What is the purpose of authoritative_region?

smartaquarius10 · October 30, 2020, 2:14pm

Hello,

Do we put this value in only one server node
If yes, why not in all server nodes
Is it anyway related to leader and slave server nodes concept i.e. only the server having this entry will always elect as leader which treat as a source of truth
If I have only one server node then is it necessary to put this field

Can anyone provide some more details on this as the documentation regarding this is not clear.

jrasell · November 2, 2020, 10:41am

The authoritative region is used to provide a single source of truth for ACL Policies, ACL Tokens and Namespaces in multi-region, federated Nomad clusters. When used, all servers should have this configuration parameter set and non-authoritative regions will have the data replicated to them from the authoritative region.

To answer the questions you posted directly:

If used, all servers should have this configuration item set
N/A
This is not related in any way to leadership election
No, as mentioned previously, this parameter only needs to be set in multi-region federated Nomad deployments where you wish to use this functionality.

Thanks,
jrasell and the Nomad team.

smartaquarius10 · November 3, 2020, 12:04pm

Hi @jrasell,

Thanks for sharing the details. But I’m unable to understand its use case.

I’m trying to relate its working if I host it in an organization. If I have 1 region then no need to add this item. On the flip side, with multi region we have to add this configuration in all the server nodes of any one region. But, in both the cases, there will be only one type of acl policies replicate to all the servers in every the region.

If I’m sitting in an organization then definitely I will setup nomad only for the user belonging to my organization which raises a question that why I’ll create this segregation. Could you please share any scenario which clarifies its use case.

Thank you