In the vault-agent-init it can take up to a good 10 minutes to authenticate with a k8s service account to my external vault server.
After backing off with permission denied several times, it eventually works:
....
2022-11-11T17:00:18.035Z [INFO] auth.handler: authenticating
2022-11-11T17:00:18.146Z [ERROR] auth.handler: error authenticating:
error=
| Error making API request.
|
| Namespace: foo/dev/
| URL: PUT https://vault.foo.com/v1/auth/kubernetes/login
| Code: 403. Errors:
|
| * permission denied
backoff=4m28.06s
..
2022-11-11T17:04:46.208Z [INFO] auth.handler: authenticating
2022-11-11T17:04:46.372Z [INFO] auth.handler: authentication successful, sending token to sinks
2022-11-11T17:04:46.372Z [INFO] auth.handler: starting renewal process
2022-11-11T17:04:46.373Z [INFO] sink.file: token written: path=/home/vault/.vault-token
2022-11-11T17:04:46.373Z [INFO] sink.server: sink server stopped
2022-11-11T17:04:46.373Z [INFO] sinks finished, exiting
2022-11-11T17:04:46.373Z [INFO] template.server: template server received new token
Can anyone explain this unusual behaviour? This happens consistently.