You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thank you for the response. Yes I have configured a token, and that is the problem here. Tokens in Nomad are associated with ACL policies. ACL policies can be fairly fine grained with what they allow and what they don't allow.
What I am hoping for is documentation on what permissions Traefik needs so I can create a relevant ACL policy in Nomad.
The alternative, which I would not be willing to ship to production, is generating a token against a policy that just allows everything. I have done this for local testing, and it works, but as I said am unwilling to do that in production.
More information about Nomad ACLs can be found here:
Thanks for the explanation and details, indeed, it clarifies the situation.
Traefik is only discovering services (LIST, GET), so, as per the Hashicorp documentation, the needed capabilities should be read-job for the service's namespace.
Hey! Thanks, I will give that a shot when I can (hopefully tomorrow). I would think it needs list-jobs and read-job. Either way, I will test and get back to you. Thanks for the response.
Hi! I'm Træfiker 🤖 the bot in charge of tidying up the issues.I have to close this one because of its lack of activity 😞Feel free to re-open it or join our Community Forum.
Welcome!
What did you do?
Ran Traefik with the Nomad provider enabled pointing at a Nomad cluster that has ACLs enabled.
What did you see instead?
What version of Traefik are you using?
2.9.6
What is your environment & configuration?
If applicable, please paste the log output in DEBUG level
No response
The text was updated successfully, but these errors were encountered: