Recreating the gafaelfawr token¶
If Gafaelfawr has restarted and its redis service’s storage has been
lost, services that rely on having a token from gafaelfawr to allow
them access to other services will no longer be able to authenticate.
This is seen in the nublado2 namespace; when it happens the gafaelfawr-token no longer allows access to Moneypenny and user pod spawning fails.
To correct the issue:
- Force a restart of the
gafaelfawr-tokensdeployment in thegafaelfawrnamespace. This will recreate the secret innublado2. - Force a restart of the
hubdeployment innublado2. This will restart the hub with the new, correct token.