How To Change Engine Database Password for OLVM Engine

This post illustrates steps to change the engine database password for the OLVM engine.

1. Before modification, you can run below commands to check the current ENGINE_DB_PASSWORD for OLVM engine interacting with the engine database. By default, ENGINE_DB_PASSWORD is a random string which is auto-generated by engine-config during the setup process. The ENGINE_DB_PASSWORD is used by below files:

# cat /etc/ovirt-engine/engine.conf.d/10-setup-database.conf | grep "ENGINE_DB_PASSWORD"
ENGINE_DB_PASSWORD="xxxxxxxx"
# cat /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/10-setup-database.conf |grep "ENGINE_DB_PASSWORD"
ENGINE_DB_PASSWORD="xxxxxxxx"
# cat /etc/ovirt-engine/aaa/internal.properties |grep dbpassword
config.datasource.dbpassword=xxxxxxxx

2. Follow below steps to change engine database password:

[1]. Stop the ovirt-engine process:

# systemctl stop ovirt-engine

[2]. Stop oVirt Engine Data Warehouse service:

# systemctl stop ovirt-engine-dwhd

[3]. Change the credentials that the engine process sends to the database by modifying ENGINE_DB_PASSWORD with the new password:

# vi /etc/ovirt-engine/engine.conf.d/10-setup-database.conf
ENGINE_DB_PASSWORD="YourNewPassword"
# vi /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/10-setup-database.conf
ENGINE_DB_PASSWORD="YourNewPassword"

[4]. Change internal domain dbpassword:

# vi /etc/ovirt-engine/aaa/internal.properties
config.datasource.dbpassword=YourNewPassword

[5]. Change the postgres database credentials: By default, the name of the user in ENGINE_DB_USER and database in ENGINE_DB_DATABASE are both “engine”:

# cat /etc/ovirt-engine/engine.conf.d/10-setup-database.conf
ENGINE_DB_HOST="localhost"
ENGINE_DB_PORT="5432"
ENGINE_DB_USER="engine"
ENGINE_DB_DATABASE="engine"

Connect to the ‘postgres’ database to alter the engine db user and postgres passwords:

# su - postgres
Last login: Thu Apr 30 15:29:48 AEST 2020 on pts/1

-bash-4.2$ scl enable rh-postgresql95 -- psql
psql (9.5.14)
Type "help" for help.

postgres=# alter user engine with password 'YourNewPassword';
ALTER ROLE

postgres-# alter user postgres with password 'YourNewPassword';
ALTER ROLE

postgres=# \q
-bash-4.2$ exit
logout

[6]. Start ovirt-engine and Data Warehouse service to take effect:

# systemctl start ovirt-engine
# systemctl start ovirt-engine-dwhd

Now you can use now use the new credentials to access the engine database.