A new platform for documentation and tutorials is launching soon.
We are migrating Nomad documentation into HashiCorp Developer, our new developer experience.
»Command: operator gossip keyring use
operator gossip keyring use command changes the encryption key
used for gossip. The key must already be installed before this
operation can succeed.
This command can only be run against server nodes. It returns 0 if all nodes reply and there are no errors. If any node fails to reply or reports failure, the exit code will be 1.
If ACLs are enabled, this command requires a token with the
nomad operator gossip keyring use [options] <key>
-address=<addr>: The address of the Nomad server. Overrides the
NOMAD_ADDRenvironment variable if set. Defaults to
-region=<region>: The region of the Nomad server to forward commands to. Overrides the
NOMAD_REGIONenvironment variable if set. Defaults to the Agent's local region.
-no-color: Disables colored command output. Alternatively,
NOMAD_CLI_NO_COLORmay be set. This option takes precedence over
-force-color: Forces colored command output. This can be used in cases where the usual terminal detection fails. Alternatively,
NOMAD_CLI_FORCE_COLORmay be set. This option has no effect if
-no-coloris also used.
-ca-cert=<path>: Path to a PEM encoded CA cert file to use to verify the Nomad server SSL certificate. Overrides the
NOMAD_CACERTenvironment variable if set.
-ca-path=<path>: Path to a directory of PEM encoded CA cert files to verify the Nomad server SSL certificate. If both
-ca-certis used. Overrides the
NOMAD_CAPATHenvironment variable if set.
-client-cert=<path>: Path to a PEM encoded client certificate for TLS authentication to the Nomad server. Must also specify
-client-key. Overrides the
NOMAD_CLIENT_CERTenvironment variable if set.
-client-key=<path>: Path to an unencrypted PEM encoded private key matching the client certificate from
-client-cert. Overrides the
NOMAD_CLIENT_KEYenvironment variable if set.
-tls-server-name=<value>: The server name to use as the SNI host when connecting via TLS. Overrides the
NOMAD_TLS_SERVER_NAMEenvironment variable if set.
-tls-skip-verify: Do not verify TLS certificate. This is highly not recommended. Verification will also be skipped if
-token: The SecretID of an ACL token to use to authenticate API requests with. Overrides the
NOMAD_TOKENenvironment variable if set.
$ nomad operator gossip keyring use HD5Y61iE+neTxd1n6TnXhCPViPIUq5QpWq8WW8012XA= Changing primary gossip encryption key...