Citrix Systems 4.2 Server User Manual


 
Chapter 5. Installation
54
d. Edit the /etc/sysconfig/iptables file and add the following lines at the beginning of the INPUT
chain.
-A INPUT -p tcp --dport 3306 -j ACCEPT
7. Return to the root shell on your first Management Server.
8. Set up the database. The following command creates the cloud user on the database.
In dbpassword, specify the password to be assigned to the cloud user. You can choose to
provide no password.
In dbhost, provide the hostname or IP address of the database node.
In deploy-as, specify the username and password of the user deploying the database. For
example, if you originally installed MySQL with user “root” and password “password”, provide --
deploy-as=root:password.
(Optional) For encryption_type, use file or web to indicate the technique used to pass in the
database encryption password. Default: file. See Section 5.4.5, “About Password and Key
Encryption”.
(Optional) For management_server_key, substitute the default key that is used to encrypt
confidential parameters in the CloudPlatform properties file. Default: password. It is highly
recommended that you replace this with a more secure value. See Section 5.4.5, “About
Password and Key Encryption”.
(Optional) For database_key, substitute the default key that is used to encrypt confidential
parameters in the CloudPlatform database. Default: password. It is highly recommended
that you replace this with a more secure value. See Section 5.4.5, “About Password and Key
Encryption”.
# cloudstack-setup-databases cloud:<dbpassword>@<dbhost> --deploy-as=root:<password> -e
<encryption_type> -m <management_server_key> -k <database_key>
9. Now run a script that will set up iptables rules and SELinux for use by the Management Server. It
will also chkconfig off and start the Management Server.
# cloudstack-setup-management
10. Continue to Section 5.4.7, “Prepare NFS Shares”.
5.4.5. About Password and Key Encryption
CloudPlatform stores several sensitive passwords and secret keys that are used to provide security.
These values are always automatically encrypted:
Database secret key
Database password
SSH keys
Compute node root password