Hi all, i was testing out the vault-agent-injector and was following one of the guides until i got stuck at this particular stage Injecting Secrets into Kubernetes Pods via Vault Agent Containers | Vault - HashiCorp Learn
Issue i am facing is, vault-agent-init sidecar container managed to be injected but its never in a “ready” state. from the vault-agent-init logs, i can see it’s having difficulty communicating to Vault server.
2021-05-20T10:33:21.828Z [INFO] auth.handler: authenticating 2021-05-20T10:34:21.829Z [ERROR] auth.handler: error authenticating: error="context deadline exceeded" backoff=4m36.53s
My k8s environment (default namespace):
root@kubemaster1:/home/vagrant# kubectl get po NAME READY STATUS RESTARTS AGE consul-consul-fqf4t 1/1 Running 0 26h consul-consul-kz7t7 1/1 Running 0 26h consul-consul-server-0 1/1 Running 0 7h33m consul-consul-server-1 1/1 Running 0 26h node-app-5bbfcff-vf2p6 0/2 Init:0/1 0 19m <------- faulty pods node-app-5bbfcff-xkdt2 0/2 Init:0/1 0 19m vault-0 1/1 Running 0 82m vault-1 1/1 Running 0 82m vault-agent-injector-586c568bcb-cbkqd 1/1 Running 0 82m
What i have verified so far:
- relevant vault policy created as per guide
- relevant serviceaccount created and used
- relevant vault role created and used
- shell into vault-agent-init sidecar and verified no connectivity issue between it and Vault or vault-agent-injector
What else could i be missing? where can i look further into this? Will definitely appreciate any help on this.