Hello good people,
I have gone through the motions of installing vault-agent-injector and configured it to talk to an external vault cluster. Kubernetes auth works !
When I start and patch a deployment with replicas=1 everything works as advertised, well almost but that that is another story. I used the nginx example from the tutorial.
If I edit the self same deployment to 2 or more replicas the vault-agent-init gets a “Forbidden” response, all else being identical.
Any ideas / clues / pointers ? I was thinking maybe the vault server will not allow the generation of a new token for the same JWT.