Timeout when configuring mysql-plugin

I’m researching Vault to use it for MySQL auth. I’ve started a docker container with the following config

  "backend": {
    "file": {
      "path": "/vault/file"
  "listener": {
      "address": "",
      "tls_disable": 1
  "ui": true

After unseal, i’ve enabled the database secret:

$ vault secrets enable database
Success! Enabled the database secrets engine at: database/

Then tried to config the database credentials as follows:

vault write database/config/mysql-database \
plugin_name=mysql-database-plugin \
connection_url="{{username}}:{{password}}@tcp(myserver.example.com:3306)/" \
allowed_roles="vault-mysql-role" \
username="vault" \

After a while, i get:

Error writing data to database/config/mysql-database: context deadline exceeded

No errors shown in the Logs.
I’ve recreated the container, but the same happens. Do i need to configure something else before i can use this? I’ve found some examples on the web but some are out of date and others aren’t very clear about the procedure.

The database is up and running and a connection from the container through tcp is possible to establish?

DB is up and running. I’ve tested ping and name resolution from within the container and works fine. Now I realize i’m not getting to the 3306 port.
I didn’t know vault tries to connect to the db, i thought it was just a push to the registry. I’ll check fw and try again. Thanks.

The parameter verify_connection is buried in the depths of the documentation. The default is true. If set to false you could go further. Until a real connection should be established. :wink:

1 Like

Excelent! Thank you!

FWIW, I do also notice that you posted a config with “myserver.example.com” - just want to make sure that that’s either your real server location or intentionally redacted for the web.

I modified it for this post. :slight_smile:

1 Like