ACL bootstrap error from Fault Tolerant Data Aggregator upgrade
search cancel

ACL bootstrap error from Fault Tolerant Data Aggregator upgrade


Article ID: 258594


Updated On:


CA Performance Management - Usage and Administration DX NetOps


We just upgraded from 22.2.3 to 22.2.5 with a HA DA config. neither DA can see the ACI token. We have tried the following.

Uninstalling the daproxy and reinstalling, resetting the tokens as describe in this KB

In short in short neither of the DA's are running.

DX NetOps Performance Management Data Aggregator Fault Tolerant upgrade is failing.

The DA install logs show this error.

Status: ERROR
Additional Notes: ERROR - Error while boostrapping ACL: Request to Bootstrap ACL failed HTTP Error Code: 403, response: Forbidden

Custom Action:
Additional Notes: FATAL ERROR - class FatalInstallException: HTTP Error Code: 403, response: Forbidden

When trying to run active for the dadaemon it shows this error:

WARNING: Cannot find the Consul ACL token

Both DA systems are able to access, read and write to the files and directories for the shared data directory.


All supported DX NetOps Performance Management releases


The environment was migrated. The original DA Shared Data location was /opt/DASharedRepo. The new system was built using /opt/DASharedRepo/data but the token file was located in /opt/DASharedRepo.


When migrating Fault Tolerant Data Aggregator systems ensure the shared data directory path matches between old and new systems.

If unable to rebuilt again to match, in this case we were able to simply move the file from /opt/DASharedRepo to /opt/DASharedRepo/data.

This allowed the installs to complete without error. After this both DAs started into their respective Active and Ready states.

Additional Information

Check the parameter in /etc/DA.cfg file on each machine

Should be /DASharedRepo (Fault-tolerant environments require a shared data directory (for example, /DASharedRepo) 
The should be in directory.