hi,
I need to replace TLS Certs from a whole Nomad cluster and using this Howto. I’ve replaced on all Nomad Servers and one (out of three) Nomad agent. I can’t replace on all Nomad agents, because if I do so, then all existing running containers will be stopped and I don’t know, if I get it up and running again.
On this “test” Nomad Agent, I see:
8e2737a1fa52 task=kafka_rest_proxy type=Killing msg="Vault: server failed to derive vault token: Nomad server is not configured to create tokens" failed=true
But I see:
nomad.vault: successfully renewed token: next_renewal=14m59.99996402s
On the Nomad Server.
The other Nomad agents are unhappy .. which is expected, because of the old TLS certs. But I will reconfigure them only, if I get the first one working. Or is that the issue?
I have no idea, what the issue is ..
any suggestions?