Hi,
Before trying out stuff I wanted to check here if folks know if Nomad’s template is affected by this Vault’s kv-v2 issue:
Consul template has a variable default_lease_duration, hence wondering if there is an equivalent in Nomad.
Were you able to find an answer for this query? I’ve a secret using KV2 but lease_duration is 0 always. When I update a secret in Vault, there’s no effect on the Nomad job (template.change_mode=restart)
$ vault read secret/data/app -format=json
{
"lease_id": "",
"lease_duration": 0,
"renewable": false,
...
}
I didn’t actually wait for 5 mins to see if a new secret is actually fetched. But would you know is there anyway to configure this interval to be shorter?
1 Like
@mr-karan I never did an answer to this query in Nomad context.
I remember switching to using kv v1 during the above experiment, as I was trying to pitch “Vaults for secrets and, Hey! Look!! Services can auto reload when secrets change”
kv v2 not working at that point in time was quite the bummer. Haven’t got time to revisit the experiments though.