From 31ccb2667a6a4c21571cb65c9d8ac767a1ec4e23 Mon Sep 17 00:00:00 2001
From: Nick Cabatoff <ncabatoff@hashicorp.com>
Date: Mon, 4 Dec 2023 09:31:16 -0500
Subject: [PATCH] Ensure that Autopilot sees all nodes in KnownServers at
 outset (#24246)

---
 changelog/24246.txt |  3 +++
 vault/raft.go       | 21 ++++++++++++---------
 2 files changed, 15 insertions(+), 9 deletions(-)
 create mode 100644 changelog/24246.txt

diff --git a/changelog/24246.txt b/changelog/24246.txt
new file mode 100644
index 0000000000..424a006f2d
--- /dev/null
+++ b/changelog/24246.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+storage/raft: Fix a race whereby a new leader may present inconsistent node data to Autopilot.
+```
\ No newline at end of file
diff --git a/vault/raft.go b/vault/raft.go
index b2b26496d1..76dcf4fa0d 100644
--- a/vault/raft.go
+++ b/vault/raft.go
@@ -314,14 +314,6 @@ func (c *Core) setupRaftActiveNode(ctx context.Context) error {
 	c.logger.Info("starting raft active node")
 	raftBackend.SetEffectiveSDKVersion(c.effectiveSDKVersion)
 
-	autopilotConfig, err := c.loadAutopilotConfiguration(ctx)
-	if err != nil {
-		c.logger.Error("failed to load autopilot config from storage when setting up cluster; continuing since autopilot falls back to default config", "error", err)
-	}
-	disableAutopilot := c.disableAutopilot
-
-	raftBackend.SetupAutopilot(c.activeContext, autopilotConfig, c.raftFollowerStates, disableAutopilot)
-
 	c.pendingRaftPeers = &sync.Map{}
 
 	// Reload the raft TLS keys to ensure we are using the latest version.
@@ -334,7 +326,18 @@ func (c *Core) setupRaftActiveNode(ctx context.Context) error {
 	if err := c.monitorUndoLogs(); err != nil {
 		return err
 	}
-	return c.startPeriodicRaftTLSRotate(ctx)
+
+	if err := c.startPeriodicRaftTLSRotate(ctx); err != nil {
+		return err
+	}
+
+	autopilotConfig, err := c.loadAutopilotConfiguration(ctx)
+	if err != nil {
+		c.logger.Error("failed to load autopilot config from storage when setting up cluster; continuing since autopilot falls back to default config", "error", err)
+	}
+	disableAutopilot := c.disableAutopilot
+	raftBackend.SetupAutopilot(c.activeContext, autopilotConfig, c.raftFollowerStates, disableAutopilot)
+	return nil
 }
 
 func (c *Core) stopRaftActiveNode() {