vault-helm: ha mode fails to check status

kubectl exec -it vault-0 -- vault status Error checking seal status: Get http://localhost:8200/v1/sys/seal-status: dial tcp 127.0.0.1:8200: connect: connection refused.

‘kubectl exec -it vault-0 – vault operator init -n 1 -t 1 Error initializing: Put http://127.0.0.1:8200/v1/sys/init: dial tcp 127.0.0.1:8200: connect: connection refused command terminated with exit code 2’

Official documentation i followed: https://www.hashicorp.com/blog/announcing-the-vault-helm-chart/

  1. deployed consul helm chart
  2. deployed vault helm chart with in ha mode The above 2 errors is something i get only if i deploy in ha mode. If i deploy in standalone (default) mode then all is well. Unfortunately since it is deployed now using helm, creating a replicaset for this statefulset is out of question. Please fix this.

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 4
  • Comments: 16 (1 by maintainers)

Most upvoted comments

worked using this solution! vault-values.yaml

server:
  enabled: true
  ha:
    enabled: true
    replicas: 3
    config: |
      ui = true
      listener "tcp" {
        tls_disable = 1
        address = "[::]:8200"
        cluster_address = "[::]:8201"
      }
      storage "consul" {
        path = "vault/"
        address = "consul-server:8500"
      }
      service_registration "kubernetes" {}

kubectl exec -it vault-0 -n vault – vault status

Key                Value
---                -----
Seal Type          shamir
Initialized        false
Sealed             true
Total Shares       0
Threshold          0
Unseal Progress    0/0
Unseal Nonce       n/a
Version            1.9.0
Storage Type       consul
HA Enabled         true
+2
muhammadmuhlas on Dec 3, 2021

I got the same issue, but after 2 to 3 minutes, the pods start properly 🤷‍♂️

+2
smartpierre on May 6, 2020
Read more comments on GitHub
← vault-helm: Consul Client Not Running on HA Mode of Vault
vault-helm: HA vault init with TLS - cannot validate certificate →