Connecting Waypoint to Vault

I’m new to waypoint and vault. I’m trying to connect waypoint to vault on my local for the first time, but I keep on getting “connect: connection refused” from the waypoint logs.

What have I done to solve the issue:

  1. I’ve tried to ping vault from the waypoint docker container to make it can see it and it was able to local it.
  2. I ran the following command: waypoint config source-set -type=vault -config='addr=http://127.0.0.1:8200' -config='FOO=prodkey'
  3. I have tried running the following command vault operator init -address=http://127.0.0.1:8200 but it also displayed the same error message:

this is full log from waypoint:

I was wondering, what am I missing?

Thanks in advance.

Hi alobodanov,

Thanks for trying out waypoint and vault! Are you running vault locally with vault server -dev? Can you also describe what commands you used to “ping” vault from the waypoint container, and what the result was?

Hey izaaklauer,

Thank you for the fast reply.

Yea the vault is setup locally and I’m using vault server -dev to run it.

I run ping http://127.0.0.1:8200 from my waypoint container and its able to pick it up.

Here is the output:
image

Glad to help! Ping only looks at the host, not the port - if you try ping 127.0.0.1:8888 (or some other random port), that should succeed too. A better test would be tcping 127.0.0.1 8200.

The problem is that the waypoint server inside docker isn’t using the same loopback interface as your local vault server. Here are a few options:

  • You could run vault with docker, and then use vault’s container IP instead of 127.0.0.1 in waypoint (tutorial here)

  • You could expose your vault dev server on your local network, and then use your local ip (likely 10.<something> or 192.168.something) instead of 127.0.0.1. For example, you can run a vault dev server with vault server -dev -dev-listen-address=<your-ip>:8200, then connect waypoint to vault by changing your flag to -type=vault -config='addr=http://<your-ip>:8200.

  • If you’re just trying to quickly test out the features locally, you could install and run vault inside the waypoint server container temporarily.