everyone.
I’m facing an issue while trying to install and configure Vault on a Minikube cluster with multiple nodes. I created the cluster with the following command:
minikube start --profile=my-cluster --nodes=4 --memory=8192 --cpus=4
Then, I followed the official Vault on Minikube with Raft tutorial from the HashiCorp website.
The key difference between the tutorial and my scenario is that the tutorial is based on a single-node cluster, whereas my cluster has four nodes. When I follow the tutorial on a multi-node cluster, the Vault pods fail to start and enter a CrashLoopBackOff state with the following error:
failed to create fsm: failed to open bolt file: open /vault/data/vault.db: permission denied
To verify the accuracy of the tutorial, I deleted the multi-node cluster and set up a single-node cluster, where everything worked as expected. This leads me to believe the issue is specifically related to the multi-node environment.
Has anyone else encountered this issue? Is Vault compatible with multi-node clusters on Minikube, or is there any additional configuration required?
1
Vault is set up with internal storage (Raft), By changing the data directory to /opt/raft and the hcl file to reflect that the server can be started without any errors by updating Vault configuration. Also refer to this similar issue also.
Issue with Vault on multi-node Minikube cluster related to storage and permissions: Try instead of using a bolt you can use local storage like persistent volume that can be shared across nodes. Minikube supports PersistentVolumes. These PersistentVolumes are mapped to a directory inside the running Minikube instance. Make sure you are given access to the Vault’s data directory(/vault/data).
Note: If you are using local volumes, you need to set permissions while mounting the volumes. If using Minikube’s local driver for storage, you may need to adjust permissions to grant write access to the Vault pod’s user ID.
If you’re using a shared storage class, Modify your PVC to use the “ReadWriteOnce” access mode.
If you’re using other storage drivers (like NFS or GlusterFS), ensure that the underlying storage system is configured with proper permissions for your Vault pods.