You may require Secure Shell (SSH) access to a database for viewing log files or for other troubleshooting purposes.
Data Management for VMware Tanzu permits you to SSH into a database as the root
operating system user at any time. The root
password is identified in the Password field located in the Server Information section of the Databases view, database Details.
Data Management for VMware Tanzu does not permit non-root
users SSH access to a database by default. To permit special Data Management for VMware Tanzu-created operating system users to access a database, you must first explicitly enable SSH access to the database.
When you enable SSH access to a database, Data Management for VMware Tanzu creates two operating system users, configures access to the database for these users, and generates a new password for each:
OS User Name | Description |
---|---|
db‑admin | Operating system user with read-only permission to view log files residing on the database. |
provider‑admin | Operating system user that is a member of the sudo group, and has the permissions required to execute any command on the database. |
provider-admin
user must run any
systemctl
command that stops or restarts a service as the
sudo
user. If
systemctl
is executed without
sudo
privileges, the database may enter an inconsistent state, and the only remediation will be to power down the database and then power it back up.
You share the management of SSH access to a database for the db-admin
operating system user with both the Organization Administrator and the Organization User that created the database.
db-admin
password.
Before you enable SSH access to a database, ensure that:
Perform the following procedure to enable SSH access to a database:
Select Databases from the left navigation pane.
This action displays the Database view, a table that lists the provisioned databases.
Examine the databases listed in the table, identify the databasee for which you want to enable SSH access, and navigate to that table row.
Click the database VM Name.
The database information Details tab displays.
Locate the VM Admin User Details section of the pane, click ACTIONS, and select Enable SSH Access from the drop down menu.
The Enable DB VM SSH dialog displays.
Click CONFIRM.
Data Management for VMware Tanzu initiates the task, generating an operation of type ENABLE_DB_VM_SSH.
Monitor the progress of the task in the Operations tab or in the Database Operations view:
After you enable SSH access to a database, the database allows SSH connections from clients running on any host with connectivity to the Service Network.
You obtain the IP address and FQDN of the database from the Server Information section of the Details tab:
You obtain the login credentials for the provider-admin
and db-admin
operating system users from the VM Admin User Details section of the Details tab:
Recall that provider-admin
is a member of the sudo
group, and has the permissions required to execute any command. The db-admin
user has read-only permission to log files residing on the database.
You use the DB IP Address or DB FQDN and the desired credentials to ssh
into the database. For example:
user@host$ ssh provider-admin@DBFQDN
password:
When you deactivate SSH access to a database, Data Management for VMware Tanzu removes SSH access to the database from the provider-admin
and db-admin
operating system users.
db-admin
operating system user at any time.
Before you deactivate SSH access to a database, ensure that:
Perform the following procedure to deactivate SSH access to a database:
Select Databases from the left navigation pane.
This action displays the Database view, a table that lists the provisioned databases.
Examine the databases listed in the table, identify the database for which you want to deactivate SSH access, and navigate to that table row.
Click the database VM Name.
The database information Details tab displays.
Locate the VM Admin User Details section of the pane, click ACTIONS, and select Disable SSH Access from the drop down menu.
The Disable DB VM SSH dialog displays.
Click CONFIRM.
Data Management for VMware Tanzu initiates the task, generating an operation of type DISABLE_DB_VM_SSH.
Monitor the progress of the task in the Operations tab or in the Database Operations view: