shlomi-noach
commented
6 years ago Hi @MaxFedotov, can you please issue a pull request so that I can see your changes? Thank you for working on this.
Open MaxFedotov opened 6 years ago
shlomi-noach
commented
6 years ago Hi @MaxFedotov, can you please issue a pull request so that I can see your changes? Thank you for working on this.
MaxFedotov
commented
6 years ago Hi @shlomi-noach. Done - #510
utdrmac
commented
5 years ago @MaxFedotov This was merged. Can you close?
Hello,
We plan to use orchestrator coupled with Consul KV in order to support Service discovery with proxy. In order to protect Consul KV keys from unauthorized access, it is a good idea to use consul ACL (https://www.consul.io/docs/guides/acl.html). In order to use it, we first need to create ACL token for orchestrator:
curl --request PUT --data '{"Name": "orchestrator-token", "Type": "client", "Rules": "key \"\" { policy = \"read\" } key \"mysql/\" { policy = \"write\" } operator = \"read\""}' http://localhost:8500/v1/acl/create?token=b1gs33cr3tAnd later use it when connecting to orchestrator. In order to achieve it, we need to add following changes:if len(config.Config.ConsulAclToken) > 0 { consulConfig.Token = config.Config.ConsulAclToken }I've already implemented and tested this small changes in https://github.com/MaxFedotov/orchestrator/tree/consul-acl-token
Thanks, Max