Manually generating passwords

To manually generate the passwords:

1. Create the /passwords directory on the administrator device. Specify the path to the created directory in the external section of the configuration file using the vault_password_dirname setting.
2. Create a keystore.yml file and in that file, specify the passwords using the following settings:
   • ZABBIX_DB_SECRET is the root password of the Zabbix monitoring system database.
   • MONGO_ADMIN_SECRET is the administrator password of the MongoDB database.
   • MONGO_USER_SECRET is the user password of the MongoDB database. This password is used by the orchestrator.
   • CTL_CERT_SECRET is the password of the controller SSL certificate.
   • ORC_CERT_SECRET is the password of the orchestrator SSL certificate.
   • ORC_ENC_SECRET is the password for encrypting confidential data in the MongoDB database. Minimum length: 32 characters.
   • VNFM_CERT_SECRET is the password of the VNFM SSL certificate.

   For all passwords except ORC_ENC_SECRET, we recommend specifying at least 16 characters.

3. Create the vault_password.txt file and in that file, specify the master password.
4. Encrypt the keystore.yml file:
   • If you want to encrypt the keystore.yml file in attended mode:

     ansible-vault encrypt --ask-vault-pass keystore.yml

   • If you want to encrypt the keystore.yml file in unattended mode:

     ansible-vault encrypt --vault-password-file vault_password.txt keystore.yml

The passwords are generated and encrypted.

See also About the attended, unattended, and partially attended action modes Replacement of a failed controller node

Page top