Help Center/ Migration Center/ Tool Guide/ Edge Discovery/ Adding Resource Credentials
Updated on 2024-12-02 GMT+08:00
View PDF
Share

Adding Resource Credentials

You need to add credentials for accessing your source resources to Edge, so that Edge can collect information about them and migrate them to Huawei Cloud. After you connect Edge to MgC, the source resources' credentials will be synchronized to MgC. Credentials added to Edge are encrypted and stored locally, and will not be synced to MgC.

Credentials you add to Edge are valid for 60 days. After the validity period expires, you need to add the credentials to Edge again if you still want to discover or migrate the resources.

Prerequisites

You have installed Edge on a device in your source environment and connected Edge to MgC.

Authentication Methods

You can add credentials of the following types of resources to Edge: private clouds, servers, and containers. For details about the authentication methods supported for each resource type, see Table 1.

Table 1 Authentication methods

Resource Type

Authentication Method

Description

Public cloud
  • AK/SK
  • Configuration file
  • ID/Secret
  • AK/SK pairs of cloud platforms, such as Huawei Cloud, Alibaba Cloud, AWS, Tencent Cloud, Qiniu Cloud, and Kingsoft Cloud
  • Upload the configuration file used to access Google Cloud. The configuration file contains credentials for Google Cloud service accounts, and the file must be in .json format and cannot exceed 4 KB.
  • IDs and secrets are Azure credentials. To learn how to obtain Azure credentials, see How Do I Obtain Azure Credentials?

Private cloud

Username/Password

Enter the username and password for logging in to the source private cloud.

Databases

Username/Password

Enter the username and password of the database.

Big data - Executor

Username/Password

Enter the username and password for logging in to the server deployed as an executor. Then specify Network Range, which can be a single IP address or an IP address range.

The value can be:

  • A single IP address, for example, 192.168.10.10/32
  • An IP address range, for example, 192.168.52.0/24
  • All IP addresses. You need to enter 0.0.0.0/0.

Big data - Hive Metastore

Username/Key

Upload the core-site.xml, hivemetastore-site.xml, hive-site.xml, krb5.conf, and user.keytab files. For details about how to obtain the files, see How Do I Obtain the Hive Metastore Credential Files?.

Big data - Data Lake Search (DLI)

AK/SK

Enter the AK/SK pair of the Huawei Cloud account. For details about how to obtain an AK/SK pair, see How Do I Obtain the AK/SK and Project ID.

Big Data - MaxCompute

AK/SK

Enter the AK/SK pair of the source Alibaba Cloud account. For details about how to obtain the key pair, see Viewing the Information About AccessKey Pairs of a RAM User.

Big data - Doris

Username/Password

Enter the username and password of the Doris database.

Big data - HBase

Username/Key
  • For an unsecured cluster, upload the core-site.xml, hdfs-site.xml, yarn-site.xml, mapred-site.xml, and hbase-site.xml files.
  • For a secured cluster, upload seven files, including core-site.xml, hdfs-site.xml, yarn-site.xml, krb5.conf, user.keytab, mapred-site.xml, and hbase-site.xml.

The preceding configuration files are usually stored in the conf subdirectory of the Hadoop and HBase installation directories.

Big data - ClickHouse

Username/Password

Enter the username and password of the ClickHouse database.

Windows server

Username/Password

Enter the username and password for logging in to the server. Then specify Network Range, which can be a single IP address or an IP address range.

The value can be:

  • A single IP address, for example, 192.168.10.10/32
  • An IP address range, for example, 192.168.52.0/24
  • All IP addresses. You need to enter 0.0.0.0/0.

Linux server
  • Username/Password
  • Username/Key
  • If you select Username/Password, enter the username and password for logging in to the server.
  • If you select Username/Key, enter the username and the password of the key file for logging in to the server, and upload the key file in .pem format.
    NOTICE:

    If the key file is not encrypted, you do not need to enter the password.

Then specify Network Range, which can be a single IP address or an IP address range. The value can be:

  • A single IP address, for example, 192.168.10.10/32
  • An IP address range, for example, 192.168.52.0/24
  • All IP addresses. You need to enter 0.0.0.0/0.

Container

Configuration file

The configuration file must be a .json or .yml file.

Adding Credentials

  1. Use the registered username and password to log in to the Edge console.
  2. In the navigation pane on the left, choose Edge Discovery > Credentials.
  3. Click Create Certificate above the list.
  4. Select a resource type and authentication method as prompted. Specify a credential name, enter your credentials, and click Confirm.

    • If Edge is not connected to MgC, the added resource credentials can be used for deep collection.
    • If Edge is connected to MgC, the added resource credentials will be automatically synchronized to MgC.

Importing Credentials

  1. On the MgC console, switch to the Applications page and export the discovered source servers and databases to a CSV file.

    Figure 1 Exporting resource information

  2. Open the exported CSV file, add columns user_name and password to the end, and enter the username and password for each resource. Save the file.

    Ensure that the saved CSV file is correct and has no incorrect configuration or garbled characters.

  3. On the Credential List page of the Edge console, click Import Credential above the list. The Import Credential dialog box is displayed.
  4. Click Select File to upload the saved CSV file.

    • A maximum of 1,000 complete credential records can be imported at a time. If there are any blanks or incomplete credentials, they will be ignored.
    • Credential names are automatically generated based on the resource name and access address.
    • Credentials can be imported repeatedly, but they will be named differently.

  5. Click OK to complete the import. After the import is successful, the system automatically synchronizes the credentials to MgC and associate them with corresponding resources.

Synchronizing Credentials

If Edge is disconnected from MgC, you need to manually synchronize added credentials to MgC after the connection is restored. In the Source Credentials area, click Sync.

Parent topic: Edge Discovery