Help Center/ MapReduce Service/ Component Operation Guide (LTS)/ Using ClickHouse/ ClickHouse O&M Management/ Configuring the Default ClickHouse User Password (MRS 3.3.0-LTS or later)
Updated on 2024-12-13 GMT+08:00
View PDF
Share

Configuring the Default ClickHouse User Password (MRS 3.3.0-LTS or later)

After a ClickHouse cluster is created, you can use the ClickHouse client to connect to the ClickHouse server.

Set the passwords of default ClickHouse users default and clickhouse after creating a ClickHouse cluster in normal mode.

  • This section applies to MRS 3.3.0-LTS or later.
  • default and clickhouse are default internal administrators of a ClickHouse cluster in normal mode (with Kerberos authentication disabled).
  • For a ClickHouse cluster in normal mode, if the default passwords of the default users default and clickhouse have been changed and the ClickHouseServer node is reinstalled, the passwords will be reset. You need to change the passwords again.

Changing the Password of the Default ClickHouse User

  1. Log in to the node where ClickHouse is installed as user root, switch to user omm, and go to the $BIGDATA_HOME/FusionInsight_ClickHouse_*/install/FusionInsight-ClickHouse-*/clickhouse/clickhouse_change_password directory.

    su - omm

    cd $BIGDATA_HOME/FusionInsight_ClickHouse_*/install/FusionInsight-ClickHouse-*/clickhouse/clickhouse_change_password

  2. Run the following command to change the password of user default or clickhouse:

    ./change_password.sh

    In the following figure, user clickhouse is used as an example. Enter clickhouse and its password as prompted, and wait until the password is changed.

    The password must meet the following complexity requirements:

    • Contains 8 to 64 characters.
    • Contains at least one lowercase letter, one uppercase letter, one number, and one special character (-%;[]{}@_).

  3. Check the changed password.

    • For MRS 3.3.0-LTS version: Log in to the ClickHouse Server node and check the value of password_sha256_hex in the ${BIGDATA_HOME}/FusionInsight_ClickHouse_*/*_ClickHouseServer/etc/users.xml file. The value is the new password.

      cd ${BIGDATA_HOME}/FusionInsight_ClickHouse_*/*_ClickHouseServer/etc/

      vi users.xml

      As shown in the following figure, the new password is stored in the password_sha256_hex file.

    • For MRS 3.3.1-LTS and later versions: Log in to the ClickHouse Server node and check the value of password_PBKDF2_hex in the ${BIGDATA_HOME}/FusionInsight_ClickHouse_*/*_ClickHouseServer/etc/users.xml file. The value is the new password.

      cd ${BIGDATA_HOME}/FusionInsight_ClickHouse_*/*_ClickHouseServer/etc/

      vi users.xml

      As shown in the following figure, the new password is stored in the password_PBKDF2_hex file.