Set/Change the “core” User Password In OpenShift Post-Install
Stop! Please don’t do it, go back …
While RedHat really don’t want you to access the OpenShift nodes directly (not via SSH or console access), it even warning you about it 🙂
❯ ssh [email protected] Red Hat Enterprise Linux CoreOS 411.86.202212072103-0 Part of OpenShift 4.11, RHCOS is a Kubernetes native operating system managed by the Machine Config Operator (`clusteroperator/machine-config`). WARNING: Direct SSH access to machines is not recommended; instead, make configuration changes via `machineconfig` objects: https://docs.openshift.com/container-platform/4.11/architecture/architecture-rhcos.html
But some time, we don’t have a choice, and we need console access, for example if we broke network connectivity to the node, and we need to log in via the console from a IPMI/VNC sessions. For that, we will have to set the password for the core account.
Here is an example of one way to achieve that, by using MachineConfig (node that you will have to change “worker” to “master” to also target the master nodes),
once the password is set, you can/need remove the MC, as you don’t need it once the node restart once and applied the change.
apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig metadata: name: worker-core-password labels: machineconfiguration.openshift.io/role: worker spec: config: ignition: version: 3.2.0 systemd: units: - name: core-password.service enabled: true contents: | [Unit] Description=Changes core password [Service] Type=oneshot ExecStart=/bin/bash -c "echo core:redhat | chpasswd" [Install] WantedBy=multi-user.target