Vault on Docker bind: address already in use

mcdanielg87 · May 30, 2024, 2:34am

Hello! Any help would be great! Normally I can find most answers by spending enough time on Google, but I didn’t have any luck this time.

Attempting to stand up Vault on Docker and I keep getting “Error initializing listener of type tcp: listen tcp 127.0.0.1:8200: bind: address already in use”.

I only get this error when I configure the TCP listener in the .hcl file. If I take out the listener section then the container starts with no issue. I will eventually configure TLS so omitting this section isn’t really an option for me as far as I know.

I used netstat and 8200 is not currently in use.

Docker deployment:

docker run -it \
--name vlt-vlt01-dkr \
--cap-add=IPC_LOCK \
-h vlt-vlt01-dkr \
-v vault-file:/vault/file \
-v vault-logs:/vault/logs \
-v vault-config:/vault/config \
--restart=unless-stopped \
hashicorp/vault

I’ve also tried running as detached (-d instead of -it) and I’ve tried adding the port (-p 8200:8200)

vault-config.hcl:

ui = true
api_addr      = "https://127.0.0.1:8200"

disable_mlock = true

storage "file" {
  path = "/vault/file"
}

listener "tcp" {
  address = "127.0.0.1:8200"
  tls_disable = true
  #tls_cert_file = "/path/to/full-chain.pem"
  #tls_key_file  = "/path/to/private-key.pem"
}

michaelsew · June 3, 2024, 5:47pm

Hi. I’m not sure if this is going to help, but i noticed that your docker run command doesn’t actually map port 8200 on your localhost. Unless you’re doing this intentionally, perhaps try that and see if this makes a difference?

docker run -it \
--name vlt-vlt01-dkr \
--cap-add=IPC_LOCK \
-h vlt-vlt01-dkr \
-v vault-file:/vault/file \
-v vault-logs:/vault/logs \
-v vault-config:/vault/config \
-p 8200:8200  \
--restart=unless-stopped \
hashicorp/vault

mcdanielg87 · June 4, 2024, 7:04pm

Thanks for your reply! Unfortunately I have tried adding the port mapping and I still get the bind error.

zesismark · June 8, 2024, 10:14am

The error “listen tcp 127.0.0.1:8200: bind: address already in use” typically indicates that another process is already using the specified port, or there might be a misconfiguration in your setup. Given that netstat shows that port 8200 is not in use, it might be related to how Docker is handling the port binding.

mcdanielg87 · June 10, 2024, 10:02pm

Hi Zesismark,
Thanks for the reply. I pulled the image from Docker and did not modify it. Any ideas what I can check to find potential misconfigs or anything I might be able to try to resolve the issue?

michaelkosir · June 18, 2024, 1:58pm

Try adding the server command. If you do not specify that, Vault will run in dev mode, which i believe maps to port 8200. Then it reads your config file, which tries to assign it to port 8200 again and fails.

docker run -it
–name vlt-vlt01-dkr
–cap-add=IPC_LOCK
-h vlt-vlt01-dkr
-v vault-file:/vault/file
-v vault-logs:/vault/logs
-v vault-config:/vault/config
-p 8200:8200
–restart=unless-stopped
hashicorp/vault server

https://hub.docker.com/r/hashicorp/vault#:~:text=Running%20Vault%20in%20Server%20Mode%20for%20Development

mcdanielg87 · November 11, 2024, 6:03pm

This seems to have worked! Thanks Michael!

Topic		Replies	Views
Error initializing listener of type tcp: listen tcp 127.0.0.1:8200: bind: address already in use Vault	8	13845	November 20, 2022
TLS config for Vault UI Vault	2	1985	November 13, 2020
Vault dns connection generic error during vault unseal Vault	3	1100	November 2, 2021
Hashicorp Vault : “ Error initializing listener of type tcp: error loading TLS cert ” Where is my mistake? Vault	9	8706	November 15, 2020
Vault with Docker Compose Vault	7	33445	September 22, 2021

Vault on Docker bind: address already in use

Related topics