Deprecate -join and -join-wan (#15598)

This commit is contained in:
Paul Glass 2022-12-14 14:28:25 -06:00 committed by GitHub
parent a1973f88a5
commit 62df6a7513
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
23 changed files with 189 additions and 203 deletions

4
.changelog/15598.txt Normal file
View File

@ -0,0 +1,4 @@
```release-note:breaking-change
config: Deprecate `-join`, `-join-wan`, `start_join`, and `start_join_wan`.
These options are now aliases of `-retry-join`, `-retry-join-wan`, `retry_join`, and `retry_join_wan`, respectively.
```

View File

@ -201,11 +201,13 @@ func setupRuntimeConfig(t *testing.T) *configLoader {
dataDir := testutil.TempDir(t, "auto-config") dataDir := testutil.TempDir(t, "auto-config")
opts := config.LoadOpts{ opts := config.LoadOpts{
FlagValues: config.Config{ FlagValues: config.FlagValuesTarget{
DataDir: &dataDir, Config: config.Config{
Datacenter: stringPointer("dc1"), DataDir: &dataDir,
NodeName: stringPointer("autoconf"), Datacenter: stringPointer("dc1"),
BindAddr: stringPointer("127.0.0.1"), NodeName: stringPointer("autoconf"),
BindAddr: stringPointer("127.0.0.1"),
},
}, },
} }
return &configLoader{opts: opts} return &configLoader{opts: opts}

View File

@ -84,11 +84,11 @@ func (ac *AutoConfig) joinHosts() ([]string, error) {
var addrs []string var addrs []string
// The addresses we use for auto-encrypt are the retry join and start join // The addresses we use for auto-encrypt are the retry join addresses.
// addresses. These are for joining serf and therefore we cannot rely on the // These are for joining serf and therefore we cannot rely on the
// ports for these. This loop strips any port that may have been specified and // ports for these. This loop strips any port that may have been specified and
// will let subsequent resolveAddr calls add on the default RPC port. // will let subsequent resolveAddr calls add on the default RPC port.
for _, addr := range append(ac.config.StartJoinAddrsLAN, hosts...) { for _, addr := range hosts {
host, _, err := net.SplitHostPort(addr) host, _, err := net.SplitHostPort(addr)
if err != nil { if err != nil {
if strings.Contains(err.Error(), "missing port in address") { if strings.Contains(err.Error(), "missing port in address") {

View File

@ -122,16 +122,23 @@ func TestAutoEncrypt_hosts(t *testing.T) {
"router-override": { "router-override": {
serverProvider: providerWithServer, serverProvider: providerWithServer,
config: &config.RuntimeConfig{ config: &config.RuntimeConfig{
RetryJoinLAN: []string{"127.0.0.1:9876"}, RetryJoinLAN: []string{"127.0.0.1:9876", "192.168.1.2:4321"},
StartJoinAddrsLAN: []string{"192.168.1.2:4321"},
}, },
hosts: []string{"198.18.0.1:1234"}, hosts: []string{"198.18.0.1:1234"},
}, },
"various-addresses": { "various-addresses": {
serverProvider: providerNone, serverProvider: providerNone,
config: &config.RuntimeConfig{ config: &config.RuntimeConfig{
RetryJoinLAN: []string{"198.18.0.1", "foo.com", "[2001:db8::1234]:1234", "abc.local:9876"}, RetryJoinLAN: []string{
StartJoinAddrsLAN: []string{"192.168.1.1:5432", "start.local", "[::ffff:172.16.5.4]", "main.dev:6789"}, "192.168.1.1:5432",
"start.local",
"[::ffff:172.16.5.4]",
"main.dev:6789",
"198.18.0.1",
"foo.com",
"[2001:db8::1234]:1234",
"abc.local:9876",
},
}, },
hosts: []string{ hosts: []string{
"192.168.1.1", "192.168.1.1",
@ -147,7 +154,7 @@ func TestAutoEncrypt_hosts(t *testing.T) {
"split-host-port-error": { "split-host-port-error": {
serverProvider: providerNone, serverProvider: providerNone,
config: &config.RuntimeConfig{ config: &config.RuntimeConfig{
StartJoinAddrsLAN: []string{"this-is-not:a:ip:and_port"}, RetryJoinLAN: []string{"this-is-not:a:ip:and_port"},
}, },
err: "no auto-encrypt server addresses available for use", err: "no auto-encrypt server addresses available for use",
}, },

View File

@ -46,11 +46,13 @@ import (
"github.com/hashicorp/consul/types" "github.com/hashicorp/consul/types"
) )
type FlagValuesTarget = decodeTarget
// LoadOpts used by Load to construct and validate a RuntimeConfig. // LoadOpts used by Load to construct and validate a RuntimeConfig.
type LoadOpts struct { type LoadOpts struct {
// FlagValues contains the command line arguments that can also be set // FlagValues contains the command line arguments that can also be set
// in a config file. // in a config file.
FlagValues Config FlagValues FlagValuesTarget
// ConfigFiles is a slice of paths to config files and directories that will // ConfigFiles is a slice of paths to config files and directories that will
// be loaded. // be loaded.
@ -169,12 +171,15 @@ func newBuilder(opts LoadOpts) (*builder, error) {
b.Head = append(b.Head, DevSource()) b.Head = append(b.Head, DevSource())
} }
cfg, warns := applyDeprecatedFlags(&opts.FlagValues)
b.Warnings = append(b.Warnings, warns...)
// Since the merge logic is to overwrite all fields with later // Since the merge logic is to overwrite all fields with later
// values except slices which are merged by appending later values // values except slices which are merged by appending later values
// we need to merge all slice values defined in flags before we // we need to merge all slice values defined in flags before we
// merge the config files since the flag values for slices are // merge the config files since the flag values for slices are
// otherwise appended instead of prepended. // otherwise appended instead of prepended.
slices, values := splitSlicesAndValues(opts.FlagValues) slices, values := splitSlicesAndValues(cfg)
b.Head = append(b.Head, LiteralSource{Name: "flags.slices", Config: slices}) b.Head = append(b.Head, LiteralSource{Name: "flags.slices", Config: slices})
if opts.DefaultConfig != nil { if opts.DefaultConfig != nil {
b.Head = append(b.Head, opts.DefaultConfig) b.Head = append(b.Head, opts.DefaultConfig)
@ -1072,8 +1077,6 @@ func (b *builder) build() (rt RuntimeConfig, err error) {
Services: services, Services: services,
SessionTTLMin: b.durationVal("session_ttl_min", c.SessionTTLMin), SessionTTLMin: b.durationVal("session_ttl_min", c.SessionTTLMin),
SkipLeaveOnInt: skipLeaveOnInt, SkipLeaveOnInt: skipLeaveOnInt,
StartJoinAddrsLAN: b.expandAllOptionalAddrs("start_join", c.StartJoinAddrsLAN),
StartJoinAddrsWAN: b.expandAllOptionalAddrs("start_join_wan", c.StartJoinAddrsWAN),
TaggedAddresses: c.TaggedAddresses, TaggedAddresses: c.TaggedAddresses,
TranslateWANAddrs: boolVal(c.TranslateWANAddrs), TranslateWANAddrs: boolVal(c.TranslateWANAddrs),
TxnMaxReqLen: uint64Val(c.Limits.TxnMaxReqLen), TxnMaxReqLen: uint64Val(c.Limits.TxnMaxReqLen),
@ -1348,9 +1351,6 @@ func (b *builder) validate(rt RuntimeConfig) error {
return fmt.Errorf("'connect.enable_mesh_gateway_wan_federation = true' requires that 'node_name' not contain '/' characters") return fmt.Errorf("'connect.enable_mesh_gateway_wan_federation = true' requires that 'node_name' not contain '/' characters")
} }
if rt.ConnectMeshGatewayWANFederationEnabled { if rt.ConnectMeshGatewayWANFederationEnabled {
if len(rt.StartJoinAddrsWAN) > 0 {
return fmt.Errorf("'start_join_wan' is incompatible with 'connect.enable_mesh_gateway_wan_federation = true'")
}
if len(rt.RetryJoinWAN) > 0 { if len(rt.RetryJoinWAN) > 0 {
return fmt.Errorf("'retry_join_wan' is incompatible with 'connect.enable_mesh_gateway_wan_federation = true'") return fmt.Errorf("'retry_join_wan' is incompatible with 'connect.enable_mesh_gateway_wan_federation = true'")
} }

View File

@ -138,9 +138,11 @@ func TestLoad_NodeName(t *testing.T) {
fn := func(t *testing.T, tc testCase) { fn := func(t *testing.T, tc testCase) {
opts := LoadOpts{ opts := LoadOpts{
FlagValues: Config{ FlagValues: FlagValuesTarget{
NodeName: pString(tc.nodeName), Config: Config{
DataDir: pString("dir"), NodeName: pString(tc.nodeName),
DataDir: pString("dir"),
},
}, },
} }
patchLoadOptsShims(&opts) patchLoadOptsShims(&opts)
@ -178,9 +180,11 @@ func TestLoad_NodeName(t *testing.T) {
func TestBuilder_unixPermissionsVal(t *testing.T) { func TestBuilder_unixPermissionsVal(t *testing.T) {
b, _ := newBuilder(LoadOpts{ b, _ := newBuilder(LoadOpts{
FlagValues: Config{ FlagValues: FlagValuesTarget{
NodeName: pString("foo"), Config: Config{
DataDir: pString("dir"), NodeName: pString("foo"),
DataDir: pString("dir"),
},
}, },
}) })
@ -259,9 +263,11 @@ func TestLoad_EmptyClientAddr(t *testing.T) {
fn := func(t *testing.T, tc testCase) { fn := func(t *testing.T, tc testCase) {
opts := LoadOpts{ opts := LoadOpts{
FlagValues: Config{ FlagValues: FlagValuesTarget{
ClientAddr: tc.clientAddr, Config: Config{
DataDir: pString("dir"), ClientAddr: tc.clientAddr,
DataDir: pString("dir"),
},
}, },
} }
patchLoadOptsShims(&opts) patchLoadOptsShims(&opts)

View File

@ -230,8 +230,6 @@ type Config struct {
Services []ServiceDefinition `mapstructure:"services" json:"-"` Services []ServiceDefinition `mapstructure:"services" json:"-"`
SessionTTLMin *string `mapstructure:"session_ttl_min" json:"session_ttl_min,omitempty"` SessionTTLMin *string `mapstructure:"session_ttl_min" json:"session_ttl_min,omitempty"`
SkipLeaveOnInt *bool `mapstructure:"skip_leave_on_interrupt" json:"skip_leave_on_interrupt,omitempty"` SkipLeaveOnInt *bool `mapstructure:"skip_leave_on_interrupt" json:"skip_leave_on_interrupt,omitempty"`
StartJoinAddrsLAN []string `mapstructure:"start_join" json:"start_join,omitempty"`
StartJoinAddrsWAN []string `mapstructure:"start_join_wan" json:"start_join_wan,omitempty"`
SyslogFacility *string `mapstructure:"syslog_facility" json:"syslog_facility,omitempty"` SyslogFacility *string `mapstructure:"syslog_facility" json:"syslog_facility,omitempty"`
TLS TLS `mapstructure:"tls" json:"tls,omitempty"` TLS TLS `mapstructure:"tls" json:"tls,omitempty"`
TaggedAddresses map[string]string `mapstructure:"tagged_addresses" json:"tagged_addresses,omitempty"` TaggedAddresses map[string]string `mapstructure:"tagged_addresses" json:"tagged_addresses,omitempty"`

View File

@ -68,6 +68,12 @@ type DeprecatedConfig struct {
// DEPRECATED(TLS) - this isn't honored by crypto/tls anymore. // DEPRECATED(TLS) - this isn't honored by crypto/tls anymore.
TLSPreferServerCipherSuites *bool `mapstructure:"tls_prefer_server_cipher_suites"` TLSPreferServerCipherSuites *bool `mapstructure:"tls_prefer_server_cipher_suites"`
// DEPRECATED(JOIN) - replaced by retry_join
StartJoinAddrsLAN []string `mapstructure:"start_join"`
// DEPRECATED(JOIN) - replaced by retry_join_wan
StartJoinAddrsWAN []string `mapstructure:"start_join_wan"`
} }
func applyDeprecatedConfig(d *decodeTarget) (Config, []string) { func applyDeprecatedConfig(d *decodeTarget) (Config, []string) {
@ -172,6 +178,16 @@ func applyDeprecatedConfig(d *decodeTarget) (Config, []string) {
warns = append(warns, deprecationWarning("acl_enable_key_list_policy", "acl.enable_key_list_policy")) warns = append(warns, deprecationWarning("acl_enable_key_list_policy", "acl.enable_key_list_policy"))
} }
if len(dep.StartJoinAddrsLAN) > 0 {
d.Config.RetryJoinLAN = append(d.Config.RetryJoinLAN, dep.StartJoinAddrsLAN...)
warns = append(warns, deprecationWarning("start_join", "retry_join"))
}
if len(dep.StartJoinAddrsWAN) > 0 {
d.Config.RetryJoinWAN = append(d.Config.RetryJoinWAN, dep.StartJoinAddrsWAN...)
warns = append(warns, deprecationWarning("start_join_wan", "retry_join_wan"))
}
warns = append(warns, applyDeprecatedTLSConfig(dep, &d.Config)...) warns = append(warns, applyDeprecatedTLSConfig(dep, &d.Config)...)
return d.Config, warns return d.Config, warns

View File

@ -57,8 +57,8 @@ func AddFlags(fs *flag.FlagSet, f *LoadOpts) {
add(&f.FlagValues.Ports.GRPCTLS, "grpc-tls-port", "Sets the gRPC-TLS API port to listen on.") add(&f.FlagValues.Ports.GRPCTLS, "grpc-tls-port", "Sets the gRPC-TLS API port to listen on.")
add(&f.FlagValues.Ports.HTTP, "http-port", "Sets the HTTP API port to listen on.") add(&f.FlagValues.Ports.HTTP, "http-port", "Sets the HTTP API port to listen on.")
add(&f.FlagValues.Ports.HTTPS, "https-port", "Sets the HTTPS API port to listen on.") add(&f.FlagValues.Ports.HTTPS, "https-port", "Sets the HTTPS API port to listen on.")
add(&f.FlagValues.StartJoinAddrsLAN, "join", "Address of an agent to join at start time. Can be specified multiple times.") add(&f.FlagValues.StartJoinAddrsLAN, "join", "(deprecated) An alias for -retry-join. The -join flag will be removed in a future release.")
add(&f.FlagValues.StartJoinAddrsWAN, "join-wan", "Address of an agent to join -wan at start time. Can be specified multiple times.") add(&f.FlagValues.StartJoinAddrsWAN, "join-wan", "(deprecated) An alias for -retry-join-wan. The -join-wan flag will be removed in a future release.")
add(&f.FlagValues.LogLevel, "log-level", "Log level of the agent.") add(&f.FlagValues.LogLevel, "log-level", "Log level of the agent.")
add(&f.FlagValues.LogJSON, "log-json", "Output logs in JSON format.") add(&f.FlagValues.LogJSON, "log-json", "Output logs in JSON format.")
add(&f.FlagValues.LogFile, "log-file", "Path to the file the logs get written to") add(&f.FlagValues.LogFile, "log-file", "Path to the file the logs get written to")
@ -98,3 +98,23 @@ func AddFlags(fs *flag.FlagSet, f *LoadOpts) {
add(&f.FlagValues.UIConfig.Dir, "ui-dir", "Path to directory containing the web UI resources.") add(&f.FlagValues.UIConfig.Dir, "ui-dir", "Path to directory containing the web UI resources.")
add(&f.HCL, "hcl", "hcl config fragment. Can be specified multiple times.") add(&f.HCL, "hcl", "hcl config fragment. Can be specified multiple times.")
} }
func applyDeprecatedFlags(d *FlagValuesTarget) (Config, []string) {
dep := d.DeprecatedConfig
var warns []string
if len(dep.StartJoinAddrsLAN) > 0 {
d.Config.RetryJoinLAN = append(d.Config.RetryJoinLAN, dep.StartJoinAddrsLAN...)
warns = append(warns, deprecatedFlagWarning("-join", "-retry-join"))
}
if len(dep.StartJoinAddrsWAN) > 0 {
d.Config.RetryJoinWAN = append(d.Config.RetryJoinWAN, dep.StartJoinAddrsWAN...)
warns = append(warns, deprecatedFlagWarning("-join-wan", "-retry-join-wan"))
}
return d.Config, warns
}
func deprecatedFlagWarning(old, new string) string {
return fmt.Sprintf("The flag '%v' is deprecated. Use the '%v' flag instead.", old, new)
}

View File

@ -21,19 +21,19 @@ func TestAddFlags_WithParse(t *testing.T) {
{}, {},
{ {
args: []string{`-bind`, `a`}, args: []string{`-bind`, `a`},
expected: LoadOpts{FlagValues: Config{BindAddr: pString("a")}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{BindAddr: pString("a")}}},
}, },
{ {
args: []string{`-bootstrap`}, args: []string{`-bootstrap`},
expected: LoadOpts{FlagValues: Config{Bootstrap: pBool(true)}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Bootstrap: pBool(true)}}},
}, },
{ {
args: []string{`-bootstrap=true`}, args: []string{`-bootstrap=true`},
expected: LoadOpts{FlagValues: Config{Bootstrap: pBool(true)}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Bootstrap: pBool(true)}}},
}, },
{ {
args: []string{`-bootstrap=false`}, args: []string{`-bootstrap=false`},
expected: LoadOpts{FlagValues: Config{Bootstrap: pBool(false)}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Bootstrap: pBool(false)}}},
}, },
{ {
args: []string{`-config-file`, `a`, `-config-dir`, `b`, `-config-file`, `c`, `-config-dir`, `d`}, args: []string{`-config-file`, `a`, `-config-dir`, `b`, `-config-file`, `c`, `-config-dir`, `d`},
@ -41,54 +41,58 @@ func TestAddFlags_WithParse(t *testing.T) {
}, },
{ {
args: []string{`-datacenter`, `a`}, args: []string{`-datacenter`, `a`},
expected: LoadOpts{FlagValues: Config{Datacenter: pString("a")}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Datacenter: pString("a")}}},
}, },
{ {
args: []string{`-dns-port`, `1`}, args: []string{`-dns-port`, `1`},
expected: LoadOpts{FlagValues: Config{Ports: Ports{DNS: pInt(1)}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Ports: Ports{DNS: pInt(1)}}}},
}, },
{ {
args: []string{`-grpc-port`, `1`}, args: []string{`-grpc-port`, `1`},
expected: LoadOpts{FlagValues: Config{Ports: Ports{GRPC: pInt(1)}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Ports: Ports{GRPC: pInt(1)}}}},
}, },
{ {
args: []string{`-http-port`, `1`}, args: []string{`-http-port`, `1`},
expected: LoadOpts{FlagValues: Config{Ports: Ports{HTTP: pInt(1)}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Ports: Ports{HTTP: pInt(1)}}}},
}, },
{ {
args: []string{`-https-port`, `1`}, args: []string{`-https-port`, `1`},
expected: LoadOpts{FlagValues: Config{Ports: Ports{HTTPS: pInt(1)}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Ports: Ports{HTTPS: pInt(1)}}}},
}, },
{ {
args: []string{`-serf-lan-port`, `1`}, args: []string{`-serf-lan-port`, `1`},
expected: LoadOpts{FlagValues: Config{Ports: Ports{SerfLAN: pInt(1)}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Ports: Ports{SerfLAN: pInt(1)}}}},
}, },
{ {
args: []string{`-serf-wan-port`, `1`}, args: []string{`-serf-wan-port`, `1`},
expected: LoadOpts{FlagValues: Config{Ports: Ports{SerfWAN: pInt(1)}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Ports: Ports{SerfWAN: pInt(1)}}}},
}, },
{ {
args: []string{`-server-port`, `1`}, args: []string{`-server-port`, `1`},
expected: LoadOpts{FlagValues: Config{Ports: Ports{Server: pInt(1)}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Ports: Ports{Server: pInt(1)}}}},
}, },
{ {
args: []string{`-join`, `a`, `-join`, `b`}, args: []string{`-join`, `a`, `-join`, `b`},
expected: LoadOpts{FlagValues: Config{StartJoinAddrsLAN: []string{"a", "b"}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{DeprecatedConfig: DeprecatedConfig{StartJoinAddrsLAN: []string{"a", "b"}}}},
}, },
{ {
args: []string{`-node-meta`, `a:b`, `-node-meta`, `c:d`}, args: []string{`-node-meta`, `a:b`, `-node-meta`, `c:d`},
expected: LoadOpts{FlagValues: Config{NodeMeta: map[string]string{"a": "b", "c": "d"}}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{NodeMeta: map[string]string{"a": "b", "c": "d"}}}},
}, },
{ {
args: []string{`-bootstrap`, `true`}, args: []string{`-bootstrap`, `true`},
expected: LoadOpts{FlagValues: Config{Bootstrap: pBool(true)}}, expected: LoadOpts{FlagValues: FlagValuesTarget{Config: Config{Bootstrap: pBool(true)}}},
extra: []string{"true"}, extra: []string{"true"},
}, },
{ {
args: []string{`-primary-gateway`, `foo.local`, `-primary-gateway`, `bar.local`}, args: []string{`-primary-gateway`, `foo.local`, `-primary-gateway`, `bar.local`},
expected: LoadOpts{FlagValues: Config{PrimaryGateways: []string{ expected: LoadOpts{
"foo.local", "bar.local", FlagValues: FlagValuesTarget{
}}}, Config: Config{
PrimaryGateways: []string{"foo.local", "bar.local"},
},
},
},
}, },
} }

View File

@ -22,8 +22,8 @@ func TestMerge(t *testing.T) {
{RaftProtocol: pInt(2)}, {RaftProtocol: pInt(2)},
{ServerMode: pBool(false)}, {ServerMode: pBool(false)},
{ServerMode: pBool(true)}, {ServerMode: pBool(true)},
{StartJoinAddrsLAN: []string{"a"}}, {RetryJoinLAN: []string{"a"}},
{StartJoinAddrsLAN: []string{"b"}}, {RetryJoinLAN: []string{"b"}},
{NodeMeta: map[string]string{"a": "b"}}, {NodeMeta: map[string]string{"a": "b"}},
{NodeMeta: map[string]string{"c": "d"}}, {NodeMeta: map[string]string{"c": "d"}},
{NodeMeta: map[string]string{"c": "e"}}, {NodeMeta: map[string]string{"c": "e"}},
@ -31,10 +31,10 @@ func TestMerge(t *testing.T) {
{Ports: Ports{DNS: pInt(2), HTTP: pInt(3)}}, {Ports: Ports{DNS: pInt(2), HTTP: pInt(3)}},
}, },
Config{ Config{
AdvertiseAddrLAN: pString("b"), AdvertiseAddrLAN: pString("b"),
RaftProtocol: pInt(2), RaftProtocol: pInt(2),
ServerMode: pBool(true), ServerMode: pBool(true),
StartJoinAddrsLAN: []string{"a", "b"}, RetryJoinLAN: []string{"a", "b"},
NodeMeta: map[string]string{ NodeMeta: map[string]string{
"a": "b", "a": "b",
"c": "e", "c": "e",

View File

@ -1387,22 +1387,6 @@ type RuntimeConfig struct {
// hcl: auto_reload_config = (true|false) // hcl: auto_reload_config = (true|false)
AutoReloadConfig bool AutoReloadConfig bool
// StartJoinAddrsLAN is a list of addresses to attempt to join -lan when the
// agent starts. If Serf is unable to communicate with any of these
// addresses, then the agent will error and exit.
//
// hcl: start_join = []string
// flag: -join string -join string
StartJoinAddrsLAN []string
// StartJoinWAN is a list of addresses to attempt to join -wan when the
// agent starts. If Serf is unable to communicate with any of these
// addresses, then the agent will error and exit.
//
// hcl: start_join_wan = []string
// flag: -join-wan string -join-wan string
StartJoinAddrsWAN []string
// TLS configures certificates, CA, cipher suites, and other TLS settings // TLS configures certificates, CA, cipher suites, and other TLS settings
// on Consul's listeners (i.e. Internal multiplexed RPC, HTTPS and gRPC). // on Consul's listeners (i.e. Internal multiplexed RPC, HTTPS and gRPC).
// //

View File

@ -548,9 +548,12 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
`-data-dir=` + dataDir, `-data-dir=` + dataDir,
}, },
expected: func(rt *RuntimeConfig) { expected: func(rt *RuntimeConfig) {
rt.StartJoinAddrsLAN = []string{"a", "b"} rt.RetryJoinLAN = []string{"a", "b"}
rt.DataDir = dataDir rt.DataDir = dataDir
}, },
expectedWarnings: []string{
deprecatedFlagWarning("-join", "-retry-join"),
},
}) })
run(t, testCase{ run(t, testCase{
desc: "-join-wan", desc: "-join-wan",
@ -560,9 +563,12 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
`-data-dir=` + dataDir, `-data-dir=` + dataDir,
}, },
expected: func(rt *RuntimeConfig) { expected: func(rt *RuntimeConfig) {
rt.StartJoinAddrsWAN = []string{"a", "b"} rt.RetryJoinWAN = []string{"a", "b"}
rt.DataDir = dataDir rt.DataDir = dataDir
}, },
expectedWarnings: []string{
deprecatedFlagWarning("-join-wan", "-retry-join-wan"),
},
}) })
run(t, testCase{ run(t, testCase{
desc: "-log-level", desc: "-log-level",
@ -1405,9 +1411,12 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
json: []string{`{ "start_join": ["{{ printf \"1.2.3.4 4.3.2.1\" }}"] }`}, json: []string{`{ "start_join": ["{{ printf \"1.2.3.4 4.3.2.1\" }}"] }`},
hcl: []string{`start_join = ["{{ printf \"1.2.3.4 4.3.2.1\" }}"]`}, hcl: []string{`start_join = ["{{ printf \"1.2.3.4 4.3.2.1\" }}"]`},
expected: func(rt *RuntimeConfig) { expected: func(rt *RuntimeConfig) {
rt.StartJoinAddrsLAN = []string{"1.2.3.4", "4.3.2.1"} rt.RetryJoinLAN = []string{"1.2.3.4", "4.3.2.1"}
rt.DataDir = dataDir rt.DataDir = dataDir
}, },
expectedWarnings: []string{
deprecationWarning("start_join", "retry_join"),
},
}) })
run(t, testCase{ run(t, testCase{
desc: "start_join_wan address template", desc: "start_join_wan address template",
@ -1415,9 +1424,12 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
json: []string{`{ "start_join_wan": ["{{ printf \"1.2.3.4 4.3.2.1\" }}"] }`}, json: []string{`{ "start_join_wan": ["{{ printf \"1.2.3.4 4.3.2.1\" }}"] }`},
hcl: []string{`start_join_wan = ["{{ printf \"1.2.3.4 4.3.2.1\" }}"]`}, hcl: []string{`start_join_wan = ["{{ printf \"1.2.3.4 4.3.2.1\" }}"]`},
expected: func(rt *RuntimeConfig) { expected: func(rt *RuntimeConfig) {
rt.StartJoinAddrsWAN = []string{"1.2.3.4", "4.3.2.1"} rt.RetryJoinWAN = []string{"1.2.3.4", "4.3.2.1"}
rt.DataDir = dataDir rt.DataDir = dataDir
}, },
expectedWarnings: []string{
deprecationWarning("start_join_wan", "retry_join_wan"),
},
}) })
run(t, testCase{ run(t, testCase{
desc: "retry_join address template", desc: "retry_join address template",
@ -1514,10 +1526,15 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
rt.BootstrapExpect = 0 rt.BootstrapExpect = 0
rt.Datacenter = "b" rt.Datacenter = "b"
rt.PrimaryDatacenter = "b" rt.PrimaryDatacenter = "b"
rt.StartJoinAddrsLAN = []string{"a", "b", "c", "d"} rt.RetryJoinLAN = []string{"a", "b", "c", "d"}
rt.NodeMeta = map[string]string{"a": "c"} rt.NodeMeta = map[string]string{"a": "c"}
rt.DataDir = dataDir rt.DataDir = dataDir
}, },
expectedWarnings: []string{
// TODO: deduplicate warnings?
deprecationWarning("start_join", "retry_join"),
deprecationWarning("start_join", "retry_join"),
},
}) })
run(t, testCase{ run(t, testCase{
desc: "precedence: flag before file", desc: "precedence: flag before file",
@ -1573,7 +1590,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
rt.NodeMeta = map[string]string{"a": "c"} rt.NodeMeta = map[string]string{"a": "c"}
rt.SerfBindAddrLAN = tcpAddr("3.3.3.3:8301") rt.SerfBindAddrLAN = tcpAddr("3.3.3.3:8301")
rt.SerfBindAddrWAN = tcpAddr("4.4.4.4:8302") rt.SerfBindAddrWAN = tcpAddr("4.4.4.4:8302")
rt.StartJoinAddrsLAN = []string{"c", "d", "a", "b"} rt.RetryJoinLAN = []string{"c", "d", "a", "b"}
rt.TaggedAddresses = map[string]string{ rt.TaggedAddresses = map[string]string{
"lan": "1.1.1.1", "lan": "1.1.1.1",
"lan_ipv4": "1.1.1.1", "lan_ipv4": "1.1.1.1",
@ -1582,6 +1599,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
} }
rt.DataDir = dataDir rt.DataDir = dataDir
}, },
expectedWarnings: []string{
deprecatedFlagWarning("-join", "-retry-join"),
deprecationWarning("start_join", "retry_join"),
},
}) })
// ------------------------------------------------------------ // ------------------------------------------------------------
@ -3544,7 +3565,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
enable_mesh_gateway_wan_federation = true enable_mesh_gateway_wan_federation = true
} }
`}, `},
expectedErr: "'start_join_wan' is incompatible with 'connect.enable_mesh_gateway_wan_federation = true'", expectedErr: "'retry_join_wan' is incompatible with 'connect.enable_mesh_gateway_wan_federation = true'",
expectedWarnings: []string{
deprecatedFlagWarning("-join-wan", "-retry-join-wan"),
},
}) })
run(t, testCase{ run(t, testCase{
desc: "connect.enable_mesh_gateway_wan_federation cannot use -retry-join-wan", desc: "connect.enable_mesh_gateway_wan_federation cannot use -retry-join-wan",
@ -6174,10 +6198,10 @@ func TestLoad_FullConfig(t *testing.T) {
RejoinAfterLeave: true, RejoinAfterLeave: true,
RetryJoinIntervalLAN: 8067 * time.Second, RetryJoinIntervalLAN: 8067 * time.Second,
RetryJoinIntervalWAN: 28866 * time.Second, RetryJoinIntervalWAN: 28866 * time.Second,
RetryJoinLAN: []string{"pbsSFY7U", "l0qLtWij"}, RetryJoinLAN: []string{"pbsSFY7U", "l0qLtWij", "LR3hGDoG", "MwVpZ4Up"},
RetryJoinMaxAttemptsLAN: 913, RetryJoinMaxAttemptsLAN: 913,
RetryJoinMaxAttemptsWAN: 23160, RetryJoinMaxAttemptsWAN: 23160,
RetryJoinWAN: []string{"PFsR02Ye", "rJdQIhER"}, RetryJoinWAN: []string{"PFsR02Ye", "rJdQIhER", "EbFSc3nA", "kwXTh623"},
RPCConfig: consul.RPCConfig{EnableStreaming: true}, RPCConfig: consul.RPCConfig{EnableStreaming: true},
SegmentLimit: 123, SegmentLimit: 123,
SerfPortLAN: 8301, SerfPortLAN: 8301,
@ -6491,8 +6515,6 @@ func TestLoad_FullConfig(t *testing.T) {
SerfAllowedCIDRsWAN: []net.IPNet{}, SerfAllowedCIDRsWAN: []net.IPNet{},
SessionTTLMin: 26627 * time.Second, SessionTTLMin: 26627 * time.Second,
SkipLeaveOnInt: true, SkipLeaveOnInt: true,
StartJoinAddrsLAN: []string{"LR3hGDoG", "MwVpZ4Up"},
StartJoinAddrsWAN: []string{"EbFSc3nA", "kwXTh623"},
Telemetry: lib.TelemetryConfig{ Telemetry: lib.TelemetryConfig{
CirconusAPIApp: "p4QOTe9j", CirconusAPIApp: "p4QOTe9j",
CirconusAPIToken: "E3j35V23", CirconusAPIToken: "E3j35V23",
@ -6638,6 +6660,8 @@ func TestLoad_FullConfig(t *testing.T) {
deprecationWarning("verify_outgoing", "tls.defaults.verify_outgoing"), deprecationWarning("verify_outgoing", "tls.defaults.verify_outgoing"),
deprecationWarning("verify_server_hostname", "tls.internal_rpc.verify_server_hostname"), deprecationWarning("verify_server_hostname", "tls.internal_rpc.verify_server_hostname"),
"The 'tls_prefer_server_cipher_suites' field is deprecated and will be ignored.", "The 'tls_prefer_server_cipher_suites' field is deprecated and will be ignored.",
deprecationWarning("start_join", "retry_join"),
deprecationWarning("start_join_wan", "retry_join_wan"),
} }
expectedWarns = append(expectedWarns, enterpriseConfigKeyWarnings...) expectedWarns = append(expectedWarns, enterpriseConfigKeyWarnings...)

View File

@ -370,8 +370,6 @@
], ],
"SessionTTLMin": "0s", "SessionTTLMin": "0s",
"SkipLeaveOnInt": false, "SkipLeaveOnInt": false,
"StartJoinAddrsLAN": [],
"StartJoinAddrsWAN": [],
"StaticRuntimeConfig": { "StaticRuntimeConfig": {
"EncryptVerifyIncoming": false, "EncryptVerifyIncoming": false,
"EncryptVerifyOutgoing": false "EncryptVerifyOutgoing": false
@ -488,4 +486,4 @@
"VersionPrerelease": "", "VersionPrerelease": "",
"Watches": [], "Watches": [],
"XDSUpdateRateLimit": 0 "XDSUpdateRateLimit": 0
} }

View File

@ -47,10 +47,8 @@ func (a *Agent) retryJoinWAN() {
// completely hijack whatever the user configured to correctly // completely hijack whatever the user configured to correctly
// implement the star-join. // implement the star-join.
// //
// Elsewhere we enforce that start-join-wan and retry-join-wan cannot // Elsewhere we enforce that retry-join-wan cannot be set if wanfed is
// be set if wanfed is enabled so we don't have to emit any warnings // enabled so we don't have to emit any warnings related to that here.
// related to that here.
if isPrimary { if isPrimary {
// Wanfed requires that secondaries join TO the primary and the // Wanfed requires that secondaries join TO the primary and the
// primary doesn't explicitly join down to the secondaries, so as // primary doesn't explicitly join down to the secondaries, so as

View File

@ -116,40 +116,6 @@ func (c *cmd) startupUpdateCheck(config *config.RuntimeConfig) {
}() }()
} }
// startupJoin is invoked to handle any joins specified to take place at start time
func (c *cmd) startupJoin(agent *agent.Agent, cfg *config.RuntimeConfig) error {
if len(cfg.StartJoinAddrsLAN) == 0 {
return nil
}
c.logger.Info("Joining cluster")
// NOTE: For partitioned servers you are only capable of using start join
// to join nodes in the default partition.
n, err := agent.JoinLAN(cfg.StartJoinAddrsLAN, agent.AgentEnterpriseMeta())
if err != nil {
return err
}
c.logger.Info("Join completed. Initial agents synced with", "agent_count", n)
return nil
}
// startupJoinWan is invoked to handle any joins -wan specified to take place at start time
func (c *cmd) startupJoinWan(agent *agent.Agent, cfg *config.RuntimeConfig) error {
if len(cfg.StartJoinAddrsWAN) == 0 {
return nil
}
c.logger.Info("Joining wan cluster")
n, err := agent.JoinWAN(cfg.StartJoinAddrsWAN)
if err != nil {
return err
}
c.logger.Info("Join wan completed. Initial agents synced with", "agent_count", n)
return nil
}
func (c *cmd) run(args []string) int { func (c *cmd) run(args []string) int {
ui := &mcli.PrefixedUi{ ui := &mcli.PrefixedUi{
OutputPrefix: "==> ", OutputPrefix: "==> ",
@ -273,16 +239,6 @@ func (c *cmd) run(args []string) int {
c.startupUpdateCheck(config) c.startupUpdateCheck(config)
} }
if err := c.startupJoin(agent, config); err != nil {
c.logger.Error(err.Error())
return 1
}
if err := c.startupJoinWan(agent, config); err != nil {
c.logger.Error(err.Error())
return 1
}
// Let the agent know we've finished registration // Let the agent know we've finished registration
agent.StartSync() agent.StartSync()

View File

@ -306,34 +306,20 @@ information.
server. This option may be provided multiple times, and is functionally equivalent server. This option may be provided multiple times, and is functionally equivalent
to the [`recursors` configuration option](/docs/agent/config/config-files#recursors). to the [`recursors` configuration option](/docs/agent/config/config-files#recursors).
## Join Options - `-join` ((#\_join)) - **Deprecated in Consul 1.15. This flag will be removed in a future version of Consul. Use the `-retry-join` flag instead.**
This is an alias of [`-retry-join`](#_retry_join).
- `-join` ((#\_join)) - Address of another agent to join upon starting up. - `-retry-join` ((#\_retry_join)) - Address of another agent to join upon starting up. Joining is
This can be specified multiple times to specify multiple agents to join. If Consul retried until success. Once the agent joins successfully as a member, it will not attempt to join
is unable to join with any of the specified addresses, agent startup will fail. again. After joining, the agent solely maintains its membership via gossip. This option can be
By default, the agent won't join any nodes when it starts up. Note that using [`-retry-join`](#_retry_join) could be more appropriate to help mitigate node startup race conditions when automating specified multiple times to specify multiple agents to join. By default, the agent won't join any
a Consul cluster deployment. nodes when it starts up. The value can contain IPv4, IPv6, or DNS addresses. Literal IPv6
addresses must be enclosed in square brackets. If multiple values are given, they are tried and
retried in the order listed until the first succeeds.
In Consul 1.1.0 and later this can be dynamically defined with a This supports [Cloud Auto-Joining](#cloud-auto-joining).
[go-sockaddr]
template that is resolved at runtime.
If using Enterprise network segments, see [additional documentation on This can be dynamically defined with a [go-sockaddr] template that is resolved at runtime.
joining a client to a segment](/docs/enterprise/network-segments#join_a_client_to_a_segment).
- `-retry-join` ((#\_retry_join)) - Similar to [`-join`](#_join) but allows retrying a join until
it is successful. Once it joins successfully to a member in a list of members
it will never attempt to join again. Agents will then solely maintain their
membership via gossip. This is useful for cases where you know the address will
eventually be available. This option can be specified multiple times to
specify multiple agents to join. The value can contain IPv4, IPv6, or DNS
addresses. IPv6 must use the "bracketed" syntax. If multiple values
are given, they are tried and retried in the order listed until the first
succeeds.
In Consul 1.1.0 and later this can be dynamically defined with a
[go-sockaddr]
template that is resolved at runtime.
If Consul is running on the non-default Serf LAN port, the port must If Consul is running on the non-default Serf LAN port, the port must
be specified in the join address, or configured as the agent's default Serf port be specified in the join address, or configured as the agent's default Serf port
@ -387,7 +373,7 @@ information.
### Cloud Auto-Joining ### Cloud Auto-Joining
As of Consul 0.9.1, `retry-join` accepts a unified interface using the The `-retry-join` option accepts a unified interface using the
[go-discover](https://github.com/hashicorp/go-discover) library for doing [go-discover](https://github.com/hashicorp/go-discover) library for doing
automatic cluster joining using cloud metadata. For more information, see automatic cluster joining using cloud metadata. For more information, see
the [Cloud Auto-join page](/docs/install/cloud-auto-join). the [Cloud Auto-join page](/docs/install/cloud-auto-join).
@ -407,22 +393,17 @@ information.
[`-retry-join`](#_retry_join) before exiting with return code 1. By default, this is set [`-retry-join`](#_retry_join) before exiting with return code 1. By default, this is set
to 0 which is interpreted as infinite retries. to 0 which is interpreted as infinite retries.
- `-join-wan` ((#\_join_wan)) - Address of another wan agent to join upon - `-join-wan` ((#\_join_wan)) - **Deprecated in Consul 1.15. This flag will be removed in a future version of Consul. Use the `-retry-join-wan` flag instead.**
starting up. This can be specified multiple times to specify multiple WAN agents This is an alias of [`-retry-join-wan`](#_retry_join_wan)
to join. If Consul is unable to join with any of the specified addresses, agent
startup will fail. By default, the agent won't [`-join-wan`](#_join_wan) any nodes
when it starts up.
In Consul 1.1.0 and later this can be dynamically defined with a [go-sockaddr] - `-retry-join-wan` ((#\_retry_join_wan)) - Address of another WAN agent to join upon starting up.
template that is resolved at runtime. WAN joining is retried until success. This can be specified multiple times to specify multiple WAN
agents to join. If multiple values are given, they are tried and retried in the order listed
until the first succeeds. By default, the agent won't WAN join any nodes when it starts up.
- `-retry-join-wan` ((#\_retry_join_wan)) - Similar to [`-retry-join`](#_retry_join) This supports [Cloud Auto-Joining](#cloud-auto-joining).
but allows retrying a wan join if the first attempt fails. This is useful for cases
where we know the address will become available eventually. As of Consul 0.9.3
[Cloud Auto-Joining](#cloud-auto-joining) is supported as well.
In Consul 1.1.0 and later this can be dynamically defined with a [go-sockaddr] This can be dynamically defined with a [go-sockaddr] template that is resolved at runtime.
template that is resolved at runtime.
- `-primary-gateway` ((#\_primary_gateway)) - Similar to [`-retry-join-wan`](#_retry_join_wan) - `-primary-gateway` ((#\_primary_gateway)) - Similar to [`-retry-join-wan`](#_retry_join_wan)
but allows retrying discovery of fallback addresses for the mesh gateways in the but allows retrying discovery of fallback addresses for the mesh gateways in the
@ -432,9 +413,9 @@ information.
templates. This was added in Consul 1.8.0. templates. This was added in Consul 1.8.0.
- `-retry-interval-wan` ((#\_retry_interval_wan)) - Time to wait between - `-retry-interval-wan` ((#\_retry_interval_wan)) - Time to wait between
[`-join-wan`](#_join_wan) attempts. Defaults to 30s. [`-retry-join-wan`](#_retry_join_wan) attempts. Defaults to 30s.
- `-retry-max-wan` ((#\_retry_max_wan)) - The maximum number of [`-join-wan`](#_join_wan) - `-retry-max-wan` ((#\_retry_max_wan)) - The maximum number of [`-retry-join-wan`](#_join_wan)
attempts to be made before exiting with return code 1. By default, this is set attempts to be made before exiting with return code 1. By default, this is set
to 0 which is interpreted as infinite retries. to 0 which is interpreted as infinite retries.

View File

@ -1369,7 +1369,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
- `tls` (Defaults to `false`) Allows the client to request the - `tls` (Defaults to `false`) Allows the client to request the
Connect CA and certificates from the servers, for encrypting RPC communication. Connect CA and certificates from the servers, for encrypting RPC communication.
The client will make the request to any servers listed in the `-join` or `-retry-join` The client will make the request to any servers listed in the `-retry-join`
option. This requires that every server to have `auto_encrypt.allow_tls` enabled. option. This requires that every server to have `auto_encrypt.allow_tls` enabled.
When both `auto_encrypt` options are used, it allows clients to receive certificates When both `auto_encrypt` options are used, it allows clients to receive certificates
that are generated on the servers. If the `-server-port` is not the default one, that are generated on the servers. If the `-server-port` is not the default one,
@ -1508,13 +1508,11 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
- `retry_interval_wan` Equivalent to the [`-retry-interval-wan` command-line flag](/docs/agent/config/cli-flags#_retry_interval_wan). - `retry_interval_wan` Equivalent to the [`-retry-interval-wan` command-line flag](/docs/agent/config/cli-flags#_retry_interval_wan).
- `start_join` An array of strings specifying addresses - `start_join` **Deprecated in Consul 1.15. Use the [`retry_join`](/docs/agent/config/config-files#retry_join) field instead. This field will be removed in a future version of Consul.**
of nodes to [`-join`](/docs/agent/config/cli-flags#_join) upon startup. Note that using This field is an alias of `retry_join`.
`retry_join` could be more appropriate to help mitigate
node startup race conditions when automating a Consul cluster deployment.
- `start_join_wan` An array of strings specifying addresses - `start_join_wan` **Deprecated in Consul 1.15. Use the [`retry_join_wan`](/docs/agent/config/config-files#retry_join_wan) field instead. This field will be removed in a future version of Consul.**
of WAN nodes to [`-join-wan`](/docs/agent/config/cli-flags#_join_wan) upon startup. This field is an alias of `retry_join_wan`.
## Log Parameters ## Log Parameters
@ -2219,7 +2217,3 @@ server.
The default value is `250`. It is based on a load test of 5,000 streams connected to a single server with two CPU cores. The default value is `250`. It is based on a load test of 5,000 streams connected to a single server with two CPU cores.
If necessary, you can lower or increase the limit without a rolling restart by using the `consul reload` command or by sending the server a `SIGHUP`. If necessary, you can lower or increase the limit without a rolling restart by using the `consul reload` command or by sending the server a `SIGHUP`.
<!-- list of reference-style links -->
[go-sockaddr]: https://godoc.org/github.com/hashicorp/go-sockaddr/template

View File

@ -126,8 +126,7 @@ connect {
} }
``` ```
The [`start_join_wan`](/docs/agent/config/config-files#start_join_wan) or The [`retry_join_wan`](/docs/agent/config/config-files#retry_join_wan) addresses are
[`retry_join_wan`](/docs/agent/config/config-files#retry_join_wan) are
only used for the [traditional federation process](/docs/k8s/deployment-configurations/multi-cluster#traditional-wan-federation). only used for the [traditional federation process](/docs/k8s/deployment-configurations/multi-cluster#traditional-wan-federation).
They must be omitted when federating Consul servers via gateways. They must be omitted when federating Consul servers via gateways.

View File

@ -92,10 +92,10 @@ Consul client agents will attempt to retrieve the license from servers if certai
- ACLs are enabled. - ACLs are enabled.
- An ACL token is provided to the client agent. - An ACL token is provided to the client agent.
- The client agents configuration contains `start_join/retry_join` addresses. - The client agents configuration contains `retry_join` addresses.
- The start/retry join addresses are addresses of the Consul servers. - The retry join addresses are addresses of the Consul servers.
Consul snapshot agents will attempt to retrieve the license from servers if certain conditions are met: ACLs are enabled, a ACL token is provided to the client agent, the client agents configuration contains `start_join/retry_join` addresses, the start/retry join addresses are addresses of the Consul servers. Consul snapshot agents will attempt to retrieve the license from servers if certain conditions are met: ACLs are enabled, a ACL token is provided to the client agent, the client agents configuration contains `retry_join` addresses, the retry join addresses are addresses of the Consul servers.
## Q: Where can users get a trial license for Consul Enterprise? ## Q: Where can users get a trial license for Consul Enterprise?

View File

@ -48,9 +48,9 @@ Virtual agents do not need the license to run.
Updating the license for an agent depends on the method you used to apply the license. Updating the license for an agent depends on the method you used to apply the license.
- **If you used the `CONSUL_LICENSE` - **If you used the `CONSUL_LICENSE`
environment variable**: After updating the environment variable, restart the affected agents. environment variable**: After updating the environment variable, restart the affected agents.
- **If you used the - **If you used the
`CONSUL_LICENSE_PATH` environment variable**: Update the license file first. Then, restart the affected agents. `CONSUL_LICENSE_PATH` environment variable**: Update the license file first. Then, restart the affected agents.
- **If you used the `license_path` configuration item**: Update the license file first. Then, run [`consul reload`](/commands/reload) for the affected agents. - **If you used the `license_path` configuration item**: Update the license file first. Then, run [`consul reload`](/commands/reload) for the affected agents.
#### Client Agent License Retrieval #### Client Agent License Retrieval
@ -58,8 +58,8 @@ environment variable**: After updating the environment variable, restart the aff
When a client agent starts without a license in its configuration or environment, it will try to retrieve the When a client agent starts without a license in its configuration or environment, it will try to retrieve the
license from the servers via RPCs. That RPC always requires a valid non-anonymous ACL token to authorize the license from the servers via RPCs. That RPC always requires a valid non-anonymous ACL token to authorize the
request but the token doesn't need any particular permissions. As the license is required before the client request but the token doesn't need any particular permissions. As the license is required before the client
actually joins the cluster, where to make those RPC requests to is inferred from the [`start_join`](/docs/agent/config/config-files#start_join) actually joins the cluster, where to make those RPC requests to is inferred from the
or [`retry_join`](/docs/agent/config/config-files#retry_join) configurations. If those are both unset or no [`retry_join`](/docs/agent/config/config-files#retry_join) configuration. If `retry_join` is unset or no
[`agent` token](/docs/agent/config/config-files#acl_tokens_agent) is set then the client agent will immediately shut itself down. [`agent` token](/docs/agent/config/config-files#acl_tokens_agent) is set then the client agent will immediately shut itself down.
If all preliminary checks pass the client agent will attempt to reach out to any server on its RPC port to If all preliminary checks pass the client agent will attempt to reach out to any server on its RPC port to

View File

@ -230,7 +230,6 @@ segments are:
- [`ports.serf_lan`](/docs/agent/config/config-files#serf_lan_port): - [`ports.serf_lan`](/docs/agent/config/config-files#serf_lan_port):
Serf LAN port for the above segment on this client. This is not required Serf LAN port for the above segment on this client. This is not required
to match the configured Serf LAN port for other agents on this segment. to match the configured Serf LAN port for other agents on this segment.
- [`retry_join`](/docs/agent/config/config-files#retry_join) or - [`retry_join`](/docs/agent/config/config-files#retry_join): A list of agent addresses to join
[`start_join`](/docs/agent/config/config-files#start_join): A list of agent addresses to join
when starting. Ensure the correct Serf LAN port for this segment is used when joining when starting. Ensure the correct Serf LAN port for this segment is used when joining
the LAN gossip pool using one of the [available configuration methods](#join_a_client_to_a_segment). the LAN gossip pool using one of the [available configuration methods](#join_a_client_to_a_segment).

View File

@ -54,12 +54,8 @@ You can trigger leader election by joining the servers together, to create a clu
### Automatically Join the Servers ### Automatically Join the Servers
There are multiple options for joining the servers. Choose the method which best suits your environment and specific use case. There are two options for joining the servers. Choose the method which best suits your environment and specific use case.
- Specify a list of servers with
[-join](/docs/agent/config/cli-flags#_join) and
[start_join](/docs/agent/config/config-files#start_join)
options.
- Specify a list of servers with [-retry-join](/docs/agent/config/cli-flags#_retry_join) option. - Specify a list of servers with [-retry-join](/docs/agent/config/cli-flags#_retry_join) option.
- Use automatic joining by tag for supported cloud environments with the [-retry-join](/docs/agent/config/cli-flags#_retry_join) option. - Use automatic joining by tag for supported cloud environments with the [-retry-join](/docs/agent/config/cli-flags#_retry_join) option.