Error running service registration: redirect address must not be empty

goolzerg · May 15, 2020, 10:46pm

Hello.
I’ve faced with this error during the start vault server(not HA mode) with consul data backend.
Vault and Consul both start in docker-compose.

vault     | ==> Vault server configuration:
vault     |
vault     |              Api Address: http://172.19.0.2:8200
vault     |                      Cgo: disabled
vault     |          Cluster Address: https://172.19.0.2:8201
vault     |               Listener 1: tcp (addr: "0.0.0.0:8200", cluster address: "0.0.0.0:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
vault     |                Log Level: info
vault     |                    Mlock: supported: true, enabled: true
vault     |            Recovery Mode: false
vault     |                  Storage: consul (HA available)
vault     |                  Version: Vault v1.4.1
vault     |
consul    |     2020-05-15T22:34:08.139Z [DEBUG] agent.http: Request finished: method=GET url=/v1/kv/vault/core/seal-config from=172.19.0.3:60532 latency=206.197µs
consul    |     2020-05-15T22:34:08.140Z [DEBUG] agent.http: Request finished: method=GET url=/v1/kv/vault/core/recovery-config from=172.19.0.3:60532 latency=165.621µs
vault     | ==> Vault server started! Log data will stream in below:
vault     |
vault     | 2020-05-15T22:34:03.285Z [INFO]  proxy environment: http_proxy= https_proxy= no_proxy=
vault     | 2020-05-15T22:34:08.102Z [WARN]  no `api_addr` value specified in config or in VAULT_API_ADDR; falling back to detection if possible, but this value should be manually set
vault     | 2020-05-15T22:34:08.102Z [ERROR] service_registration.consul: error running service registration: redirect address must not be empty

Here is my docker-compose file, vault config and consul config:

docker-compose

version: '3'
services:
    consul:
      build:
        context: ./consul
      container_name: consul
      volumes:
        - consul_data:/consul/data
      environment:
        - CONSUL_ALLOW_PRIVILEGED_PORTS=
      ports:
        - "8500:8500"
        - "8600:8600/udp"
      restart: always
      command: "consul agent -server -dns-port=53 -ui -node=server-1 -bootstrap-expect=1 -client=0.0.0.0 -config-file=/consul/config/consul-config.json"
    vault:
      build:
        context: ./vault/
      image: vault:custom
      container_name: vault
      environment:
        - VAULT_ADDR=http://127.0.0.1:8200
        - VAULT_API_ADDR=http://127.0.0.1:8200
      cap_add:
        - IPC_LOCK
      depends_on:
        - consul
      ports:
        - "8200:8200"
      restart: always
      command: "vault server -config=/vault/config/vault-config.json"
volumes:
    consul_data:

vault config

{
  "backend": {
    "consul": {
      "address": "consul:8500",
      "path": "vault/"
    }
  },
  "listener": {
    "tcp":{
      "address": "0.0.0.0:8200",
      "tls_disable": 1
    }
  },
  "ui": true
}

consul config

{
  "datacenter": "localhost",
  "data_dir": "/consul/data",
  "log_level": "DEBUG",
  "server": true,
  "ui": true,
  "ports": {
    "dns": 53
  }
}

Wolfsrudel · May 16, 2020, 6:19am

Could you please ty to add the api_addr into the Vault configuration file? Seems to be you hit that one: