forked from cloudfoundry/docs-bosh
-
Notifications
You must be signed in to change notification settings - Fork 0
/
director-users.html.md.erb
82 lines (55 loc) · 2.92 KB
/
director-users.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
---
title: User management on the Director
---
The Director provides a very simple built-in user management system for authentication of operators and internal services (for example, the Health Monitor). Alternatively, it can integrate with UAA for more advanced use cases.
---
## <a id="default"></a> Default Configuration
<p class="note"><strong>Note</strong>: We are planning to remove this configuration. We recommend configuring the Director as described below in <a href="#preconfigured">Preconfigured Users</a> section.</p>
Once installed, the Director comes without any configured users by default. When there are no configured users you can use `admin` / `admin` credentials to login into the Director.
<pre class="terminal">
$ bosh login admin
Enter password: *****
Logged in as `admin'
</pre>
When the Director is configured with at least one user, default `admin` / `admin` credentials no longer work. To create a new user:
<pre class="terminal">
$ bosh create user some-operator
Enter new password: ********
Verify new password: ********
User `some-operator' has been created
</pre>
To delete existing user:
<pre class="terminal">
$ bosh delete user some-operator
Are you sure you would like to delete the user `some-operator'? (type 'yes' to continue): yes
User `some-operator' has been deleted
</pre>
---
## <a id="preconfigured"></a> Preconfigured Users
<p class="note"><strong>Note</strong>: This feature is available with bosh-release v177+ (1.2999.0).</p>
In this configuration the Director is configured in advance with a list of users. There is no way to add or remove users without redeploying the Director.
To configure the Director with a list of users:
1. Change deployment manifest for the Director:
```yaml
properties:
director:
user_management:
provider: local
local:
users:
- {name: admin, password: admin-password}
- {name: hm, password: hm-password}
```
1. Redeploy the Director with the updated manifest. Use whichever method you've used before to deploy the Director: bosh-init or micro CLI.
<p class="note"><strong>Note</strong>: When using micro CLI, <code>properties</code> key should be placed under <code>apply_spec</code> section.</p>
---
## <a id="uaa"></a> UAA Integration
[Configure your director to use the UAA for user management](director-users-uaa.html)
---
## <a id="hm"></a> Director Tasks
The director is recording the user initiating a [director task](director-tasks.html) in the task audit log.
---
## <a id="hm"></a> Health Monitor Authentication
The Health Monitor is configured to use a custom user to query/submit requests to the Director. Since by default the Director does not come with any users, the Health Monitor is not able to successfully communicate with the Director. See the [Automatic repair with Resurrector](resurrector.html) topic for more details.
---
[Back to Table of Contents](index.html#director-config)