Set default token instead of agent to get dns working, set node name to be the short name instead of fqdn

2020-08-30 03:33:20 -04:00 · 2020-08-30 03:33:20 -04:00 · 7c2084790f
commit 7c2084790f
parent be8d9c68da
3 changed files with 6 additions and 2 deletions
--- a/ansible/consul-debug-1598770949.tar.gz
+++ b/ansible/consul-debug-1598770949.tar.gz
--- a/ansible/roles/consul/templates/consul.hcl.j2
+++ b/ansible/roles/consul/templates/consul.hcl.j2
@ -1,5 +1,7 @@
 datacenter          = "{{ main_dc_name }}"
 primary_datacenter  = "{{ main_dc_name }}"
 domain              = "{{ consul_domain }}"
 node_name           = "{{ inventory_hostname_short }}"
 encrypt             = "{{ lookup('hashi_vault', 'secret=kv/data/consul:data')['gossip'] }}"
@ -28,6 +30,6 @@ acl {
  default_policy = "deny"
  enable_token_persistence = true
  tokens {
-    agent   = "{{ lookup('hashi_vault', 'secret=kv/data/consul:data')['server-acl-token'] }}"
+    default = "{{ lookup('hashi_vault', 'secret=kv/data/consul:data')['server-acl-token'] }}"
  }
 }
--- a/ansible/roles/consul_server/templates/consul.hcl.j2
+++ b/ansible/roles/consul_server/templates/consul.hcl.j2
@ -1,5 +1,7 @@
 datacenter          = "{{ main_dc_name }}"
 primary_datacenter  = "{{ main_dc_name }}"
 domain              = "{{ consul_domain }}"
 node_name           = "{{ inventory_hostname_short }}"
 server              = true
 bootstrap_expect    = 3
 ui                  = true
@ -37,6 +39,6 @@ acl {
  default_policy = "deny"
  enable_token_persistence = true
  tokens {
-    agent   = "{{ lookup('hashi_vault', 'secret=kv/data/consul:data')['server-acl-token'] }}"
+    default = "{{ lookup('hashi_vault', 'secret=kv/data/consul:data')['server-acl-token'] }}"
  }
 }