Sidecar vault-init-container error authenticating: error="context deadline exceeded" backoff=3m4

  • Access external vault server from OpenShift, access is given via external-vault endpoint that points to external server.
  • All policies and roles etc., created as per documentations
  • Vault-agent is installed

Now when deploying the sample org-chart application with annotations to side-car container is not starting. Logs of vault-init-container in a pod, shows following authentication errors. However, when we exec shell and enter vault-init-container and try to do vault login with root token from within container, it works.

2022-02-16T17:53:18.284Z [INFO]  auth.handler: authenticating
2022-02-16T17:54:18.287Z [ERROR] auth.handler: error authenticating: error="context deadline exceeded" backoff=3m52.18s

What could be the issue?

That usually means the container couldn’t reach out to the Vault server it is connecting to. Check to make sure you can connect from a pod inside of that namespace out to the vault server using curl or the vault cli.

Thanks @aram - Yes, as mentioned, I can connect to Vault server from within a pod container using vault cli (using root token). Still container throws authentication errors.

Then the init container is configured with a different vault_addr/port. Paste both your deployment as well as how you setup the authentication (command that you ran).