Managing Infrastructure Password Changes

Page last updated:

This topic describes how to manage Enterprise Pivotal Container Service (Enterprise PKS) after changing a BOSH Director or Enterprise PKS service account password.

Manage Your Service Account Passwords

When you installed Enterprise PKS you created two service accounts:

  • BOSH/Ops Manager Service Account: This service account is configured in the BOSH Director tile.
  • Master Node Service Account: This service account is configured in the Enterprise PKS tile.

You must update a tile’s copy of a service account password after changing the password on your network.

Step 1: Update Your Service Account Passwords

To update BOSH Director with a new BOSH/Ops Manager Service Account password, perform the following steps:

  1. Access the Installation Dashboard in Ops Manager.
  2. Select the BOSH Director tile.
  3. Select your IaaS’ Config tab.
  4. Click Change, the link beneath the IaaS Password field, to modify the password.
    vCenter Password Update in BOSH
  5. Enter the new service account password.
  6. Click Save to save the new password to the BOSH Director tile.

To update Enterprise PKS with a new Master Node Service Account password, perform the following steps:

  1. Access the Installation Dashboard in Ops Manager.
  2. Select the Enterprise PKS tile.
  3. Select the Kubernetes Cloud Provider tab.
  4. Click Change, the link beneath your IaaS’ Master Credentials field, to modify the password.
    vCenter Password Update in PKS
  5. Enter the new master node service account password.
  6. Click Save to save the new password to the Enterprise PKS tile.

Step 2: Deploy Your New Service Account Passwords

After updating an Ops Manager tile’s service account password you must also deploy the new password.

To deploy a new password to BOSH Director and Enterprise PKS, perform the following steps:

  1. Access the Installation Dashboard in Ops Manager.
  2. Click Review Pending Changes.
  3. In the Errands section for Enterprise PKS, select Update all clusters errand.
  4. Click Apply Changes to update the Enterprise PKS installation with the new password(s).

Note: The Update all clusters errand must be enabled to update the Kubernetes cloud provider password stored in Kubernetes clusters.

Manage Your NSX Manager Password (vSphere and vSphere with NSX-T only)

If you are on vSphere or vSphere with NSX-T only, you also configured the NSX Manager Account and password when you installed Enterprise PKS. This service account is configured in the BOSH Director tile.

After changing the password on your network, you must also update the BOSH Director tile’s copy of the NSX Manager Account password.

To update the BOSH Director with the new NSX Manager password, perform the following steps:

  1. Access the Installation Dashboard in Ops Manager.
  2. Select the BOSH Director tile.
  3. Select the vCenter Config tab.
  4. Click Change, the link beneath the NSX Username field, to modify the password. NSX Manager Password Update in BOSH
  5. Enter the new password.
  6. Click Save to save the changes to the BOSH Director tile.
  7. On the Ops Manager Installation Dashboard, select Review Pending Changes.
  8. Click Apply Changes.

Please send any feedback you have to pks-feedback@pivotal.io.