[docs] ACL reset procedure (#5334)

* Adding reset instructions. * Added link to the boostrapping guide for the reset procedure. * Update website/source/docs/guides/acl.html.md Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com> * Update website/source/docs/guides/acl.html.md Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com> * Update website/source/docs/guides/acl.html.md Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
6 years ago · a093af320c
2 changed files with 16 additions and 1 deletions
--- a/website/source/docs/commands/acl/acl-bootstrap.html.md.erb
+++ b/website/source/docs/commands/acl/acl-bootstrap.html.md.erb
@ -11,7 +11,7 @@ Command: `consul acl bootstrap`
 The `acl bootstrap` command will request Consul to generate a new token with unlimited privileges to use
 for management purposes and output its details. This can only be done once and afterwards bootstrapping
 will be disabled. If all tokens are lost and you need to bootstrap again you can follow the bootstrap
-reset procedure.
+[reset procedure](https://learn.hashicorp.com/consul/advanced/day-1-operations/acl-guide#ensure-the-acl-system-is-configured-properly).

 The ACL system can also be bootstrapped via the [HTTP API](/api/acl/acl.html#bootstrap-acls).

--- a/website/source/docs/guides/acl.html.md
+++ b/website/source/docs/guides/acl.html.md
@ -218,6 +218,21 @@ curl http://127.0.0.1:8500/v1/catalog/nodes -H 'x-consul-token: 4411f091-a4c9-48

 All the values should be as expected. Particularly, if `TaggedAddresses` is `null` it is likely we have not configured ACLs correctly. A good place to start debugging is reviewing the Consul logs on all the servers.

+If you encounter issues that are unresolvable, or misplace the bootstrap token, you can reset the ACL system by updating the index. First re-run the bootstrap command to get the index number.
+
+```
+$ consul acl bootstrap
+Failed ACL bootstrapping: Unexpected response code: 403 (Permission denied: ACL bootstrap no longer allowed (reset index: 13))
+```
+
+Then write the reset index into the bootstrap reset file: (here the reset index is 13)
+
+```
+$ echo 13 >> <data-directory>/acl-bootstrap-reset
+```
+
+After reseting the ACL system you can start again at Step 2. 
+
 ## Step 6: Enable ACLs on the Consul Clients

 Since ACL enforcement also occurs on the Consul clients, we need to also restart them