cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Looking to upgrade from Dynatrace Managed to SaaS? See how

Seed-auth token when adding subsequent nodes to the cluster

Kandasamy_Selva
Participant

We are managed multi node cluster with version 130 and we are aware that right now for secondary cluster installation we manually have to copy the seed auth token from primary node cluster management console to install secondary nodes. This is the manual step that we wanted to avoid to take care of sending seed token to secondary nodes in an automated way to automate our cluster deployment.

Already we opened this is an issue and it looks this is addressed into new version 134 as per this below release notes mentioning "The API token generated during cluster installation can now be used as the seed-authtoken when adding subsequent nodes to the cluster. To date, the seed-auth token could only be manually obtained via the Dynatrace Managed Cluster Management Console"

https://www.dynatrace.com/blog/dynatrace-managed-f...

Could some one explain what is the step by step process to leverage this automation for secondary nodes. Basically under which step of cluster installation we can access the api token and how to pass it as value for seed-auth token to the secondary nodes in an automated way.

Hope it's clear and makes sense, please let me know if we need any additional info.

 

7 REPLIES 7

Radoslaw_Szulgo
Dynatrace Guru
Dynatrace Guru

The seed-auth token is shown at the end of the output from installation. A sample log below:

 

Installation in silent mode completed successfully after 5 minutes 58 seconds.
Exit code: 0
Warnings:

Dynatrace binaries are located in directory /opt/dynatrace-managed
Dynatrace data is located in directory /var/opt/dynatrace-managed
Dynatrace metrics repository is located in directory /var/opt/dynatrace-managed/cassandra
Dynatrace Elasticsearch store is located in directory /var/opt/dynatrace-managed/elasticsearch
Dynatrace server store is located in directory /var/opt/dynatrace-managed/server
Dynatrace session replay store is located in directory /var/opt/dynatrace-managed/server/replayData
Your API token for Server communication: dt0c01.<token>
You can now log into your Dynatrace Server at https://1.1.4.1

 

Please take a look how we get that to automate cluster installation with Ansible Playbook:

seedToken: "{{ nodeOne.stdout | regex_search('Your API token for Server communication: ([a-zA-Z0-9-_]+)') | regex_replace('Your API token for Server communication: ([a-zA-Z0-9-_]+)', '\\1') }}"

Then we use the fact "seedToken" passing it to the subsequent node installers.

Hope that helps!

Senior Product Manager,
Dynatrace Managed expert

Appreciate your response @Radoslaw S, it really helps. Meanwhile you mentioned that API token is shown at end of the output from installation, wondering if this API token value will be available by DEFAULT at end of installation or do we need set any additional parameters explicitly for the install script (dynatrace-managed-installer.sh) to populate this API token.

Would you prefer the --install or --install-silent for running the install script to access this API token at the end of installation.

Well.. seems you try to automate stuff (like we do), so --install-silent is the only option, as without that it's an interactive mode that terminal will wait for user input.

Senior Product Manager,
Dynatrace Managed expert

That makes sense. Meanwhile I have found there is an REST API to access all API tokens in the cluster so that way we can use the CURL to get this values (similar to ansible ) that you mentioned for passing the same to secondary nodes. Though I got the URI still not sure which authorization header works in this case, as we can't use the api token as authorization header value since thats the value we are trying to retrieve it. By any chance is anyone use this below CURL to access all the API token in the managed env , if yes could you please share what headers are needed in this case

https://<host>/api/v1.0/onpremise/tokens

It's BASIC authentication. Use a user and password from your internal DB - e.g. 'admin' account

Senior Product Manager,
Dynatrace Managed expert

Awesome, that worked!! thanks for all your inputs !!

your welcome - have fun and good luck 🙂

Senior Product Manager,
Dynatrace Managed expert

Featured Posts