Support ACL replication #226
Merged
Commits on Mar 16, 2020
-
- Adds flag -acl-replication-token-file for setting the ACL replication token. This token is used by secondary dc's to create ACL policies. If set, this flag turns on ACL replication mode. In this mode we will not bootstrap ACLs since we expect replication to be running. - Modifies various policies and tokens to only be applicable to the local datacenter. These policies should have been only local before. - If running in a secondary DC, append the datacenter name to the policy name. This is required because policies must be globally unique. - Note: we aren't sharing policies between datacenters because each server-acl-init could modify the policy depending on its local config. - Adds agent:read permissions to the replication token which is needed to get the current datacenter.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.