You may require Secure Shell (SSH) access to a database for viewing log files or for other troubleshooting purposes.

Data Management for VMware Tanzu permits you to SSH into a database as the root operating system user at any time. The root password is identified in the Password field located in the Server Information section of the Databases view, database Details.

Data Management for VMware Tanzu does not permit non-root users SSH access to a database by default. To permit special Data Management for VMware Tanzu-created operating system users to access a database, you must first explicitly enable SSH access to the database.

Enabling SSH Access

When you enable SSH access to a database, Data Management for VMware Tanzu creates two operating system users, configures access to the database for these users, and generates a new password for each:

OS User Name Description
db‑admin Operating system user with read-only permission to view log files residing on the database.
provider‑admin Operating system user that is a member of the sudo group, and has the permissions required to execute any command on the database.
Warning: The provider-admin user must run any systemctl command that stops or restarts a service as the sudo user. If systemctl is executed without sudo privileges, the database may enter an inconsistent state, and the only remediation will be to power down the database and then power it back up.

You share the management of SSH access to a database for the db-admin operating system user with both the Organization Administrator and the Organization User that created the database.

Note: When an Organization User has already enabled SSH for a database, an enable operation initiated by you resets the db-admin password.

Prerequisites

Before you enable SSH access to a database, ensure that:

  • The databasee is powered on and online.
  • SSH access is currently disabled for the database.

Procedure

Perform the following procedure to enable SSH access to a database:

  1. Select Databases from the left navigation pane.

    This action displays the Database view, a table that lists the provisioned databases.

  2. Examine the databases listed in the table, identify the databasee for which you want to enable SSH access, and navigate to that table row.

  3. Click the database VM Name.

    The database information Details tab displays.

  4. Locate the VM Admin User Details section of the pane, click ACTIONS, and select Enable SSH Access from the drop down menu.

    The Enable DB VM SSH dialog displays.

  5. Click CONFIRM.

    Data Management for VMware Tanzu initiates the task, generating an operation of type ENABLE_DB_VM_SSH.

  6. Monitor the progress of the task in the Operations tab or in the Database Operations view:

    1. Locate the ENABLE_DB_VM_SSH operation type and click it.
    2. Select the State History tab to view the subtasks and their status.
    3. If the operation fails, select the Error Info tab to examine the returned error information.

Connecting to a Database with an SSH Client

After you enable SSH access to a database, the database allows SSH connections from clients running on any host with connectivity to the Service Network.

You obtain the IP address and FQDN of the database from the Server Information section of the Details tab:

Figure 6. Server Information Details of the Database VM

You obtain the login credentials for the provider-admin and db-admin operating system users from the VM Admin User Details section of the Details tab:

Figure 7. Admin User Details of the Database VM

Recall that provider-admin is a member of the sudo group, and has the permissions required to execute any command. The db-admin user has read-only permission to log files residing on the database.

You use the DB IP Address or DB FQDN and the desired credentials to ssh into the database. For example:

user@host$ ssh provider-admin@DBFQDN
password: 

Disabling SSH Access

When you disable SSH access to a database, Data Management for VMware Tanzu removes SSH access to the database from the provider-admin and db-admin operating system users.

Note: The Organization Administrator or Organization User can also remove SSH access to a database from the db-admin operating system user at any time.

Prerequisites

Before you disable SSH access to a database, ensure that:

  • The database is powered on and online.
  • SSH access is currently enabled for the database.

Procedure

Perform the following procedure to disable SSH access to a database:

  1. Select Databases from the left navigation pane.

    This action displays the Database view, a table that lists the provisioned databases.

  2. Examine the databases listed in the table, identify the database for which you want to disable SSH access, and navigate to that table row.

  3. Click the database VM Name.

    The database information Details tab displays.

  4. Locate the VM Admin User Details section of the pane, click ACTIONS, and select Disable SSH Access from the drop down menu.

    The Disable DB VM SSH dialog displays.

  5. Click CONFIRM.

    Data Management for VMware Tanzu initiates the task, generating an operation of type DISABLE_DB_VM_SSH.

  6. Monitor the progress of the task in the Operations tab or in the Database Operations view:

    1. Locate the DISABLE_DB_VM_SSH operation type and click it.
    2. Select the State History tab to view the subtasks and their status.
    3. If the operation fails, select the Error Info tab to examine the returned error information.
check-circle-line exclamation-circle-line close-line
Scroll to top icon