navigate to Home > Management > Host Profiles > >> > 3. Right-click on the host profile and select Edit Profile > >> > 4. Expand 'Security Configuration' and select 'Administrator > >> > password' > >> > 5. Select 'configure a fixed administrator password' and enter > and > >> > confirm the new password and click OK. > >> > 6. Click on the 'Hosts and Clusters' tab > >> > 7. Right click on each of the clusters and select 'check > >> compliance' > >> > in turn. > >> > 8. Hold down the CTRL key and select all of the clusters and > select > >> > Apply Profile. > >> > 9. Review the tasks which are displayed on screen and confirm > (by > >> > clicking Finish). > >> > > >> > > >> > CloudStack > >> > The password for a XenServer Node, KVM Node, or vSphere Node may be > >> > changed in the database. Note that all Nodes in a Cluster must have > >> > the same password. To change a Node's password: > >> > > >> > 1. Identify all hosts in the cluster. > >> > 2. Change the password on all hosts in the cluster. Now the > >> password > >> > for the host and the password known to CloudStack will not match. > >> > Operations on the cluster will fail until the two passwords match. > >> > 3. Get the list of host IDs for the host in the cluster where > you > >> are > >> > changing the password. You will need to access the database to > >> > determine these host IDs. For each hostname "h" (or vSphere > >> > cluster) that you are changing the password for, execute: > >> > > >> > mysql> select id from cloud.host where name like '%h%'; This > >> > should return a single ID. Record the set of such IDs for these > hosts. > >> > 4. Update the passwords for the host in the database. In this > >> > example, we change the passwords for hosts with IDs 5, 10, and 12 > >> > to "password". > >> > mysql> update cloud.host set password='password' where id=5 or > >> > mysql> id=10 or id=12; > >> > > >> > > >> > Regards > >> > > >> > Geoff Higginbottom > >> > > >> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > >> > > >> > geoff.higginbot...@shapeblue.com > >> > > >> > > >> > -----Original Message----- > >> > From: Fabrice Brazier [mailto:fabrice.braz...@apalia.net] > >> > Sent: 04 April 2013 17:38 > >> > To: cloudstack-us...@incubator.apache.org > >> > Subject: reopened - "CS failed after changing vcenter password" > >> > > >> > Hi All, > >> > > >> > I'm using CloudStack 3.0.2. I need to update the vCenter password > >> > for every hosts in the zone. > >> > I tried using API updateHostPassword: > >> > http://download.cloud.com/releases/3.0.0/api_3.0.0/root_admin/updat > >> > eHo > >> > stPa > >> > ssword.html > >> > http://wiki.cloudstack.org/pages/viewpage.action?pageId=14322288 > >> > > >> > Everytime the same result: > >> > <errorcode>431</errorcode> > >> > <cserrorcode>4490</cserrorcode> > >> > <errortext>This operation is not supported for this hypervisor > >> > type</errortext> > >> > > >> > I tried to manually update the cluster_details table but the > >> > previous password is still used (I can see the old password first > >> > letter in the cloud-management log file after restarting > cloud-management service). > >> > Does someone know the correct process for VMware ? > >> > > >> > Thanks, > >> > Fabrice > >> > > >> > -----Message d'origine----- > >> > De : Koushik Das [mailto:koushik....@citrix.com] Envoyé : lundi 25 > >> > février > >> > 2013 18:54 À : cloudstack-us...@incubator.apache.org; 'asicando' > >> > Objet : RE: CS failed after changing vcenter password > >> > > >> > One way is to update the vcenter password stored in CS db. Check > >> > cluster_details table. > >> > > >> > > -----Original Message----- > >> > > From: Jerry Jiang [mailto:jerry.ji...@tyxtech.com] > >> > > Sent: Monday, February 25, 2013 3:25 PM > >> > > To: cloudstack-us...@incubator.apache.org; 'asicando' > >> > > Subject: CS failed after changing vcenter password > >> > > > >> > > Hello all, > >> > > > >> > > Assumed I am using CS to manage vCenter host, if I changed > >> > > vCenter password from vcenter's UI. > >> > > > >> > > I found CS have to delete and re-add the vcenter back into CS. > >> > > But I can't operate the instances because UUID modified. > >> > > > >> > > How can I handle this situation? > >> > > > >> > > Thanks > >> > > > >> > > Jerry Jiang > >> > > > >> > > > >> > > >> > This email and any attachments to it may be confidential and are > >> > intended solely for the use of the individual to whom it is > addressed. > >> > Any views or opinions expressed are solely those of the author and > >> > do not necessarily represent those of Shape Blue Ltd or related > >> > companies. If you are not the intended recipient of this email, you > >> > must neither take any action based upon its contents, nor copy or > >> > show it to anyone. Please contact the sender if you believe you > >> > have received this email in error. Shape Blue Ltd is a company > >> > incorporated in England & Wales. ShapeBlue Services India LLP is > >> > operated under license from Shape Blue Ltd. ShapeBlue is a registered > trademark. > >> > > >> > This email and any attachments to it may be confidential and are > >> > intended solely for the use of the individual to whom it is > addressed. > >> > Any views or opinions expressed are solely those of the author and > >> > do not necessarily represent those of Shape Blue Ltd or related > >> > companies. If you are not the intended recipient of this email, you > >> > must neither take any action based upon its contents, nor copy or > >> > show it to anyone. Please contact the sender if you believe you > >> > have received this email in error. Shape Blue Ltd is a company > >> > incorporated in England & Wales. ShapeBlue Services India LLP is > >> > operated under license from Shape Blue Ltd. ShapeBlue is a registered > trademark. > >> > > >> > > >> > > > > >
