Skip to content

Home

Jump to bottom
Venkata Mutyala edited this page Apr 11, 2023 · 8 revisions

Prerequisites

Ensure Pods are Running

  • Before you do anything with Vault, ensure all the pods are Running.
kubectl get pods -n glueops-core-vault

Expected output:

image
  • If they are in a non Running status such as: Pending, Container Creating, or CrashbackLooping you will need to diagnosis what is wrong before you can continue.

Establish a connection to the vault cluster

kubectl -n glueops-core-vault port-forward svc/vault-ui 8200:8200

Allow our tools to use the self-signed vault certificate

Since we use a self-signed SSL certificate you must run export VAULT_SKIP_VERIFY=true otherwise you will get SSL errors.

FAQ

How do i unseal vault?

For one or more reasons you need to unseal your vault pod(s). Just run this terraform module as if it was your first deployment and you will see something like this where it's going to destroy and add 3 resources. Don't be alarmed. This is expected:

image

Just type yes and it will run unseal across the vault cluster. Don't forget to follow the prerequisites above! Once your cluster is unsealed all pods will be 1/1 under the READY column:

image
Clone this wiki locally