From f91b1641d9221ce734a07a93b3b90e874accab97 Mon Sep 17 00:00:00 2001 From: Pankaj Date: Sun, 27 Mar 2022 11:44:04 +0530 Subject: [PATCH] Adding Issuer https://stackoverflow.com/a/69303712 As soon as our vault pods restarted and after unsealing them again, they are failing the auth mechanism in init container. This will fix the same. --- hashicorp/vault-2022/readme.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hashicorp/vault-2022/readme.md b/hashicorp/vault-2022/readme.md index 924e215..dd60168 100644 --- a/hashicorp/vault-2022/readme.md +++ b/hashicorp/vault-2022/readme.md @@ -173,7 +173,8 @@ vault auth enable kubernetes vault write auth/kubernetes/config \ token_reviewer_jwt="$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \ kubernetes_host=https://${KUBERNETES_PORT_443_TCP_ADDR}:443 \ -kubernetes_ca_cert=@/var/run/secrets/kubernetes.io/serviceaccount/ca.crt +kubernetes_ca_cert=@/var/run/secrets/kubernetes.io/serviceaccount/ca.crt \ +issuer="https://kubernetes.default.svc.cluster.local" exit ```