K
Q

deploy application to login to hashicorp vault path error - connection broken: malformed HTTP response

12/19/2019

how to deploy a simple kubernetes/openshift application to login vault using kubernetes auth method. The below config in openshift cluster, throws the below error in the log.

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: basic-example
  namespace: vault-demo
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: basic-example
    spec:
      serviceAccountName: app1
      containers:
        - name: app
          image: "172.30.1.1:5000/vault-demo/vault-example-init:0.0.7"
          imagePullPolicy: Always
          env:
            - name: VAULT_ADDR
              value: 'http://172.30.238.95:8200' #this is the clusterIP of the vault service
            - name: VAULT_ROLE
              value: "app1-role"
            - name: SECRET_KEY
              value: "secret/app1"
            - name: VAULT_LOGIN_PATH
              value: "auth/ocp/login"

In the pods log, seeing the below error. How to properly deploy an application to talk to Vault server?

Using role=app1-roleUsing mount_path=auth/ocp/loginError making API request. URL: PUT http://172.30.238.95:8200/v1/auth/ocp/login Code: 500. Errors: * Post http://192.168.42.186:8443/apis/authentication.k8s.io/v1/tokenreviews: net/http: HTTP/1.x transport connection broken: malformed HTTP response "\x15\x03\x01\x00\x02\x02\x16"

-- arunp
hashicorp-vault
kubernetes
kubernetes-secrets
openshift-origin

Similar Questions

How to compile FFMpeg with older NVEnc?
Spring Cloud Data Flow stream cannot be deployed in Kubernetes
Message-passing between all pods in a replica set
How to load-test a Tensorflow Serving/TRT Inference Server with gRPC endpoint on GKE?
How to override values from value.yaml file into value.dev.yaml file

0 Answers