Help Center/ Migration Center/ Tool Guide/ Edge Discovery/ Adding Resource Credentials

Updated on 2024-10-21 GMT+08:00

View PDF

Adding Resource Credentials

You need to add credentials for accessing your source resources to Edge, so that Edge can collect information about them and migrate them to Huawei Cloud. Credentials added to Edge are encrypted and stored locally, and will not be synced to MgC.

Credentials you add to Edge are valid for 60 days. After the validity period expires, you need to add the credentials to Edge again if you still want to discover or migrate the resources.

Prerequisites

Edge has been installed on a device in your source environment, and the Edge device has been connected to MgC.

Authentication Methods

You can add credentials of the following types of resources to Edge: private clouds, servers, and containers. For details about the authentication methods supported for each resource type, see Table 1.

**Table 1** Authentication methods
Resource Type	Authentication Method	Description
Public cloud	AK/SK Configuration file ID/Secret	AK/SK pairs of cloud platforms, such as Huawei Cloud, Alibaba Cloud, AWS, Tencent Cloud, Qiniu Cloud, and Kingsoft Cloud Upload the configuration file used to access Google Cloud. The configuration file contains credentials for Google Cloud service accounts, and the file must be in .json format and cannot exceed 4 KB. IDs and secrets are Azure credentials. To learn how to obtain Azure credentials, see How Do I Obtain Azure Credentials?
Private cloud	Username/Password	Enter the username and password for logging in to the source private cloud.
Databases	Username/Password	Enter the username and password of the database.
Big data - Executor	Username/Password	Enter the user name and password for logging in to the server deployed as an executor. Then specify Network Range, which can be a single IP address or an IP address range. The value can be: A single IP address, for example, 192.168.10.10/32 An IP address range, for example, 192.168.52.0/24 All IP addresses. You need to enter 0.0.0.0/0.
Big data - Hive Metastore	Username/Key	Upload the core-site.xml, hivemetastore-site.xml, hive-site.xml, krb5.conf, and user.keytab files. For details about how to obtain the files, see How Do I Obtain the Hive Metastore Credential Files?.
Big data - Data Lake Search (DLI)	AK/SK	Enter the AK/SK pair of the Huawei Cloud account. For details about how to obtain an AK/SK pair, see How Do I Obtain the AK/SK and Project ID.
Big Data - MaxCompute	AK/SK	Enter the AK/SK pair of the source Alibaba Cloud account. For details about how to obtain the key pair, see Viewing the Information About AccessKey Pairs of a RAM User.
Big data - Doris	Username/Password	Enter the username and password of the Doris database.
Big data - HBase	Username/Key	For an unsecured cluster, upload the core-site.xml, hdfs-site.xml, yarn-site.xml, mapred-site.xml, and hbase-site.xml files. For a secured cluster, upload seven files, including core-site.xml, hdfs-site.xml, yarn-site.xml, krb5.conf, user.keytab, mapred-site.xml, and hbase-site.xml. The preceding configuration files are usually stored in the conf subdirectory of the Hadoop and HBase installation directories.
Big data - ClickHouse	Username/Password	Enter the username and password of the ClickHouse database.
Windows server	Username/Password	Enter the username and password for logging in to the server. Then specify Network Range, which can be a single IP address or an IP address range. The value can be: A single IP address, for example, 192.168.10.10/32 An IP address range, for example, 192.168.52.0/24 All IP addresses. You need to enter 0.0.0.0/0.
Linux server	Username/Password Username/Key	If you select Username/Password, enter the username and password for logging in to the server. If you select Username/Key, enter the username and the password of the key file for logging in to the server, and upload the key file in .pem format. NOTICE: If the key file is not encrypted, you do not need to enter the password. Then specify Network Range, which can be a single IP address or an IP address range. The value can be: A single IP address, for example, 192.168.10.10/32 An IP address range, for example, 192.168.52.0/24 All IP addresses. You need to enter 0.0.0.0/0.
Container	Configuration file	The configuration file must be a .json or .yml file.

Adding Credentials

On the Edge console, in the Source Credentials area, click Add.
Select a resource type and authentication method as prompted. Specify a credential name, enter your credentials, and click Confirm. After the credential is added, Edge automatically synchronizes the added credential to MgC. You can view the credential details in the credential list.

Importing Credentials

On the MgC console, switch to the Application Discovery page and export the discovered source servers or databases to a CSV file.
Open the exported CSV file, add columns user_name and password to the end, and enter the username and password for each resource. Save the file.

Ensure that the content of the saved CSV file is correct and no incorrect configuration or garbled character exists.
On the Edge console, in the Source Credentials area, click Import.
Click Select File to upload the saved CSV file.
- A maximum of 1,000 complete credential records can be imported at a time. If there are any blanks or incomplete credentials, they will be ignored.
- Credential names are automatically generated based on the resource name and access address.
- Credentials can be imported repeatedly, but they will be named differently.
Click OK to complete the import. After the import is successful, the system automatically synchronizes the credentials to MgC and associate them with corresponding resources.

Synchronizing Credentials

If Edge is disconnected from MgC, you need to manually synchronize added credentials to MgC after the connection is restored. In the Source Credentials area, click Sync.

Parent topic: Edge Discovery

Previous topic: Managing Huawei Cloud Credentials

Next topic: Configuring an OBS Bucket