⁠Appendix B. Passwords

When Packstack deploys OpenStack, it stores passwords in various configuration files. This section describes storage locations and password-update commands.

⁠B.1. Password Locations

This section describes the password location for each user and service deployed by Packstack. All files except nova.conf are located on the controller node; nova.conf is located on each compute node.

⁠

Table B.1. User passwords

Service	File Location	Parameter
Admin user	`~/keystonerc_admin`	`OS_PASSWORD`
	`/etc/keystone/keystone.conf`	`[database] connection`
	`/etc/sahara/sahara.conf`	`[keystone_authtoken] admin_password`
	`/etc/trove/trove.conf`	`[DEFAULT] nova_proxy_admin_pass`
Demo user	`~/keystonerc_demo`	`OS_PASSWORD`

⁠

Table B.2. Service name and passwords

Service	File Location	Parameter
Bare Metal Provisioning (ironic)	`/etc/ironic/ironic.conf`	`[database] connection`
	`/etc/nova/nova.conf`	`[ironic] admin_password`
Block Storage (cinder)	`/etc/cinder/cinder.conf`	`[database] connection`
Compute (nova)	`/etc/neutron/neutron.conf`	`[DEFAULT] nova_admin_password`
	`/etc/nova/nova.conf`	`[DEFAULT] sql_connection`
Data Processing (sahara)	`/etc/sahara/sahara.conf`	`[database] connection`
Database-as-a-Service (trove)	`/etc/trove/trove.conf`	`[DEFAULT] sql_connection`
Image (glance)	`/etc/glance/glance-api.conf`	`[database] connection`
MariaDB Database	`~/.my.cnf`	`password`
Object Storage (swift)	`/etc/swift/proxy-server.conf`	`[filter:authtoken] admin_password`
OpenStack Networking (neutron)	`/etc/neutron/neutron.conf`	`[keystone_authtoken] admin_password`
	`/etc/nova/nova.conf`	`[neutron] admin_password`
Orchestration (heat)	`/etc/heat/heat.conf`	`[database] connection`
	`/etc/heat/heat.conf`	`[keystone_authtoken] admin_password`
Nagios	`/etc/nagios/passwd`	`user:passwd`
RabbitMQ	`/etc/ceilometer/ceilometer.conf` `/etc/cinder/cinder.conf` `/etc/glance/glance-api.conf` `/etc/heat/heat.conf` `/etc/ironic/ironic.conf` `/etc/keystone/keystone.conf` `/etc/neutron/neutron.conf` `/etc/nova/nova.conf` `/etc/sahara/sahara.conf` `/etc/trove/trove.conf`	`[DEFAULT] rabbit_password`
Telemetry (ceilometer)	`/etc/ceilometer/ceilometer.conf`	`[keystone_authtoken] admin_password` `[service_credentials] os_password`

Note

For files containing a connection or sql_connection parameter, use the following syntax:

PARAMETER = mysql://SERVICE_USER:USER_PASSWORD@DB_IP/SERVICE_DB

Where:

SERVICE_USER is the service user's name
USER_PASSWORD is the MySQL password for the Image service
DB_IP is the database host's IP address
SERVICE_DB is the database name

An example entry for the Image service user might be:

connection = mysql://glance:12345678abcdefgh@192.0.43.10/glance