Our company has stood up an instance of hashicorp vault on the company VPN at https://vault.company.io and in order to make use of it from the command-line I need to run:
VAULT_ADDR=https://vault.company.io vault login -method=oidc -namespace=my-namespace --token-only
which authenticates to https://vault.company.io and retrieves a token that I can then use for subsequent operations against this vault instance.
When I run that from my host machine it works fine, however when I try to run from inside a devcontainer it fails with:
Error authenticating: Put "https://vault.company.io/v1/auth/oidc/oidc/auth_url": dial tcp 172.21.20.172:443: connect: no route to host
Note that I do have a working connection to the internet from inside the devcontainer, curl www.google.com works fine, for example. If I try similar for the resource I'm trying to reach:
curl https://vault.company.io
it fails with:
curl: (7) Failed to connect to vault.secrets.hellofresh.io port 443: No route to host
Running that same command from the host works fine.
I have done some searching about this problem and found a number of places that advised me to add:
"runArgs": ["--network=host"]
to my devcontainer.json but I've tried that, it didn't make any difference.
Can anyone suggest what I need to do to be able to connect to this resource on the VPN from inside my devcontainer?
I had a rogue docker network hanging around. After executing docker network prune on the host everything started working.