I am running into an Issue when deploying Vault using the Helm Chart and with HA enabled together with the Istio Mesh.
Previously I had Vault deployed in the cluster and was perfectly working with HA enabled. Lately, I have added Istio inside the Kubernetes cluster to enable mTLS with sidecar injection. However, if I add the strict mode from Istio to force all the connections be mTLS, Vault server pods do not start and I get the following error:
storage migration check error: error="Unexpected response code: 503"
Then if I check consul server I have this error:
2020-11-28T13:03:04.156Z [ERROR] agent.server.memberlist.lan: memberlist: Push/Pull with kind-worker failed: EOF 2020-11-28T13:03:34.158Z [ERROR] agent.server.memberlist.lan: memberlist: Push/Pull with kind-worker2 failed: EOF 2020-11-28T13:05:34.171Z [ERROR] agent.server.memberlist.lan: memberlist: Push/Pull with kind-worker2 failed: EOF
If strict mode is not enabled then everything works. Do yo know how can I solve this issue with Vault so I can enable the mTLS strict mode?
Thanks in advance,