Vault token renewal not happening after Spring Cloud Services(SCS) tile upgrade to 3.1.54
search cancel

Vault token renewal not happening after Spring Cloud Services(SCS) tile upgrade to 3.1.54

book

Article ID: 370541

calendar_today

Updated On:

Products

VMware Tanzu Application Service for VMs

Issue/Introduction

Applications cannot access the configuration via config server with Vault backend, in config server logs, there are error messages as following:

[Request processing failed; nested exception is org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://127.0.0.1:8200/v1/auth/token/renew-self": Connect to 127.0.0.1:8200 [/127.0.0.1] failed: Connection refused (Connection refused)

 

Environment

Spring Cloud Services for VMware Tanzu 3.1.54

Cause

This issue is caused by a code change in SCS 3.1.54.

Resolution

In order to work around the issue, please follow the two steps as below:

1- In the composite remove vault.   

So instead of a composite config,

{
    "name": "foo",
    "profiles": [
        "default"
    ],
    "label": null,
    "version": null,
    "state": null,
    "propertySources": [
        {
            "name": "vault:foo",
            "source": {
                "foo": "vault"
            }
        }
    ]
}

2- Enter the configutarion for a vault and a git:

{
   "vault":{
      "scheme":"https",
      "port":"xx",
      "host":"mydomain.com",
      "backend":"mybackend folder",
      "....."
   },
   "git":{
      "url:":"http://mygit.com"
      "...."
   }
}

You will have a git and a vault, that will workaround the issue until a patch is released.

The patch is being worked and it will be released on a new version of the spring cloud services tile.

Additional Information

A patch will be confirmed on the following SCS version.

Powered by Wolken Software