I'm in the process of rolling out 2 clusters in 2 datacenters. dc1 has been up and operational for a while now and dc2 is about to go live. im having trouble with the acl replication though and I'm not sure what to do to solve it. My situation on the secondary cluster looks like this:
curl http://localhost:8500/v1/acl/replication?pretty
{
"Enabled": true,
"Running": true,
"SourceDatacenter": "dc1",
"ReplicationType": "legacy",
"ReplicatedIndex": 0,
"ReplicatedRoleIndex": 0,
"ReplicatedTokenIndex": 0,
"LastSuccess": "0001-01-01T00:00:00Z",
"LastError": "0001-01-01T00:00:00Z"
}
I'm not sure how to get the replication type to convert to token. According to the checks I've done on the primary dc all the tokens there have accessorIDs and as such should be able to replicate across.
The clusters are both Consul v1.6.1 and my understanding is that anything post 1.4 should automatically convert from legacy once all servers in the cluster are newer than 1.4, which they are.
The response from the following query is empty:
I don't know where else to look for the reason this isn't working. Does anyone have advice for what I can check next?
TIA