An administrator may occasionally want to change the password for the MySQL account used by CloudStack. When password encryption is used as recommended, this procedure is complicated and should be documented. I wrote the following procedure for the "file" encryption type and QA verified it. The procedure for "web" encryption is likely similar. It may also be useful to include a procedure for no encryption.
1. Stop CloudStack and (if applicable) the usage engine.
service cloud-management stop
service cloud-usage stop
2. Update the password for the CloudStack user on the MySQL server. Open a
mysql -u root -p
Run the following:
update mysql.user set password=PASSWORD("newpassword123") where User='cloud';
And exit the prompt:
3. Encrypt the password and copy the resulting ciphertext:
java -classpath /usr/share/java/cloud-jasypt-1.8.jar
input="newpassword123" password="`cat /etc/cloud/management/key`" verbose=false
Note: If using db.cloud.encryption.type=web, use:
4. Update /etc/cloud/management/db.properties with the new ciphertext:
5. Start CloudStack and (if applicable) the usage engine.
service cloud-management start
service cloud-usage start