Error Making API Request: Missing client token

I’m trying to run Vault within GKE, and have followed tutorials here and here.

We’re running everything on a single cluster, and have vault in a separate vault namespace. When trying to bring up a new pod, I’ve passed in the, agent-inject-secretname, and role annotations, but get a 400 error: missing client token. The logs state “Error making API request” and “URL PUT http://vault.vault.svc:8200/v1/auth//login”, though I get the same error with “URL PUT …/v1/auth/kubernetes/login” – this was changed as someone else had a similar problem on github, though it doesn’t resolve our problem.

This problem happens in the vault-agent-init container.

Is there anything I seem to be doing wrong? How can I debug this. I’m unable to set a VAULT_TOKEN environment variable into the container throwing the error, which seemed to be a solution.