consul开启acl
开启acl相关配置
##代表开启ACL;
enabled=true
##默认为allow,如果需要自定义权限,需要将其设置为deny
default_policy=“deny”
##开启token持久化,将token持久化到磁盘上
enable_token_persistence=true
cd /data/consul/config
{
"acl_datacenter": "dc1",
"acl_master_token": "-Eoyxn*2U#DttzJ",
"acl_default_policy": "deny",
"acl_down_policy": "extend-cache",
}
systemctl restart consul
export CONSUL_HTTP_TOKEN=-Eoyxn*2U#DttzJ
consul members
Node Address Status Type Build Protocol DC Segment
ops-1 192.168.168.36:8301 alive server 1.9.5 2 dc1 <all>
ops-2 192.168.168.37:8301 alive client 1.9.5 2 dc1 <default>
ops-3 192.168.168.38:8301 alive client 1.9.5 2 dc1 <default>
查看集群leader
curl -H 'X-Consul-Token:-Eoyxn*2U#DttzJ' http://127.0.0.1:8500/v1/status/leader
集群集群成员
curl -H 'X-Consul-Token:-Eoyxn*2U#DttzJ' http://127.0.0.1:8500/v1/agent/members