Why are environment variables needed in Nomad when using Consul ACL?


I’ve been debugging an issue with a newly created cluster where I am getting a lot of [ERROR] nomad.event_broker: failed resolving ACL for secretID, closing subscriptions: error="no token for secret ID" errors. While looking around I found this consideration: Secure Nomad Jobs with Consul Service Mesh | Nomad | HashiCorp Developer

Is this still valid? if so why would it not be picking this configuration up from the consul stanza block in the server/node config files?

Edit: I should probably mention im running Nomad 1.4.3 :stuck_out_tongue:

Hi @CarbonCollins, indeed that guide is outdated - manually configuring those environment variables when using Connect has not been a requirement for quite some time (probably around Nomad 1.0). I’ve created an internal ticket for getting that cleaned up.

The error message you’re seeing is known to be spurious - we have an issue for cleaning up the log message so it doesn’t sound way more scary than it is

Good to know about the env vars!

The error message has been driving me arround in circles for the last few days so its good to know its probably not the cause :smiley: