When using Konvoy Image Builder (KIB) to create a cluster-api complaint template that can be used to deploy Kubernetes cluster with VSphere provider in DKP, the default username and password are both set to “builder”. That means that when creating the base OS image, a user “builder” with password “builder” is used by default.
To abide to best security practices, the user should set their own user and password while creating the base OS image and override the default credentials in KIB by creating a file (overrides.yaml) with the following content:
---
packer:
ssh_username: "<USERNAME>"
ssh_password: "<PASSWORD>"
And then use it to instruct KIB to use the credentials to SSH into the VM:
./konvoy-image build images/ova/rhel-84.yaml --overrides overrides.yaml