You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The version of Vault we're running at the moment is 1.11.3 (chart's target revision is 0.22.0). There is an issue in 1.11.2 where a pod going down means that it doesn't recover, which also seems to be affecting us - see details hashicorp/vault#17470
This version is quite old anyway, being released about 2 years ago and is now in the 1.17.x range. We should upgrade our version of Vault to a much newer version, but also ensure that there are no interface changes which would break our application.
In order to unseal Vault after a node restart - the pod should show 0/1 ready state...
Set up port forwarding for the pod
Got to the UI
Find the first unseal key kubectl get secrets -n vault vault-unseal-secret -o jsonpath='{.data.root-unseal-key-1}' | base64 -d
In the prompt "unseal key portion", enter the unseal key
Repeat until you have all the required key portions (usually 3 parts required)
Repeat for each pod
The text was updated successfully, but these errors were encountered:
The version of Vault we're running at the moment is 1.11.3 (chart's target revision is 0.22.0). There is an issue in 1.11.2 where a pod going down means that it doesn't recover, which also seems to be affecting us - see details hashicorp/vault#17470
This version is quite old anyway, being released about 2 years ago and is now in the
1.17.xrange. We should upgrade our version of Vault to a much newer version, but also ensure that there are no interface changes which would break our application.In order to unseal Vault after a node restart - the pod should show
0/1 readystate...kubectl get secrets -n vault vault-unseal-secret -o jsonpath='{.data.root-unseal-key-1}' | base64 -dThe text was updated successfully, but these errors were encountered: