From Contrail Service Orchestration (CSO) Release 3.3, CSO uses an algorithm to automatically generate a dynamic password for various components. These passwords are generated after the setup_assist.sh script successfully executes during installation. See Generating and Encrypting Passwords for Infrastructure Components.
This article explains how to retrieve these dynamic passwords at a later point in time, after CSO deployment and installation on premises.
Users may forget the dynamic passwords that were generated automatically during installation.
CSO 3.3
To retrieve these dynamic passwords at a later point in time on CSO 3.3, perform the following steps:
- Log in as
root to the Installer Virtual Machine from where the setup_assist.sh script was executed.
-
Access the Contrail Service Orchestration (CSO) directory. For example, if the name of the installer directory is Contrail_Service_Orchestration_Version, use:
root@host:~/# cd /~/Contrail_Service_Orchestration_Version/
-
Execute the following command to retrieve the dynamic passwords that were generated during installation:
./python.sh deploy_manager/utils/decrypt_password.py
CSO 5.1.2
To retrieve these dynamic passwords in CSO version 5.1.2, perform the following steps:
-
Log in as root to the "startupserver1" Virtual Machine.
root@CSOBMS:~# virsh list --all
Id Name State
----------------------------------------------------
1 k8-infra1 running
2 vrr1 running
3 monitoring1 running
4 contrail_analytics1 running
5 k8-microservices1 running
6 startupserver1 running
root@CSOBMS:~# ssh root@192.168.10.31
Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.4.0-141-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
21 packages can be updated.
0 updates are security updates.
Last login: Sat Oct 31 22:28:01 2020 from 192.168.10.1
root@startupserver1:~#
-
Access the Contrail Service Orchestration (CSO) directory. For example, if the name of the installer directory is Contrail_Service_Orchestration_Version, use:
root@startupserver1:~/Contrail_Service_Orchestration_5.1.2# pwd
/root/Contrail_Service_Orchestration_5.1.2
-
Execute the following command to retrieve the dynamic passwords that were generated during installation:
root@startupserver1:~/Contrail_Service_Orchestration_5.1.2# ./python.sh deploy_manager/utils/decrypt_password.py
UI Password for cspadmin user: abcd
Keystone Password for admin user: abcd
Arangodb root user password: abcd
Cassandra DB password for cassandra user: abcd
Cassandra DB password for casadmin user: abcd
Elasticsearch admin Password: abcd
Keystone Password for swift user: abcd
Mariadb Password for root/admin user: abcd
Mariadb Password for clusteruser user: abcd
Mariadb Password for cspadmin user: abcd
Mariadb Password for icinga user: abcd
Mariadb Password for keystone user: abcd
Password for appvisibilityDb database: abcd
Password for ecmDb database: abcd
Password for nedb database: abcd
Password for nfvodb database: abcd
Password for seciDb database: abcd
Password for smDb database: abcd
Password for vnfmdb database: abcd
Password for commonDb database: abcd
Prometheus user Password: abcd
Rabbitmq cspmq Password: abcd
Rabbitmq neuser Password: abcd
Rabbitmq Monitor password: abcd
Rabbitmq csm_user Password: abcd
Rabbitmq vnfm_user Password: abcd
Redis server Password: abcd
Zookeeper Password for admin user: abcd
Note: I have replaced the password with "abcd" for this article.
2020-11-10: Article updated with steps for retrieving encrypted password in CSO 5.1.2