Oracle Cloud Infrastructure Documentation

Management Gateway Administration Tasks

Update Management Gateway Properties

Management Gateway Port

The Management Gateway is configured to accept traffic on a specific port which is specified by using the GatewayPort property from the gateway.properties file.
  • On Linux platforms, the gateway.properties file is located under: /opt/oracle/mgmt_agent/plugins/GatewayProxy/stateDir/config.

To change the Management Gateway port value, edit the gateway.properties file and replace the current value of the GatewayPort property with the desired port number.

After changing the gateway.properties file, the Management Gateway service must be restarted.

  • For Oracle Linux 6, use: /sbin/initctl restart mgmt_gateway

  • For Oracle Linux 7, use: systemctl restart mgmt_gateway

If the GatewayPort property value changes then any Management Agents using that Management Gateway must be changed to use the new port value. For details, see Update Management Agents after Changes to Management Gateway Configuration

Management Gateway Credentials

The Gateway is typically configured to use credentials: username and password are required to connect to it.

Such credentials are stored in Oracle Wallets. For information about how to add, update or delete credentials, see Configure Management Gateway Credentials.

If the Management Gateway credentials change, then any Management Agents using the Management Gateway must be changed to use the new credentials. For information, see Update Management Agents after Changes to Management Gateway Configuration.

Configure Management Gateway Credentials

This section describes how to manage credentials which may be needed for Management Gateway.

The Management Gateway stores sensitive information, such as credentials, in Oracle Wallets.

After installing a Management Gateway, you may need to configure credentials.

Note

If changes have been made using the CLI commands, the gateway must be restarted. For information about CLI commands, see Oracle Cloud Infrastructure CLI Command Reference.

Add or Update Credentials

To add credentials or update existing ones, use the gateway_credentials.sh script with the upsertCredentials operation.

The gateway_credentials.sh script is located in the /opt/oracle/mgmt_agent/plugins/GatewayProxy/stateDir/bin directory.

Syntax

gateway_credentials.sh -o upsertCredentials

  1. Create a text file with the username and password for the gateway:

    GatewayUsername=<USER_NAME>
GatewayPassword=<USER_PASSWORD>
    For example:
    GatewayUsername=oracle2
GatewayPassword=welcomepwd

    For example, you can save the text file as cred.properties.

  2. Add credentials using a text file.

    gateway_credentials.sh -o upsertCredentials

    For example, you can run the following using the cred.properties file: 

    cat cred.properties | sudo -u mgmt_agent sh /opt/oracle/mgmt_agent/plugins/GatewayProxy/stateDir/bin/gateway_credentials.sh -o upsertCredentials

  3. Delete the text file created in step 1.

    The text file contains sensitive information. Customers are responsible for deleting the credentials text file after completing the add or update credentials operation.

Delete Credentials

To delete credentials, use the gateway_credentials.sh script with the deleteCredentials operation.

gateway_credentials.sh script is located under /opt/oracle/mgmt_agent/plugins/GatewayProxy/stateDir/bin directory.

Syntax

gateway_credentials.sh -o deleteCredentials

  1. Delete credentials.

    gateway_credentials.sh -o deleteCredentials

    For example, you can run the following to delete the existing credentials:

    sudo -u mgmt_agent sh /opt/oracle/mgmt_agent/plugins/GatewayProxy/stateDir/bin/gateway_credentials.sh -o deleteCredentials
Note

Deleting credentials does not delete the wallet that contained the credentials.

Update Management Agents after Changes to Management Gateway Configuration

If the Management Gateway configuration changes, the Management Agent may also have to be changed.

  • Gateway host: If the Gateway is moved to another host, or if the Gateway host is renamed, then any Agents using the Gateway must be changed to use the new hostname.

    In this case, the Management Agent parameter GatewayServerHost must be updated to use the new Gateway.

  • Gateway port: If the Gateway port value changes, then any Agents using the Gateway must be changed to use the new port value.

    In this case, the Management Agent parameter GatewayServerPort must be updated to use the new Gateway port.

  • Gateway credentials: If the credentials required to connect to the Management Gateway (such as username and password) are changed, then any Agents using the Gateway must be changed to use the new credentials. For information, see Credential Type for Management Gateways and Proxies and Add or Update Credentials.

Upgrade Management Gateway

To upgrade a gateway on Linux, do the following:
  • Download the latest version of the RPM file containing the software download file. See Download Management Gateway Software.
  • To upgrade the gateway, run the rpm command with the upgrade option: rpm -U.
    sudo rpm -U <rpm_file_name.rpm>

Update Proxy Credentials for Management Gateway

You can update existing external proxy credentials for the Management Gateway.

Prerequisites:

The Management Gateway should be configured with a proxy using the following two properties:
  • ProxyHost
  • ProxyPort
For example:
ProxyHost=myproxy.example.com
ProxyPort=80

Step 1: Create request body for updating the proxy credentials

Provide the new username and password in credentials file using the following properties:

  • ProxyUser: User name for authentication with the proxy.
  • ProxyPassword: Password of the user for the authentication with the proxy.
Note

The above credentials properties are case-sensitive.

See below sample-proxycreds.json sample credentials file: 

{"source":"agent.%%agentId%%",
"name":"ManagementAgent-Proxy",
"type":"ProxyCreds",
"description":"Proxy Credentials",
"properties":[
{"name":"ProxyUser","value":"<UserName>"},
{"name":"ProxyPassword","value":"<Password>"}]}

Step 2: Execute command to update the proxy credentials

Execute the below command to update the proxy credentials using the above sample file:

cat sample-proxycreds.json | sudo -u mgmt_agent /opt/oracle/mgmt_agent/agent_inst/bin/credential_mgmt.sh -o upsertCredentials -s Agent

Step 3 : Restart Management Gateway

sudo systemctl restart mgmt_gateway
Note

The credentials are used by the Management Gateway to communicate with Oracle Cloud Infrastructure services. Changing its format or removing the credentials can have an adverse effect on the Management Gateway's ability to communicate back to Oracle Cloud Infrastructure services.