Introduction
This article documents a workaround for a known defect where license mismatch errors between active and standby nodes are reported after updating the auto-loaded license.
The defect was fixed in Vault Enterprise 1.12.10, 1.13.6 & 1.14.2.
Problem
Errors are logged in the operational logs of standby nodes indicating that there is a mismatch between the auto-loaded license on the node and the persisted auto-loaded license on the active node.
Prerequisites (if applicable)
- Vault Enterprise 1.11.3 to 1.12.2
Cause
Due to a known defect in the versions listed above, after updating from one auto-loaded license to another/new license using any of the following methods:
- The CLI:
vault write -f sys/config/reload/license - Using
SIGHUPto reload Vault - eg:kill -SIGHUP $(pidof vault) - OR
systemdto do areloadof the Vault process - eg:systemctl reload vault
the following error is reported at 1 minute intervals in the operational logs of standby nodes:
[WARN] core: local autoloaded license differs from that used by active node
In addition to the error in the operational logs, if the license details are read using the following CLI command:
vault license get
The following warning is observed in the returned output:
autoloaded license on local node doesn't match persisted autoloaded license from active node
Overview of possible solutions (if applicable)
A restart of the Vault process on all nodes is necessary.
Outcome
The above action clears the cached persisted auto-loaded license information thus resolving the issue.
Additional Information
-
License FAQ: License Frequently Asked Questions
- Vault Documentation: API to Reload License
- Vault Documentation: Get License details for Currently Loaded License