Vault on Kubernetes and context deadline exceeded errors

Introduction

Problem

Sometimes customers who deploy Vault on Kubernetes, specially on the cloud like GKE or EKS, and Vault and try to auto unseal or the admin tries to unseal manually, they'll seecontext deadline exceedederror.

Example Errors:

• Running vault status would throw Error checking seal status: context deadline exceeded
• Running vault operator init would give Error initializing: context deadline exceeded 
• See more example errors here: https://github.com/hashicorp/vault/issues/10034

Cause

• Basically in k8s, vault initialization is very slow and default timeout of 60s not enough.

Solutions:

• Increase the VAULT_CLIENT_TIMEOUT environment variable value.  Vault initialization in Kubernetes is slow and the default timeout of 60s might not be sufficient.

  VAULT_CLIENT_TIMEOUT=300s

Additional Information

• For more information about this environment variable, click here. 

• https://github.com/hashicorp/vault/issues/10034