Hello, and good afternoon.
I used to use to use token based authentication method for my Nomad && Consul cluster like this:
nomad-agent-policy.hcl
acl = "write"
key_prefix "" {
policy = "write"
}
agent_prefix "" {
policy = "read"
}
node_prefix "" {
policy = "read"
}
service_prefix "" {
policy = "read"
}
service_prefix "" {
policy = "write"
}
consul acl policy create -token=token_value -name "nomad-servers" -description "Nomad Server Policy" -rules @nomad-agent-policy.hcl
consul acl policy create -token=token_value -name "nomad-clients" -description "Nomad Client Policy" -rules @nomad-agent-policy.hcl
consul acl token create -token=token_value -description "Nomad Agents Token" -policy-name "nomad-servers" -policy-name "nomad-clients" | tee nomad-agent.token
and then add that token to my nomad cluster /etc/nomad.d/nomad.hcl
consul {
address = "localhost:8500"
token = "xyz-xyz-xyz-xyz-xyz" # the consul token
server_service_name = "nomad-servers"
client_service_name = "nomad-clients"
auto_advertise = true
server_auto_join = true
client_auto_join = true
}
But now after this breaking change v1.10.0 The deprecated token-based authentication workflow for allocations has been removed #25217
I got anonymous token error on Consul and envoy proxy (for Consul connect) can’t bootstrap anymore, What should I do?
I’m using Hashicorp Nomad && Consul on plain VPS and I don’t have Vault either, It would be a great if there is work around this, Thanks.