[jira] [Created] (CLOUDSTACK-4185) [upgrade][2.2.14 to 4.2][vmware]Need to encrypt the vCenter password manually and add to the cluster_details table and vmware_data_center table after upgrade.

[Abhinav Roy (JIRA)]

Abhinav Roy created CLOUDSTACK-4185:
---------------------------------------

             Summary: [upgrade][2.2.14 to 4.2][vmware]Need to encrypt the 
vCenter password manually and add to the cluster_details table and 
vmware_data_center table after upgrade.
                 Key: CLOUDSTACK-4185
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4185
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Doc
    Affects Versions: 4.2.0
            Reporter: Abhinav Roy
            Priority: Critical
             Fix For: 4.2.0


In the release notes where we document about the upgrades from 2.2.x to 4.2 on 
ESXi hosts, we need to document this.
=========================================================================================
1. upgrade from 2.2.14 to 4.2 using "U" in install.sh script.
2. run cloudstack-setup-encrytpion 

Now, generate the encrypted equivalent of your vCenter password ......

3.  java -classpath /usr/share/cloudstack-common/lib/jasypt-1.9.0.jar 
org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI encrypt.sh 
input="_your_vCenter_password_" password="`cat /etc/cloudstack/management/key`" 
verbose=false

Store the output from this step, we need to add this in cluster_details table 
and vmware_data_center tables in place of the plaintext password.

4. Find the id of the correct row of cluster_details to update... i.e. the row 
with the plain text password:

    select * from cloud.cluster_details;

5. update the plain text password with the encrypted one (be very careful to 
update the correct row):

    update cloud.cluster_details set value = '_ciphertext_from_step_3_' where 
id = _id_from_step_4_;

6. Check the table again to confirm it looks good:

select * from cloud.cluster_details;

7. Find the id of the correct row of vmware_data_center to update... i.e. the 
row with the plain text password:

    select * from cloud.vmware_data_center;

8. update the plain text password with the encrypted one (be very careful to 
update the correct row):

    update cloud.vmware_data_center set password = '_ciphertext_from_step_3_' 
where id = _id_from_step_7_;

9. Check the table again to confirm it looks good:

   select * from cloud.vmware_data_center;

10. Start the cloudstack management server

   service cloudstack-management start

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira