Skip to main content
The External Secrets Inc. Agent is product suite is a premium product. It requires a specific subscription. Contact us for more information.

Agent does not start start up properly

As part of installation manifests, a Kubernetes ImagePullSecret is added in order to enable you to download the registry from our infrastructure
  • Double check if the Image Pull Secret was properly created
    • this can be done with `kubectl get secret -n agent-system agent-controller-manager
  • Make sure your cluster can download images from our registry. Add appropriate network policies/ firewall rules accordingly:
    • us-central1-docker.pkg.dev/external-secrets-inc-registry/external/agent
    • check Architecture Documentation for more information on our registries

Symptom

An error message like
ERROR   setup   tenantID: xxxx, agentID: xxxx, url: https://api.externalsecrets.com: connection timeout
The Agent needs to talk to External Secrets Inc. API to validate licensing. Make sure to add any networking policies and firewall exceptions to allow external traffic to the following endpoints:
URLPortDirectionDescription
api.externalsecrets.com443OutboundLicense Validation
If you are in a custom air-gapped setup - contact our teamSee more information on Architecture

Symptom

An error message like
ERROR   setup   tenantID: xxxx, agentID: xxxx, url: https://api.externalsecrets.com: received non-200 response: 404
This error indicates that either the agent id or the tenant id from the manifests are incorrect. Download de agent manifests and see if the error still persists.If the issue still persists - contact our team

Agent isn’t creating ESO Deployments

Double check permissions are properly added to Agent Deployment. Make sure agent ClusterRole has bind and elevate permissions for the external-secrets Role. If the issue still persists - contact our team

I need help with something that isn’t listed here

Contact Us or Join our Slack Community(Coming Soon)