Skip to main content

Change the Admin Password

Warning

Clusters managed with the Operator must never allow the admin (root) password to be changed. The Operator uses the admin user to manage the cluster and, by extension, the admin user’s password.

Changing the admin user’s password will decouple the Operator from the SingleStoreDB cluster and neither the Operator nor the cluster will continue to function as expected.

Obtain the Admin Password

The admin user has the associated privileges to create users and manage the cluster. This user is assigned a password when the SingleStoreDB cluster is first created. The Operator creates a corresponding secret with the same name as the SingleStoreDB cluster which is used to store the admin user’s password.

To obtain this secret, run the following command.

kubectl get secrets

Note that, in this secret, the password is Base64-encoded. To decode the password from the secret, run the following command.

echo <ENCODED-VALUE> | base64 -D

Use the Admin Account

As noted earlier, while the admin user’s password can be viewed, it must never be changed.

Should you need to use the admin (root) account, SingleStore recommends that you:

  1. As the admin (root) user, create a superadmin user via the following SQL command.

    CREATE USER 'superadmin'@'%' IDENTIFIED BY '<secure-password>'
  2. Grant the superadmin user admin (root) privileges via the following SQL command.

    GRANT ALL ON *.* TO 'superadmin'@'%' WITH GRANT OPTION;

Once this superadmin user has been created, obtaining the admin user’s password is no longer necessary.