Closed pooja20aug closed 2 years ago
I'm afraid there's too much noise here to help you debug the issue. The best place to debug deployment issues like this is the discuss forums: https://discuss.hashicorp.com/c/vault/30. I would recommend that you just include the helm chart values that you have changed from the default, make sure you use markdown triple-backticks so that it's more easily readable, and include as many commands as you can to help others reproduce the issue. Sorry I can't be of more help here!
Vault with consul is deployed successfully. After that when we try to deploy a sample nginx deployment to test the vault agent injector, vault agent container is not getting added to the pod. The nginx pod displays as 1/1 Running. But is should be 2/2 .
To Reproduce --> vault with consul is deployed successful --> All pods are up and running --> when a sample nginx deployment is deployed to test whether vault injector is able to inject in the other pod. Below issue comes up:
--> This sample deployment comes up as 1/1 Running state but it should be 2/2. Expected output: --> There should be 2 containers for the sample pod (nginx and vault)
Values.yaml of Vault
`cluster_1_deploy: true
Cluster 1 configuration
cluster_1_values:
Available parameters and their default values for the Vault chart.
global:
enabled is the master enabled switch. Setting this to true or false
injector:
True if you want to enable vault agent injection.
server:
If not set to true, Vault server will not be installed. See vault.mode in _helpers.tpl for implementation details
Vault UI
ui:
True if you want to create a Service entry for the Vault UI.
secrets-store-csi-driver-provider-vault
csi:
True if you want to install a secrets-store-csi-driver-provider-vault daemonset.
external_certs: enabled: true name: vault-server-tls data: vault_ca: "" vault_crt: "" vault_key: ""
`
sample nginx deployment.yaml: `--- apiVersion: apps/v1 kind: Deployment metadata: name: app-example-deployment55 spec: replicas: 1 selector: matchLabels: app: app-example55 template: metadata: labels: app: app-example55 annotations: vault.hashicorp.com/agent-inject: 'true' vault.hashicorp.com/agent-inject-status: "update" vault.hashicorp.com/agent-cache-enable: "true" vault.hashicorp.com/agent-cache-use-auto-auth-token: "true" vault.hashicorp.com/agent-inject-token: "true" vault.hashicorp.com/log-level: "debug" vault.hashicorp.com/agent-inject-command-db-creds: "sh -c 'kill -HUP $(pidof client)'" vault.hashicorp.com/agent-configmap: 'my-configmap'
vault.hashicorp.com/ca-cert: '/vault/tls/ca.crt'
apiVersion: v1 kind: ConfigMap metadata: name: my-configmap data: config.hcl: | "auto_auth" = { "method" = { "config" = { "role" = "eopsrole" } "type" = "kubernetes" }
config-init.hcl: | "auto_auth" = { "method" = { "config" = { "role" = "eopsrole" } "type" = "kubernetes" }
`
Expected behavior Sample deployment pod should come up with 2/2 containers
Environment
Kubernetes version: v1.21.5-gke.1200
vault-k8s version: 0.14.1