Scenario 3 - Both Vault and the app are running inside the mesh
In this scenario, both Vault and the app are running inside the mesh.
Complete the Prerequisites.
Enable sidecar auto-injection for both namespaces:
kubectl label namespace app istio-injection=enabled kubectl label namespace vault istio-injection=enabled
Delete all pods so they are getting injected with the proxy:
kubectl delete pods --all -n app kubectl delete pods --all -n vault
Check the logs in the app container. It should sill show success:
kubectl logs -f -n app deployment/app
time="2020-02-18T15:04:03Z" level=info msg="Initial Vault token arrived" time="2020-02-18T15:04:03Z" level=info msg="Renewed Vault Token" s3cr3t going to sleep...