0

I am trying to install Vault with TLS on k8s cluster, I did everything as per documentation TLS

After doing helm install, Vault pod is not coming up with below error

> kubectl get po -n vault
> NAME                                   READY   STATUS    RESTARTS   AGE
> vault-0                                0/1     Running   0          6m33s
> vault-agent-injector-ffb558b4b-rhmvc   1/1     Running   0          6m41s

> Normal   Created         7m25s                   kubelet            Created container vault
> Normal   Started         7m25s                   kubelet            Started container vault
> Warning  Unhealthy       2m25s (x60 over 7m20s)  kubelet            Readiness probe failed: Error checking seal status: Get "https://127.0.0.1:8200/v1/sys/seal-status": http: server gave HTTP response to HTTPS client

What is going wrong with this? Could someone please help..

standalone:
    enabled: true
    config: |
      ui = true

      listener "tcp" {
        tls_disable = 0
        address = "[::]:8200"
        cluster_address = "[::]:8201"
        tls_cert_file = "/vault/userconfig/vault-server-tls/vault.crt"
        tls_key_file  = "/vault/userconfig/vault-server-tls/vault.key"
        tls_client_ca_file = "/vault/userconfig/vault-server-tls/vault.ca"
      }
      storage "file" {
        path = "/vault/data"
      }
  enabled: true
Ajay Gupta
  • 1
  • 1
  • Trust you are setting global.tlsDisable: false request you refer helm configuration of vault for more details of the tags https://developer.hashicorp.com/vault/docs/platform/k8s/helm/configuration#tlsdisable – Nataraj Medayhal Apr 24 '23 at 12:18
  • yes @NatarajMedayhal, global.tlsDisable is set to false – Ajay Gupta Apr 25 '23 at 13:56

0 Answers0