About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
How To
Summary
Users reported an issue where they needed to update the database password for their noobaa database, which has the Postgres credentials for all of the pods. This technical note provides the basic steps on how to update the credentials.
Environment
Noobaa Data Gateway 4.x running on Red Hat OpenShift 4.x
Steps
- Log in to the Red Hat® OpenShift® cluster from the CLI using the oc command as a user with the "cluster-admin" permission.
- Switch to the OpenShift project named "nooba" with the following command:
oc project noobaa - Scale down the nooba-operator pod with the following command:
oc scale deployment noobaa-operator --replicas 0 - Scale down both the nooba-core and nooba endpoints:
oc scale statefulset noobaa-core --replicas 0 oc scale deployment noobaa-endpoint --replicas 0 - To log in to the nooba-dg-pg-0 pod, type:
oc exec -it noobaa-db-pg-0 -- bash - To connect to the nbcore database as user noobaa and update the password for the noobaa user in PSQL, type:
psql -U noobaa -d nbcore -c "ALTER USER noobaa WITH PASSWORD 'myNewPassword'"Where myNewPassword is an administrator defined password that complies with your corporate standards. -
To exit and logout of the nooba-dg-pg-0 pod, type:
exit - For all pods to be able to use the new password, the noobaa-db secret must be updated. Administrators can edit the secrets file in the noobaa-db by typing:
The following information is displayed:oc edit secrets noobaa-db# Please edit the object below. Lines beginning with a '#' will be ignored, # and an empty file will abort the edit. If an error occurs while saving this file will be # reopened with the relevant failures. # apiVersion: v1 data: password: YmxhYmxh user: bm9vYmFh stringData: # <<<===== add stringData password: "myNewPassword" # <<<===== write new password as string (not base64) kind: Secret metadata: creationTimestamp: "2024-01-16T08:39:57Z" labels: app: noobaa name: noobaa-db namespace: test-58 ownerReferences: - apiVersion: noobaa.io/v1alpha1 blockOwnerDeletion: true controller: true kind: NooBaa name: noobaa uid: aaaabbbb-cccc-dddd-1111-123456789abc resourceVersion: "1145172" uid: ffffeeee-abcd-dbca-1212-123456789abc type: Opaque
-
After you update your secret, verify that the password has been changed with the following command:
oc get secrets noobaa-db -o yamlapiVersion: v1 data: password: bXlOZXdQYXNzd21111== # <<<==== new password in base64 user: bm9vYmFh kind: Secret metadata: creationTimestamp: "2024-02-14T08:39:57Z" labels: app: noobaa name: noobaa-db namespace: noobaa ownerReferences: - apiVersion: noobaa.io/v1alpha1 blockOwnerDeletion: true controller: true kind: NooBaa name: noobaa uid: aaaabbbb-cccc-dddd-1111-123456789abc resourceVersion: "1145805" uid: ffffeeee-abcd-dbca-1212-123456789abc type: Opaque - Finally scale the noobaa-endpoint, noobaa-core, and noobaa-operator pods with the following commands:
oc scale deployment noobaa-endpoint --replicas 1 oc scale statefulset noobaa-core --replicas 1 oc scale deployment noobaa-operator --replicas 1
Results
After the pods are deployed, the Postgres password and secret is applied. Administrators can log out of the command-line or contact IBM Support if you have questions about the content in this technical note.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTDPP","label":"IBM Cloud Pak for Security"},"ARM Category":[{"code":"a8m3p000000PCQYAA4","label":"OpenShift-\u003EInfrastructure"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
More support for:
IBM Cloud Pak for Security
Component:
OpenShift->Infrastructure
Software version:
All Versions
Document number:
7117897
Modified date:
15 February 2024
UID
ibm17117897
Manage My Notification Subscriptions