I currently have the Hashicorp Vault helm chart deployed, v0.8.0. It works as intended, I can run port-forward svc/vault 8200:8200 -n vault
and log in with vault login -tls-skip-verify
, the pod isn't crashing, there are no problems.
I've been verifying configs in the cluster, so I wanted to test access to Vault from another namespace in the same cluster. dig vault.vault.svc.cluster.local
resolves to the proper service construct. However, when I run curl -v -k https://vault.vault.svc.cluster.local:8200/v1/sys/health
, I get connection refused.
I'm running an AKS Cluster on Kubernetes v1.18 with Azure Policy defaults and the Azure CNI. What would cause this connection refused problem?
The comment @mdaniel left was what led me to solving the problem effectively. I had removed the address
and cluster_address
fields in the TCP listener config blocks as I forgot Vault only listens on 127.0.0.1. I put those back in and it solved the problem.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.