open-consul/website/content/docs/guides/acl-replication.mdx

243 lines
7.5 KiB
Plaintext
Raw Normal View History

[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
---
2020-04-07 18:55:19 +00:00
name: ACL Replication for Multiple Datacenters
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
content_length: 15
id: acl-replication
products_used:
- Consul
2020-04-07 18:55:19 +00:00
description: 'Configure tokens, policies, and roles to work across multiple datacenters.'
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
---
2020-04-06 20:27:35 +00:00
You can configure tokens, policies and roles to work across multiple datacenters. ACL replication has several benefits.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
2020-04-06 20:27:35 +00:00
1. It enables authentication of nodes and services between multiple datacenters.
1. The secondary datacenter can provide failover for all ACL components created in the primary datacenter.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
1. Sharing policies reduces redundancy for the operator.
## Prerequisites
Before starting this guide, each datacenter will need to have ACLs enabled, the process is outlined in the [Securing Consul with ACLs
guide](/consul/security-networking/production-acls). This guide includes the additional ACL replication configuration for the Consul
2020-04-06 20:27:35 +00:00
agents not covered in the Securing Consul with ACL guide.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
Additionally,
2020-04-06 20:27:35 +00:00
[Basic Federation with WAN Gossip](/consul/security-networking/datacenters) is required.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
2020-04-06 20:27:35 +00:00
## Introduction
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
In this guide, you will setup ACL replication. This is a multi-step process
that includes:
2020-04-06 20:27:35 +00:00
- Setting the `primary_datacenter` parameter on all Consul agents in the primary datacenter.
- Creating the replication token.
- Configuring the `primary_datacenter` parameter on all Consul agents in the secondary datacenter.
- Enabling token replication on the servers in the secondary datacenter.
- Applying the replication token to all the servers in the secondary datacenter.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
You should complete this guide during the initial ACL bootstrapping
2020-04-06 20:27:35 +00:00
process.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
-> After ACLs are enabled you must have a privileged token to complete any
operation on either datacenter. You can use the initial
`bootstrap` token as your privileged token.
## Configure the Primary Datacenter
~> Note, if your primary datacenter uses the default `datacenter` name of
`dc1`, you must set a different `datacenter` parameter on each secondary datacenter.
Otherwise, both datacenters will be named `dc1` and there will be conflicts.
### Consul Servers and Clients
You should explicitly set the `primary_datacenter` parameter on all servers
and clients, even though replication is enabled by default on the primary
2020-04-06 20:27:35 +00:00
datacenter. Your agent configuration should be similar to the example below.
```json
{
"datacenter": "primary_dc",
"primary_datacenter": "primary_dc",
"acl": {
"enabled": true,
"default_policy": "deny",
"down_policy": "extend-cache",
"enable_token_persistence": true
}
}
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
```
The `primary_datacenter`
2020-04-09 23:46:54 +00:00
[parameter](/docs/agent/options#primary_datacenter)
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
sets the primary datacenter to have authority for all ACL information. It
should also be set on clients, so that the they can forward API
2020-04-06 20:27:35 +00:00
requests to the servers.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
Finally, start the agent.
2020-05-19 18:32:38 +00:00
```shell-session
2020-04-06 20:27:35 +00:00
$ consul agent -config-file=server.json
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
```
Complete this process on all agents. If you are configuring ACLs for the
first time, you will also need to [compelete the bootstrapping process](/consul/security-networking/production-acls) now.
## Create the Replication Token for ACL Management
Next, create the replication token for managing ACLs
with the following privileges.
2020-04-06 20:27:35 +00:00
- acl = "write" which will allow you to replicate tokens.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
- operator = "read" for replicating proxy-default configuration entries.
- service_prefix, policy = "read" and intentions = "read" for replicating
2020-04-06 20:27:35 +00:00
service-default configuration entries, CA, and intention data.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
2020-04-06 20:27:35 +00:00
```hcl
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
acl = "write"
operator = "read"
2020-04-06 20:27:35 +00:00
service_prefix "" {
policy = "read"
intentions = "read"
}
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
```
2020-04-06 20:27:35 +00:00
Now that you have the ACL rules defined, create a policy with those rules.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
2020-05-19 18:32:38 +00:00
```shell-session
2020-04-06 20:27:35 +00:00
$ consul acl policy create -name replication -rules @replication-policy.hcl
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
ID: 240f1d01-6517-78d3-ec32-1d237f92ab58
2020-04-06 20:27:35 +00:00
Name: replication
Description: Datacenters:
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
Rules: acl = "write"
operator = "read"
2020-04-06 20:27:35 +00:00
service_prefix "" { policy = "read" intentions = "read" }
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
```
Finally, use your newly created policy to create the replication token.
2020-05-19 18:32:38 +00:00
```shell-session
2020-04-06 20:27:35 +00:00
$ consul acl token create description "replication token" -policy-name replication
AccessorID: 67d55dc1-b667-1835-42ab-64658d64a2ff
SecretID: fc48e84d-3f4d-3646-4b6a-2bff7c4aaffb
Description: replication token
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
Local: false
2020-04-06 20:27:35 +00:00
Create Time: 2019-05-09 18:34:23.288392523 +0000 UTC
Policies:
240f1d01-6517-78d3-ec32-1d237f92ab58 - replication
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
```
## Enable ACL Replication on the Secondary Datacenter
Once you have configured the primary datacenter and created the replication
2020-04-06 20:27:35 +00:00
token, you can setup the secondary datacenter.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
-> Note, your initial `bootstrap` token can be used for the necessary
2020-04-06 20:27:35 +00:00
privileges to complete any action on the secondary servers.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
2020-04-06 20:27:35 +00:00
### Configure the Servers
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
You will need to set the `primary_datacenter` parameter to the name of your
2020-04-06 20:27:35 +00:00
primary datacenter and `enable_token_replication` to true on all the servers.
```json
{
"datacenter": "dc_secondary",
"primary_datacenter": "primary_dc",
"acl": {
"enabled": true,
"default_policy": "deny",
"down_policy": "extend-cache",
"enable_token_persistence": true,
"enable_token_replication": true
}
}
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
```
Now you can start the agent.
2020-05-19 18:32:38 +00:00
```shell-session
2020-04-06 20:27:35 +00:00
$ consul agent -config-file=server.json
```
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
Repeat this process on all the servers.
### Apply the Replication Token to the Servers
2020-04-06 20:27:35 +00:00
Finally, apply the replication token to all the servers using the CLI.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
2020-05-19 18:32:38 +00:00
```shell-session
2020-04-06 20:27:35 +00:00
$ consul acl set-agent-token replication <token>
ACL token "replication" set successfully
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
```
Once token replication has been enabled, you will also be able to create
datacenter local tokens.
Repeat this process on all servers. If you are configuring ACLs for the
first time, you will also need to [set the agent token](/consul/security-networking/production-acls#add-the-token-to-the-agent).
Note, the clients do not need the replication token.
### Configure the Clients
For the clients, you will need to set the `primary_datacenter` parameter to the
name of your primary datacenter and `enable_token_replication` to true.
2020-04-06 20:27:35 +00:00
```json
{
"datacenter": "dc_secondary",
"primary_datacenter": "primary_dc",
"acl": {
"enabled": true,
"default_policy": "deny",
"down_policy": "extend-cache",
"enable_token_persistence": true,
"enable_token_replication": true
}
}
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
```
Now you can start the agent.
2020-05-19 18:32:38 +00:00
```shell-session
2020-04-06 20:27:35 +00:00
$ consul agent -config-file=server.json
```
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
Repeat this process on all clients. If you are configuring ACLs for the
2020-04-06 20:27:35 +00:00
first time, you will also need to [set the agent token](/consul/security-networking/production-acls#add-the-token-to-the-agent).
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
2020-04-06 20:27:35 +00:00
## Check Replication
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
2020-04-09 23:46:54 +00:00
Now that you have set up ACL replication, you can use the [HTTP API](/api/acl#check-acl-replication) to check
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
the configuration.
2020-05-19 18:32:38 +00:00
```shell-session
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
$ curl http://localhost:8500/v1/acl/replication?pretty
{
"Enabled":true,
"Running":true,
"SourceDatacenter":"primary_dc",
"ReplicationType":"tokens",
"ReplicatedIndex":19,
"ReplicatedTokenIndex":22,
"LastSuccess":"2019-05-09T18:54:09Z",
"LastError":"0001-01-01T00:00:00Z"
}
```
Notice, the "ReplicationType" should be "tokens". This means tokens, policies,
2020-04-06 20:27:35 +00:00
and roles are being replicated.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
## Summary
2020-04-06 20:27:35 +00:00
In this guide you setup token replication on multiple datacenters. You can complete this process on an existing datacenter, with minimal
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
modifications. Mainly, you will need to restart the Consul agent when updating
2020-04-06 20:27:35 +00:00
agent configuration with ACL parameters.
[docs] New Replication Guide (#5823) * new replication guide * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing another list * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: R.B. Boyer <public@richardboyer.net> * fixing formating * Updating based on feedback. * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating introduction based on feedback * Update website/source/docs/guides/acl-replication.md * updating intro based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * updating based on feedback * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Update website/source/docs/guides/acl-replication.md Co-Authored-By: Judith Malnick <judith@hashicorp.com> * Additional note about servers Co-authored-by: R.B. Boyer <public@richardboyer.net> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 23:35:59 +00:00
If you have not configured other secure features of Consul,
[certificates](consul/security-networking/certificates) and
[encryption](consul/security-networking/agent-encryption),
2020-04-06 20:27:35 +00:00
we recommend doing so now.