A note when I'm addicted to using Docker Hub Vault in server mode

--Official site: https://hub.docker.com/_/vault

The following command in Running Vault in Server Mode failed to start a connectable container from the host.

docker run --cap-add=IPC_LOCK -e 'VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/vault/file"}}, "default_lease_ttl": "168h", "max_lease_ttl": "720h"}' vault server

--Resolved information: https://github.com/hashicorp/vault/issues/441#issuecomment-123362274

Point (I think it is, but if it is a recognition error, it is okay. I would appreciate it if you could point it out.)

--Disable TLS --Changed tcp address to 0.0.0.0:8200

Then, since the above command does not expose the container port, it is necessary to expose it to the host with the -p option. In addition, the following warning log was output with the above command.

[WARN]  no `api_addr` value specified in config or in VAULT_API_ADDR; falling back to detection if possible, but this value should be manually set

Therefore, you need to specify api_addr in VAULT_LOCAL_CONFIG or specify the Vault API address in VAULT_API_ADDR.

Based on the above, the final command example is as follows.

Command example when starting in server mode accessible from the host

docker run --cap-add=IPC_LOCK -e 'VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/vault/file"}}, "api_addr": "http://127.0.0.1:8200", "listener": {"tcp": {"address": "0.0.0.0:8200", "tls_disable": "true"}}}}' -p 8200:8200 vault server

that's all.