I have the consul template container running within my pod that talks to vault via Kubernetes auth method to retrieve my secrets which is then used by my application container running within the same pod.
It works very well when we deploy the pod for the first time…It can talk to vault pull credential successfully… all is well…However after few hours the pod gets restarted over and over again. On looking at consul template container logs I see this error
- permission denied (retry attempt 9 after “1m0s”)
2019/09/20 19:01:31.382180 [WARN] (view) vault.read(secret/spacemgr/config): vault.read(secret/spacemgr/config): Error making API request.
URL: GET https:///v1/secret/spacemgr/config
Code: 403. Errors:
Why would vault return permission denied. I am able to connect successfully and retrieve all my creds successfully for initial few hours but all of a sudden after several hours it starts to get this error and the pods gets restarted over and over.
Any idea about this error and resolution is appreciated. Thanks