I cannot pull secrets from external hashicorp vault to kubernetes environment. I installed hashicorp vault with docker compose. Then I created sa and secret in the Kubernetes environment. and I added kubernetes ca.cert, jwt and ip information to the external vault. Then I created kv and pod yaml, just like in this link. I proceeded from this link, but I could not pull Kubernetes secrets.
https://developer.hashicorp.com/vault/tutorials/kubernetes/kubernetes-external-vault
this is what i expected
kubectl exec devwebapp -- curl -s localhost:8080 ; echo
{"password"=>"salsa", "username"=>"giraffe"}
this is what actually happens
kubectl exec devwebapp -- curl -s localhost:8080 ; echo
<h1>Internal Server Error</h1>
kubectl exec devwebapp -- curl -s 172.23.19.101:30000 ; echo
<h1>Internal Server Error</h1>
kubectl logs devwebapp
2024-03-15 13:36:52 - Exception - The secret request failed: {"errors":[]}
:
/app/lib/service.rb:43:in `block in <class:ExampleApp>'
/usr/local/bundle/gems/sinatra-2.0.7/lib/sinatra/base.rb:1635:in `call
43 : if vault_response.status != 200
raise Exception.new "The secret request failed: #{vault_response.body}"
end
-> pod running case
cat > devwebapp.yaml <<EOF
apiVersion: v1
kind: Pod
metadata:
name: devwebapp
labels:
app: devwebapp
spec:
serviceAccountName: internal-app
containers:
- name: app
image: burtlo/devwebapp-ruby:k8s
env:
- name: VAULT_ADDR.
value: "http://172.23.10.51:8200"
- name: VAULT_TOKEN
value: "abcd.abc"
EOF
Is there anything else I should add? I proceeded from here. https://developer.hashicorp.com/vault/tutorials/kubernetes/kubernetes-external-vault