Vault server on Openshift - connection refused

I wanted to use vault server to store secrets and deploy it on openshift.

I wrote this dockerfile, built the image and pushed it to the openshift registry and created a deployment from this image stream:

FROM vault:1.5.0
ADD *.hcl /etc/config.hcl

ENTRYPOINT ["vault", "server", "-config=/etc/config.hcl"]

Here is the config:

storage "file" {
  path = "/vault/data"
}

listener "tcp" {
  address="127.0.0.1:8200"
  tls_disable=1
}

disable_mlock = true

api_addr = "http://127.0.0.1:8200"

I created a route to the 8200 port. When I use the vault CLI from inside the vault-server pod it works fine, I can login, configure etc. When i use the openshift cli on my local computer to forward port 8200 to my local 8200 port I can also access the API.

The problem is I cannot access the API from anywhere outside the pod. The route fives me a 503 response and when trying via http://vault-server.namepsace.svc:8200 I get connection refused (using Spring Rest Template).

How can I configure Vault to also accept external traffic?

Your listener block means you are only listening for connections from localhost. Change the address field to 0.0.0.0:8200 to listen on all interfaces:

listener "tcp" {
  address="0.0.0.0:8200"
}

And please don't forget to enable TLS as soon as you've got connectivity working.