Hi Everyone,
I am trying to install Vault with https enabled on k8s cluster but pods are not coming up.
kubectl get po -n vault
NAME READY STATUS RESTARTS AGE vault-0 0/1 Running 0 7m30s vault-agent-injector-ffb558b4b-5kph7 1/1 Running 0 7m31s
describe:
Normal Pulled 12m kubelet Container image “hashicorp/vault:1.12.1” already present on machine
Normal Created 12m kubelet Created container vault
Normal Started 12m kubelet Started container vault
Warning Unhealthy 2m55s (x120 over 12m) kubelet Readiness probe failed: Error checking seal status: Get “https://127.0.0.1:8200/v1/sys/seal-status”: http: server gave HTTP response to HTTPS client
USER-SUPPLIED VALUES:
global:
enabled: true
tlsDisable: false
server:
extraEnvironmentVars:
VAULT_CACERT: /vault/userconfig/vault-server-tls/vault.ca
standalone:
config: |
listener "tcp" {
address = "[::]:8200"
cluster_address = "[::]:8201"
tls_cert_file = "/vault/userconfig/vault-server-tls/vault.crt"
tls_key_file = "/vault/userconfig/vault-server-tls/vault.key"
tls_client_ca_file = "/vault/userconfig/vault-server-tls/vault.ca"
}
storage "file" {
path = "/vault/data"
}
enabled: true
volumeMounts:
- mountPath: /vault/userconfig/vault-server-tls
name: userconfig-vault-server-tls
readOnly: true
volumes:
- name: userconfig-vault-server-tls
secret:
defaultMode: 420
secretName: vault-server-tls