K
Q

Vault reports missing client token when using postgres storage backend

11/19/2020

I am using Vault with postgres storage backend along with kv secret engine. I am uisng kubernetes auth method to get the vault token. I followed the below documentation to setup the vault with kubernetes 

https://learn.hashicorp.com/tutorials/vault/kubernetes-minikube?in=vault/kubernetes

When I start the webapplication for the first time and try to retrieve the tokens it is working but when I delete the webapp deployment and try to deploy webapp again and try to retrieve the vault token again with the api 

v1/auth/kubernetes/login

I get the following error 

error: 400 Bad Request: [{"errors":["missing client token"]}

But the request has the jwt token of service account. Please see the below image Wireshark capture of the request

Due to this error Pod keeps restarting and all of a sudden after some time vault honours the request and returns the vault token.

This looks strange any reason for such behavior?

UPDATE:

This issue does not happen for consul backend

-- user3553913
kubernetes
postgresql
vault

Similar Questions

GKE: kubernetes nodes don't require kubectl package
how to make kubernete autoscaler working in ubuntu installation
Kubernetes - not enabled - with Docker for desktop (windows 10) but "kubectl cluster-info" works? Why?
How to access istio created dashboard
Kubernetes load balancing

0 Answers