You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was wondering if there is a method to bootstrap tokens before cluster initialization. Namely the token could be distributed to the consul-agent-proxies, and consul-agent-servers before initialization.
The current process is a bit messy at it requires a partial bootstrap of the system, then a rolling restart while configurations are re-generated as the ACL system is brought online. At least this my take away from this section.
This is a large amount of fiction, which seems unnecessary as the existing ServiceDefination structure has fields for these values, and -token allow for them to readily passed through.
But to my surprise when I try to create a bootstrap token
Short of a full feature request, what code would need to be duplicated, or studied to simply provide "valid tokens" initially during bootstrap?
Where would these tokens need to be provided (so consul-server will store them in its "pool" during initialization)?
I'm aware this process isn't likely untested, unproven, and unstable. But I am nevertheless interested in making this work, and possibly assisting by contributing patches to ensure it works.
The text was updated successfully, but these errors were encountered:
This is a great feature. I saw the you have closed this #6706 and #6743
Is this going to be considered as a feature request or it is considered a best practice from you
and is going to stay as is?
Hello!
I was wondering if there is a method to bootstrap tokens before cluster initialization. Namely the token could be distributed to the
consul-agent-proxies
, andconsul-agent-servers
before initialization.The current process is a bit messy at it requires a partial bootstrap of the system, then a rolling restart while configurations are re-generated as the ACL system is brought online. At least this my take away from this section.
This is a large amount of fiction, which seems unnecessary as the existing
ServiceDefination
structure has fields for these values, and-token
allow for them to readily passed through.But to my surprise when I try to create a bootstrap token
valarauca@valarauca:~/Documents/consul$ ./consul acl bootstrap Failed ACL bootstrapping: Put http://127.0.0.1:8500/v1/acl/bootstrap: dial tcp 127.0.0.1:8500: connect: connection refused
sigh
Short of a full feature request, what code would need to be duplicated, or studied to simply provide "valid tokens" initially during bootstrap?
Where would these tokens need to be provided (so
consul-server
will store them in its "pool" during initialization)?I'm aware this process isn't likely untested, unproven, and unstable. But I am nevertheless interested in making this work, and possibly assisting by contributing patches to ensure it works.
The text was updated successfully, but these errors were encountered: