Resetting the root password on a PhotonOS based appliance in vRealize Orchestrator 8.x
search cancel

Resetting the root password on a PhotonOS based appliance in vRealize Orchestrator 8.x

book

Article ID: 325999

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Provide guidance in resetting a root password.

To recover the password, if lost or forgotten, follow the instructions located here:  Resetting the root password on Photon based appliance in vRealize Automation 8.x


Environment

VMware vRealize Orchestrator 8.x

Resolution

Ensure there are valid backups before performing these actions.
  1. SSH into the vRealize Orchestrator 8.x appliance with the root account
  2. Change the root password:
passwd
  1. Update the secret:
kubectl -n prelude create secret generic --dry-run=true vco-controlcenter-user-secret --from-literal=users.properties=`awk -F: '$1 == "root" {print "root="$2}' /etc/shadow` -o yaml | kubectl apply -f -

Note:  The additional - at the end is not a typo.
  1. Delete the Kubernetes pod:
kubectl delete pod `kubectl get pods -n prelude |grep vco-app|awk '{print $1}'` -n prelude

Note: Pod deletion does not destroy or remove data within the application.  Kubernetes handles this by maintaining a data volume in a differing location than the initialized container.
  1. Monitor the pod for redeployment / recreation:
kubectl get pods -n prelude --watch

Validation:

Compare current appliance root password with the secret stored within Control-Center:
  1. View current root password:
awk -F: '$1 == "root" {print "root="$2}' /etc/shadow
  1. View content of Control-Center secret:
kubectl get secret vco-controlcenter-user-secret -n prelude -o yaml|grep users.properties:|awk  '{print $2}' | base64 --decode
  1. Current password for Control-Center:
kubectl -n prelude exec -it -c vco-controlcenter-app `kubectl get pods -n prelude |grep vco-app|awk '{print $1}'` -- cat /usr/lib/vco/configuration/conf/users.properties
Powered by Wolken Software