After the modification of the config vault-init builds up and starts succesfully, however second image (vault itself) cannot start due to "certificate signed by unknown authority" issue, i've seen a thread with same issue (https://github.com/hashicorp/vault/issues/7400), but in current version of config (vault.yaml) no similar definitions present. I'm newbie into writing kubernetes configs so i kinda stuck, would be much appreciated for the tip where to make a correction.
As a test i've run check of the certificate:
openssl verify -verbose -CAfile ca.pem vault.pem vault-combined.pem
which return OK.
Logs from the kubectl describe pod:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 12s default-scheduler Successfully assigned default/vault-0 to gke-vault-default-pool-d74029c5-zqwh
Normal Pulling 12s kubelet Pulling image "busybox"
Normal Pulled 11s kubelet Successfully pulled image "busybox" in 244.728664ms (244.755034ms including waiting)
Normal Created 11s kubelet Created container config
Normal Started 11s kubelet Started container config
Normal Pulling 10s kubelet Pulling image "sethvargo/vault-init"
Normal Pulled 9s kubelet Successfully pulled image "sethvargo/vault-init" in 909.476256ms (909.521213ms including waiting)
Normal Created 9s kubelet Created container vault-init
Normal Started 9s kubelet Started container vault-init
Normal Pulled 9s kubelet Container image "hashicorp/vault" already present on machine
Normal Created 9s kubelet Created container vault
Normal Started 9s kubelet Started container vault
Warning Unhealthy 1s kubelet Readiness probe failed: HTTP probe failed with statuscode: 501
Logs from the kubectl logs vault-0 -c vault-init
2023/11/02 19:17:49 Starting the vault-init service...
2023/11/02 19:17:49 Head "https://127.0.0.1:8200/v1/sys/health": dial tcp 127.0.0.1:8200: connect: connection refused
2023/11/02 19:17:59 Head "https://127.0.0.1:8200/v1/sys/health": x509: certificate signed by unknown authority
2023/11/02 19:18:09 Head "https://127.0.0.1:8200/v1/sys/health": x509: certificate signed by unknown authority
2023/11/02 19:18:19 Head "https://127.0.0.1:8200/v1/sys/health": x509: certificate signed by unknown authority
While trying to reproduce tutorial i've faced an obsolete config line (i guess) and finally i stuck on the error which is the name of the topic.
Changes i made to the vault.yaml: lines
After the modification of the config vault-init builds up and starts succesfully, however second image (vault itself) cannot start due to "certificate signed by unknown authority" issue, i've seen a thread with same issue (https://github.com/hashicorp/vault/issues/7400), but in current version of config (vault.yaml) no similar definitions present. I'm newbie into writing kubernetes configs so i kinda stuck, would be much appreciated for the tip where to make a correction.
As a test i've run check of the certificate: openssl verify -verbose -CAfile ca.pem vault.pem vault-combined.pem which return OK.
Logs from the kubectl describe pod:
Logs from the kubectl logs vault-0 -c vault-init