bazzilio/kubectl get secrets -n default

## kubectl get secrets -n default
# kubectl get secrets -n default
NAME                              TYPE                                  DATA   AGE
default-token-r7gnk               kubernetes.io/service-account-token   3      34d
local-storage-admin-token-jz996   kubernetes.io/service-account-token   3      17d
local-storage-admin-token-ndz7d   kubernetes.io/service-account-token   3      13d
local-storage-admin-token-ntbr2   kubernetes.io/service-account-token   3      13d
vault-operator-token-tkqjq        kubernetes.io/service-account-token   3      7m21s
vault-tls                         Opaque                                3      4m30s

## vault-0 -c bank-vaults
time="2018-11-12T11:00:28Z" level=info msg="initializing vault..."
time="2018-11-12T11:00:28Z" level=info msg="vault metrics exporter enabled: :9091/metrics"
[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
 - using env:   export GIN_MODE=release
 - using code:  gin.SetMode(gin.ReleaseMode)

[GIN-debug] GET    /metrics                  --> github.com/banzaicloud/bank-vaults/vendor/github.com/gin-gonic/gin.WrapH.func1 (3 handlers)
[GIN-debug] Listening and serving HTTP on :9091
time="2018-11-12T11:00:28Z" level=info msg="vault is already initialized"
time="2018-11-12T11:00:28Z" level=info msg="checking if vault is sealed..."
time="2018-11-12T11:00:28Z" level=info msg="vault sealed: true"
time="2018-11-12T11:00:28Z" level=error msg="error unsealing vault: unable to get key 'vault-unseal-0': error getting secret for key 'vault-unseal-0': secrets \"vault-unseal-keys\" is forbidden: User \"system:serviceaccount:default:default\" cannot get resource \"secrets\" in API group \"\" in the namespace \"default\""

## vault-0 -c vault
==> Vault server configuration:

                     Cgo: disabled
              Listener 1: tcp (addr: "0.0.0.0:8200", cluster address: "0.0.0.0:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "enabled")
               Log Level: debug
                   Mlock: supported: true, enabled: true
                 Storage: file
                 Version: Vault v0.11.0
             Version Sha: 87492f9258e0227f3717e3883c6a8be5716bf564

==> Vault server started! Log data will stream in below:

2018-11-12T11:00:22.694Z [DEBUG] storage.cache: creating LRU cache: size=0
2018-11-12T11:00:22.744Z [DEBUG] cluster listener addresses synthesized: cluster_addresses=[0.0.0.0:8201]
2018-11-12T11:00:23.489Z [INFO ] core: security barrier not initialized
2018-11-12T11:00:23.535Z [INFO ] core: security barrier not initialized
2018-11-12T11:00:23.571Z [INFO ] core: security barrier initialized: shares=5 threshold=3
2018-11-12T11:00:23.571Z [DEBUG] core: cluster name not found/set, generating new
2018-11-12T11:00:23.571Z [DEBUG] core: cluster name set: name=vault-cluster-f8b39948
2018-11-12T11:00:23.571Z [DEBUG] core: cluster ID not found, generating new
2018-11-12T11:00:23.571Z [DEBUG] core: cluster ID set: id=385c3874-9a30-ca18-baba-4c6a6cce9cbb
2018-11-12T11:00:23.649Z [INFO ] core: post-unseal setup starting
2018-11-12T11:00:23.649Z [DEBUG] core: clearing forwarding clients
2018-11-12T11:00:23.649Z [DEBUG] core: done clearing forwarding clients
2018-11-12T11:00:23.677Z [INFO ] core: loaded wrapping token key
2018-11-12T11:00:23.677Z [INFO ] core: successfully setup plugin catalog: plugin-directory=
2018-11-12T11:00:23.677Z [INFO ] core: no mounts; adding default mount table
2018-11-12 11:00:23.694273 I | [ERR] Error flushing to statsd! Err: write udp 127.0.0.1:40813->127.0.0.1:9125: write: connection refused
2018-11-12T11:00:23.755Z [INFO ] core: successfully mounted backend: type=kv path=secret/
2018-11-12T11:00:23.755Z [INFO ] core: successfully mounted backend: type=cubbyhole path=cubbyhole/
2018-11-12T11:00:23.755Z [INFO ] core: successfully mounted backend: type=system path=sys/
2018-11-12T11:00:23.755Z [INFO ] core: successfully mounted backend: type=identity path=identity/
2018-11-12T11:00:23.822Z [INFO ] core: restoring leases
2018-11-12T11:00:23.822Z [DEBUG] expiration: collecting leases
2018-11-12T11:00:23.822Z [INFO ] rollback: starting rollback manager
2018-11-12T11:00:23.828Z [DEBUG] expiration: leases collected: num_existing=0
2018-11-12T11:00:23.828Z [INFO ] expiration: lease restore complete
2018-11-12T11:00:23.828Z [DEBUG] identity: loading entities
2018-11-12T11:00:23.828Z [DEBUG] identity: entities collected: num_existing=0
2018-11-12T11:00:23.828Z [INFO ] identity: entities restored
2018-11-12T11:00:23.828Z [DEBUG] identity: identity loading groups
2018-11-12T11:00:23.828Z [DEBUG] identity: groups collected: num_existing=0
2018-11-12T11:00:23.828Z [INFO ] identity: groups restored
2018-11-12T11:00:23.828Z [INFO ] core: post-unseal setup complete
2018-11-12T11:00:23.829Z [INFO ] core: root token generated
2018-11-12T11:00:23.829Z [INFO ] core: pre-seal teardown starting
2018-11-12T11:00:23.829Z [INFO ] core: cluster listeners not running
2018-11-12T11:00:23.829Z [DEBUG] expiration: stop triggered
2018-11-12T11:00:23.829Z [DEBUG] expiration: finished stopping
2018-11-12T11:00:23.829Z [INFO ] rollback: stopping rollback manager
2018-11-12T11:00:23.829Z [INFO ] core: pre-seal teardown complete

## vault-configurer
time="2018-11-12T11:00:21Z" level=info msg="New config file change \"Initial\": CREATE"
time="2018-11-12T11:00:21Z" level=info msg="checking if vault is sealed..."
time="2018-11-12T11:01:54Z" level=error msg="error checking if vault is sealed: error checking status: Get https://vault.default:8200/v1/sys/seal-status: dial tcp 10.233.63.31:8200: i/o timeout, waiting 30s before trying again..."
	# kubectl get secrets -n default
	NAME TYPE DATA AGE
	default-token-r7gnk kubernetes.io/service-account-token 3 34d
	local-storage-admin-token-jz996 kubernetes.io/service-account-token 3 17d
	local-storage-admin-token-ndz7d kubernetes.io/service-account-token 3 13d
	local-storage-admin-token-ntbr2 kubernetes.io/service-account-token 3 13d
	vault-operator-token-tkqjq kubernetes.io/service-account-token 3 7m21s
	vault-tls Opaque 3 4m30s
	time="2018-11-12T11:00:28Z" level=info msg="initializing vault..."
	time="2018-11-12T11:00:28Z" level=info msg="vault metrics exporter enabled: :9091/metrics"
	[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
	- using env: export GIN_MODE=release
	- using code: gin.SetMode(gin.ReleaseMode)

	[GIN-debug] GET /metrics --> github.com/banzaicloud/bank-vaults/vendor/github.com/gin-gonic/gin.WrapH.func1 (3 handlers)
	[GIN-debug] Listening and serving HTTP on :9091
	time="2018-11-12T11:00:28Z" level=info msg="vault is already initialized"
	time="2018-11-12T11:00:28Z" level=info msg="checking if vault is sealed..."
	time="2018-11-12T11:00:28Z" level=info msg="vault sealed: true"
	time="2018-11-12T11:00:28Z" level=error msg="error unsealing vault: unable to get key 'vault-unseal-0': error getting secret for key 'vault-unseal-0': secrets \"vault-unseal-keys\" is forbidden: User \"system:serviceaccount:default:default\" cannot get resource \"secrets\" in API group \"\" in the namespace \"default\""
	==> Vault server configuration:

	Cgo: disabled
	Listener 1: tcp (addr: "0.0.0.0:8200", cluster address: "0.0.0.0:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "enabled")
	Log Level: debug
	Mlock: supported: true, enabled: true
	Storage: file
	Version: Vault v0.11.0
	Version Sha: 87492f9258e0227f3717e3883c6a8be5716bf564

	==> Vault server started! Log data will stream in below:

	2018-11-12T11:00:22.694Z [DEBUG] storage.cache: creating LRU cache: size=0
	2018-11-12T11:00:22.744Z [DEBUG] cluster listener addresses synthesized: cluster_addresses=[0.0.0.0:8201]
	2018-11-12T11:00:23.489Z [INFO ] core: security barrier not initialized
	2018-11-12T11:00:23.535Z [INFO ] core: security barrier not initialized
	2018-11-12T11:00:23.571Z [INFO ] core: security barrier initialized: shares=5 threshold=3
	2018-11-12T11:00:23.571Z [DEBUG] core: cluster name not found/set, generating new
	2018-11-12T11:00:23.571Z [DEBUG] core: cluster name set: name=vault-cluster-f8b39948
	2018-11-12T11:00:23.571Z [DEBUG] core: cluster ID not found, generating new
	2018-11-12T11:00:23.571Z [DEBUG] core: cluster ID set: id=385c3874-9a30-ca18-baba-4c6a6cce9cbb
	2018-11-12T11:00:23.649Z [INFO ] core: post-unseal setup starting
	2018-11-12T11:00:23.649Z [DEBUG] core: clearing forwarding clients
	2018-11-12T11:00:23.649Z [DEBUG] core: done clearing forwarding clients
	2018-11-12T11:00:23.677Z [INFO ] core: loaded wrapping token key
	2018-11-12T11:00:23.677Z [INFO ] core: successfully setup plugin catalog: plugin-directory=
	2018-11-12T11:00:23.677Z [INFO ] core: no mounts; adding default mount table
	2018-11-12 11:00:23.694273 I \| [ERR] Error flushing to statsd! Err: write udp 127.0.0.1:40813->127.0.0.1:9125: write: connection refused
	2018-11-12T11:00:23.755Z [INFO ] core: successfully mounted backend: type=kv path=secret/
	2018-11-12T11:00:23.755Z [INFO ] core: successfully mounted backend: type=cubbyhole path=cubbyhole/
	2018-11-12T11:00:23.755Z [INFO ] core: successfully mounted backend: type=system path=sys/
	2018-11-12T11:00:23.755Z [INFO ] core: successfully mounted backend: type=identity path=identity/
	2018-11-12T11:00:23.822Z [INFO ] core: restoring leases
	2018-11-12T11:00:23.822Z [DEBUG] expiration: collecting leases
	2018-11-12T11:00:23.822Z [INFO ] rollback: starting rollback manager
	2018-11-12T11:00:23.828Z [DEBUG] expiration: leases collected: num_existing=0
	2018-11-12T11:00:23.828Z [INFO ] expiration: lease restore complete
	2018-11-12T11:00:23.828Z [DEBUG] identity: loading entities
	2018-11-12T11:00:23.828Z [DEBUG] identity: entities collected: num_existing=0
	2018-11-12T11:00:23.828Z [INFO ] identity: entities restored
	2018-11-12T11:00:23.828Z [DEBUG] identity: identity loading groups
	2018-11-12T11:00:23.828Z [DEBUG] identity: groups collected: num_existing=0
	2018-11-12T11:00:23.828Z [INFO ] identity: groups restored
	2018-11-12T11:00:23.828Z [INFO ] core: post-unseal setup complete
	2018-11-12T11:00:23.829Z [INFO ] core: root token generated
	2018-11-12T11:00:23.829Z [INFO ] core: pre-seal teardown starting
	2018-11-12T11:00:23.829Z [INFO ] core: cluster listeners not running
	2018-11-12T11:00:23.829Z [DEBUG] expiration: stop triggered
	2018-11-12T11:00:23.829Z [DEBUG] expiration: finished stopping
	2018-11-12T11:00:23.829Z [INFO ] rollback: stopping rollback manager
	2018-11-12T11:00:23.829Z [INFO ] core: pre-seal teardown complete
	time="2018-11-12T11:00:21Z" level=info msg="New config file change \"Initial\": CREATE"
	time="2018-11-12T11:00:21Z" level=info msg="checking if vault is sealed..."
	time="2018-11-12T11:01:54Z" level=error msg="error checking if vault is sealed: error checking status: Get https://vault.default:8200/v1/sys/seal-status: dial tcp 10.233.63.31:8200: i/o timeout, waiting 30s before trying again..."