Faild mount csi secret

Hello,

i try to use csi driver to mount different secret in pod from vault.
Il run this doc Mount Vault Secrets through Container Storage Interface (CSI) Volume | Vault - HashiCorp Learn
But i have this message:
Normal Scheduled 2s default-scheduler Successfully assigned default/webapp to slave3-ipam
Warning FailedMount 0s (x3 over 2s) kubelet MountVolume.SetUp failed for volume “secrets-store-inline” : rpc error: code = Unknown desc = failed to mount secrets store objects for pod default/webapp, err: rpc error: code = Unknown desc = error making mount request: failed to create a service account token for requesting pod {webapp be6f4d93-a6b2-4a6f-9f88-2d8f73eb03c3 default webapp-sa}: the server could not find the requested resource
Any help please
Thanks

2 Likes

Having the same issue

I’m also having the same issue.

That normally means the token request endpoint is not available in the Kubernetes API. What version of Kubernetes are you using (kubectl version)? If it’s 1.19.x or lower, there are some extra steps in the tutorial to help ensure the token request endpoint is enabled. In particular, when creating the cluster

minikube start \
    --extra-config=apiserver.service-account-signing-key-file=/var/lib/minikube/certs/sa.key \
    --extra-config=apiserver.service-account-issuer=https://kubernetes.default.svc.cluster.local