Install Vault from scratch with HA: true and raft: true but understand I must provide certificate to support connection between pods.
I’ve follow this guide: Standalone Server with TLS | Vault | HashiCorp Developer
But stuck here:
serverCert=$(kubectl get csr ${CSR_NAME} -o jsonpath='{.status.certificate}')
Seem the step before:
kubectl get csr ${CSR_NAME}
NAME AGE SIGNERNAME REQUESTOR CONDITION
vault-csr 1m13s kubernetes.io/kubelet-serving kube-admin Approved
didn’t finish well - it seems I missed the after-certificate issue - but in my case, it’s only approved and that’s it.
What can be done?