Vault on Docker bind: address already in use

Hello! Any help would be great! Normally I can find most answers by spending enough time on Google, but I didn’t have any luck this time.

Attempting to stand up Vault on Docker and I keep getting “Error initializing listener of type tcp: listen tcp 127.0.0.1:8200: bind: address already in use”.

I only get this error when I configure the TCP listener in the .hcl file. If I take out the listener section then the container starts with no issue. I will eventually configure TLS so omitting this section isn’t really an option for me as far as I know.

I used netstat and 8200 is not currently in use.

Docker deployment:

docker run -it \
--name vlt-vlt01-dkr \
--cap-add=IPC_LOCK \
-h vlt-vlt01-dkr \
-v vault-file:/vault/file \
-v vault-logs:/vault/logs \
-v vault-config:/vault/config \
--restart=unless-stopped \
hashicorp/vault

I’ve also tried running as detached (-d instead of -it) and I’ve tried adding the port (-p 8200:8200)

vault-config.hcl:

ui = true
api_addr      = "https://127.0.0.1:8200"

disable_mlock = true

storage "file" {
  path = "/vault/file"
}

listener "tcp" {
  address = "127.0.0.1:8200"
  tls_disable = true
  #tls_cert_file = "/path/to/full-chain.pem"
  #tls_key_file  = "/path/to/private-key.pem"
}

Hi. I’m not sure if this is going to help, but i noticed that your docker run command doesn’t actually map port 8200 on your localhost. Unless you’re doing this intentionally, perhaps try that and see if this makes a difference?

docker run -it \
--name vlt-vlt01-dkr \
--cap-add=IPC_LOCK \
-h vlt-vlt01-dkr \
-v vault-file:/vault/file \
-v vault-logs:/vault/logs \
-v vault-config:/vault/config \
-p 8200:8200  \
--restart=unless-stopped \
hashicorp/vault

Thanks for your reply! Unfortunately I have tried adding the port mapping and I still get the bind error.

The error “listen tcp 127.0.0.1:8200: bind: address already in use” typically indicates that another process is already using the specified port, or there might be a misconfiguration in your setup. Given that netstat shows that port 8200 is not in use, it might be related to how Docker is handling the port binding.

Hi Zesismark,
Thanks for the reply. I pulled the image from Docker and did not modify it. Any ideas what I can check to find potential misconfigs or anything I might be able to try to resolve the issue?

Try adding the server command. If you do not specify that, Vault will run in dev mode, which i believe maps to port 8200. Then it reads your config file, which tries to assign it to port 8200 again and fails.

docker run -it
–name vlt-vlt01-dkr
–cap-add=IPC_LOCK
-h vlt-vlt01-dkr
-v vault-file:/vault/file
-v vault-logs:/vault/logs
-v vault-config:/vault/config
-p 8200:8200
–restart=unless-stopped
hashicorp/vault server

https://hub.docker.com/r/hashicorp/vault#:~:text=Running%20Vault%20in%20Server%20Mode%20for%20Development