From a46e3bd2fc66a7d7ca86d000caab07c90a59f41a Mon Sep 17 00:00:00 2001 From: Daniel Nephin Date: Mon, 4 Oct 2021 18:22:45 -0400 Subject: [PATCH] acl: stop replication on leadership lost It seems like this was missing. Previously this was only called by init of ACLs during an upgrade. Now that legacy ACLs are removed, nothing was calling stop. Also remove an unused method from client. --- agent/consul/acl_client.go | 6 ------ agent/consul/leader.go | 2 ++ 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/agent/consul/acl_client.go b/agent/consul/acl_client.go index 8a33c6e46..c5666cb48 100644 --- a/agent/consul/acl_client.go +++ b/agent/consul/acl_client.go @@ -3,7 +3,6 @@ package consul import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/structs" - "github.com/hashicorp/consul/lib/serf" ) var clientACLCacheConfig *structs.ACLCachesConfig = &structs.ACLCachesConfig{ @@ -80,8 +79,3 @@ func (c *Client) ResolveTokenAndDefaultMeta(token string, entMeta *structs.Enter return authz, err } - -func (c *Client) updateSerfTags(key, value string) { - // Update the LAN serf - serf.UpdateTag(c.serf, key, value) -} diff --git a/agent/consul/leader.go b/agent/consul/leader.go index 0c5b4b50d..e54841467 100644 --- a/agent/consul/leader.go +++ b/agent/consul/leader.go @@ -344,6 +344,8 @@ func (s *Server) revokeLeadership() { s.stopConfigReplication() + s.stopACLReplication() + s.stopConnectLeader() s.stopACLTokenReaping()