遇到consul报Permission denied
来源:1-1 抢红包系统项目演示&导学【不看错过一个亿唷】
vivid_w
2019-05-09
老师,我刚入门使用consul,用./consul agent -dev -config-file ./services.json -server命令启动了一个consul server,然后我的services.json文件如下:{ "acl": { "enabled": true } }
我去使用create或者update的时候终端会报错:
==> Starting Consul agent...
==> Consul agent running!
Version: 'v1.4.4'
Node ID: 'b4c3e3e0-2a39-280a-6701-4f2405271412'
Node name: 'bogon'
Datacenter: 'dc1' (Segment: '<all>')
Server: true (Bootstrap: false)
Client Addr: [127.0.0.1] (HTTP: 8500, HTTPS: -1, gRPC: 8502, DNS: 8600)
Cluster Addr: 127.0.0.1 (LAN: 8301, WAN: 8302)
Encrypt: Gossip: false, TLS-Outgoing: false, TLS-Incoming: false
==> Log data will now stream in as it occurs:
2019/05/09 22:16:16 [DEBUG] agent: Using random ID "b4c3e3e0-2a39-280a-6701-4f2405271412" as node ID
2019/05/09 22:16:16 [DEBUG] tlsutil: Update with version 1
2019/05/09 22:16:16 [DEBUG] tlsutil: OutgoingRPCWrapper with version 1
2019/05/09 22:16:16 [DEBUG] tlsutil: IncomingRPCConfig with version 1
2019/05/09 22:16:16 [DEBUG] tlsutil: OutgoingRPCWrapper with version 1
2019/05/09 22:16:16 [INFO] raft: Initial configuration (index=1): [{Suffrage:Voter ID:b4c3e3e0-2a39-280a-6701-4f2405271412 Address:127.0.0.1:8300}]
2019/05/09 22:16:16 [INFO] raft: Node at 127.0.0.1:8300 [Follower] entering Follower state (Leader: "")
2019/05/09 22:16:16 [INFO] serf: EventMemberJoin: bogon.dc1 127.0.0.1
2019/05/09 22:16:16 [INFO] serf: EventMemberJoin: bogon 127.0.0.1
2019/05/09 22:16:16 [INFO] consul: Adding LAN server bogon (Addr: tcp/127.0.0.1:8300) (DC: dc1)
2019/05/09 22:16:16 [INFO] consul: Handled member-join event for server "bogon.dc1" in area "wan"
2019/05/09 22:16:16 [INFO] agent: Started DNS server 127.0.0.1:8600 (udp)
2019/05/09 22:16:16 [DEBUG] agent/proxy: managed Connect proxy manager started
2019/05/09 22:16:16 [WARN] agent/proxy: running as root, will not start managed proxies
2019/05/09 22:16:16 [INFO] agent: Started DNS server 127.0.0.1:8600 (tcp)
2019/05/09 22:16:16 [INFO] agent: Started HTTP server on 127.0.0.1:8500 (tcp)
2019/05/09 22:16:16 [INFO] agent: Started gRPC server on 127.0.0.1:8502 (tcp)
2019/05/09 22:16:16 [INFO] agent: started state syncer
2019/05/09 22:16:16 [WARN] raft: Heartbeat timeout from "" reached, starting election
2019/05/09 22:16:16 [INFO] raft: Node at 127.0.0.1:8300 [Candidate] entering Candidate state in term 2
2019/05/09 22:16:16 [DEBUG] raft: Votes needed: 1
2019/05/09 22:16:16 [DEBUG] raft: Vote granted from b4c3e3e0-2a39-280a-6701-4f2405271412 in term 2. Tally: 1
2019/05/09 22:16:16 [INFO] raft: Election won. Tally: 1
2019/05/09 22:16:16 [INFO] raft: Node at 127.0.0.1:8300 [Leader] entering Leader state
2019/05/09 22:16:16 [INFO] consul: cluster leadership acquired
2019/05/09 22:16:16 [INFO] consul: New leader elected: bogon
2019/05/09 22:16:16 [INFO] acl: initializing acls
2019/05/09 22:16:16 [INFO] consul: Created ACL 'global-management' policy
2019/05/09 22:16:16 [INFO] consul: Created ACL anonymous token from configuration
2019/05/09 22:16:16 [INFO] serf: EventMemberUpdate: bogon
2019/05/09 22:16:16 [INFO] serf: EventMemberUpdate: bogon.dc1
2019/05/09 22:16:16 [INFO] connect: initialized primary datacenter CA with provider "consul"
2019/05/09 22:16:16 [DEBUG] consul: Skipping self join check for "bogon" since the cluster is too small
2019/05/09 22:16:16 [INFO] consul: member 'bogon' joined, marking health alive
2019/05/09 22:16:16 [DEBUG] consul: Skipping self join check for "bogon" since the cluster is too small
2019/05/09 22:16:16 [DEBUG] agent: Skipping remote check "serfHealth" since it is managed automatically
2019/05/09 22:16:16 [INFO] agent: Synced node info
2019/05/09 22:16:16 [DEBUG] agent: Node info in sync
2019/05/09 22:16:18 [DEBUG] agent: Skipping remote check "serfHealth" since it is managed automatically
2019/05/09 22:16:18 [DEBUG] agent: Node info in sync
2019/05/09 22:17:16 [DEBUG] consul: Skipping self join check for "bogon" since the cluster is too small
2019/05/09 22:17:33 [DEBUG] agent: Skipping remote check "serfHealth" since it is managed automatically
2019/05/09 22:17:33 [DEBUG] agent: Node info in sync
2019/05/09 22:17:34 [ERR] http: Request GET /v1/acl/list, error: Permission denied from=127.0.0.1:62740
我这边可以正常使用kv读取存储。
然后问题跟这个issue一致,就是Permission denied : https://github.com/silas/node-consul/issues/58
p.s. 我这边也是用Node.js写的,然后用的consul这个模块
写回答
1回答
-
您好!这个问题应该是ACL配置问题,我没有遇到过这个问题;我在Stack Overflow上了解了一下,大部分解决方案是在连接consul时要指定token,token是类似下面UUID的内容,可以试一下
-token=16c5413b-276c-45ab-9b0e-9664126f1161
032019-05-13
相似问题