I am integrating kubernetes cluster to external vault cluster with the article below Integrate Kubernetes with an external Vault cluster | Vault | HashiCorp Developer.
But I am facing permission denied problem. When I grant kubernetes permission from vault server to integrate and set values in vault server, there is no problem but when I take values in kubernetes and apply in vault server then I get permission denied. I check KUBE_CA_CERT,KUBE_HOST,TOKEN_REVIEW_JWT all 3 later in vault vault read auth/kubernetes-portal-test/config and it is completely correct. I would be happy if you could help me with what is the problem. The main problem is that when I do it in the vault server with kubectl permission, everything works fine, but when I do the steps to be done in Kubernetes there and copy the values to the vault, it doesn’t work.I can’t allow port 6443 of all kubernetes clusters from vault
Hello,
Which part of the tutorial specifically is giving you the error - using a hard coded token? Kubernetes service? or Kubernetes auth method? Can you please also confirm if you are following the tutorial as written, or are you applying the steps to your own environment?
Thanks
fixed, problem related kubernetes cluster have access to vault, but vault don’t have access to kubernetes 6443 endpoint
1 Like