Open Elyytscha opened 1 month ago
which seems not a problem related to bank vaults as far as I investigated:
questions remaining are:
As I found out, this happens if unsealconfig is kubernetes
unsealConfig:
options:
preFlightChecks: true
storeRootToken: true
secretShares: 5
secretThreshold: 3
kubernetes:
secretNamespace: vault
with this config, vault does not survive an outage, if you kill all vault pods, vault doesn't come back up by itself
with another config, example, and the same storage backend (raft) vault does survive an outage of all vault nodes, comes back up online successfully without interaction
google:
kmsKeyRing: ${kms_keyring}
kmsCryptoKey: ${kms_crypto_key}
kmsLocation: ${region}
kmsProject: ${project}
storageBucket: ${storage_bucket}
Preflight Checklist
Operator Version
1.22.1
Installation Type
Official Helm chart
Bank-Vaults Version
No response
Kubernetes Version
1.28
Kubernetes Distribution/Provisioner
OKD
Expected Behavior
Vault should come back online successfull
Actual Behavior
Vault is broken and stays broken
Steps To Reproduce
Configuration
Logs
Additional Information
No response