Open dadav opened 1 year ago
Describe the bug The init container of the injector can't connect to $releasename.vault.svc:8200
An additional NetworkPolicy is required.
To Reproduce Steps to reproduce the behavior:
testdeployment-79c87f598b-n5gts vault-agent-init 2023-08-17T09:48:30.272Z [ERROR] agent.auth.handler: error authenticating: error="Put \"[http://vault-deployment.vault.svc:8200/v1/auth/kubernetes/login\](http://vault-deployment.vault.svc:8200/v1/auth/kubernetes/login%5C)": dial tcp [172.17.32.81:8200](http://172.17.32.81:8200/): i/o timeout" backoff=1s
Expected behavior I expected that the helm chart would create the required NetworkPolicy which allows other Namespaces to connect.
Environment OpenShift 4.10.61 Chart version 0.25.0
Additional context With this NetworkPolicy it worked:
--- kind: NetworkPolicy apiVersion: networking.k8s.io/v1 metadata: name: agent-injector-access namespace: vault spec: podSelector: matchLabels: app.kubernetes.io/instance: vault-deployment app.kubernetes.io/name: vault ingress: - ports: - protocol: TCP port: 8200 from: - namespaceSelector: {} policyTypes: - Ingress
Describe the bug The init container of the injector can't connect to $releasename.vault.svc:8200
An additional NetworkPolicy is required.
To Reproduce Steps to reproduce the behavior:
Expected behavior I expected that the helm chart would create the required NetworkPolicy which allows other Namespaces to connect.
Environment OpenShift 4.10.61 Chart version 0.25.0
Additional context With this NetworkPolicy it worked: