Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Networking issue after 0.70 -> 0.7.1 #1103

Closed
1 of 5 tasks
ragboy opened this issue Aug 11, 2024 · 4 comments · Fixed by #1107
Closed
1 of 5 tasks

Networking issue after 0.70 -> 0.7.1 #1103

ragboy opened this issue Aug 11, 2024 · 4 comments · Fixed by #1107

Comments

@ragboy
Copy link

ragboy commented Aug 11, 2024

Description

After upgrading from 0.7.0 to 0.7.1 I noticed that I could not login to my home gitlab registry. I host gitlab in a kubernetes cluster on my home network. The subnet of my home net is 10.0.2.0/24. My mac is on 10.0.2.99, and the k8s system is in that subnet. When I try to login I get "connection refused". So if I ssh into that colima instance, I can try using curl, and it works outside of my net, but to anything inside my subnet, I get "connection refused". I even tried using curl and telnet to various services on my subnet and they all refuse connection. I manually downgraded to 0.7.0, and then all is well.

Version

This is downgraded:
colima version v0.7.0
git commit: 4b14e8a

runtime: docker
arch: aarch64
client: v27.1.1
server: v27.1.1
limactl version 0.22.0
qemu-img version 9.0.2
Copyright (c) 2003-2024 Fabrice Bellard and the QEMU Project developers

When I use brew for colima to 0.7.1, then it fails.

Operating System

  • macOS Intel <= 13 (Ventura)
  • macOS Intel >= 14 (Sonoma)
  • Apple Silicon <= 13 (Ventura)
  • Apple Silicon >= 14 (Sonoma)
  • Linux

Output of colima status

INFO[0000] colima is running using QEMU
INFO[0000] arch: aarch64
INFO[0000] runtime: docker
INFO[0000] mountType: sshfs
INFO[0000] socket: unix:///Users/rgarcia/.colima/default/docker.sock

Reproduction Steps

  1. Use 0.7.1
  2. ssh into colima and curl something on the local subnet.

Expected behaviour

successful connection, like with 0.7.0

Additional context

No response

@abiosoft
Copy link
Owner

A feature that was added to support host IP addresses for docker port binding. That is most likely the cause.

A fix would be to hide the feature behind a flag and have it disabled by default.

Even though you probably do not need this, just to validate my hypothesis, can you start with --network-address flag and see if the behaviour stays the same?

Thanks.

@ragboy
Copy link
Author

ragboy commented Aug 12, 2024

I will check, and let you know.

@ragboy
Copy link
Author

ragboy commented Aug 12, 2024

with 0.7.1 w/o --network-address fails:

rgarcia@colima:/Users/rgarcia$ curl -Iv https://xxxxxxxx.com
* Host wake9.com:443 was resolved.
* IPv6: (none)
* IPv4: 10.0.2.62, 10.0.2.63, 10.0.2.61
*   Trying 10.0.2.62:443...
* connect to 10.0.2.62 port 443 from 10.0.2.130 port 56418 failed: Connection refused
*   Trying 10.0.2.63:443...
* connect to 10.0.2.63 port 443 from 10.0.2.130 port 41818 failed: Connection refused
*   Trying 10.0.2.61:443...
* connect to 10.0.2.61 port 443 from 10.0.2.130 port 34476 failed: Connection refused
* Failed to connect to wake9.com port 443 after 7 ms: Couldn't connect to server
* Closing connection
curl: (7) Failed to connect to wake9.com port 443 after 7 ms: Couldn't connect to server

and then when I add --network-address, it works fine:

rgarcia@colima:/Users/rgarcia$ curl -I https://xxxxxxxx.com
HTTP/2 200
date: Mon, 12 Aug 2024 14:13:35 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://wake9.com/xmlrpc.php
link: <https://wake9.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/P9ATpQ-D>; rel=shortlink
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains

@abiosoft
Copy link
Owner

Thanks for confirming, a fix would be out soon.

tmeijn pushed a commit to tmeijn/dotfiles that referenced this issue Aug 15, 2024
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [abiosoft/colima](https://github.com/abiosoft/colima) | patch | `v0.7.1` -> `v0.7.3` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>abiosoft/colima (abiosoft/colima)</summary>

### [`v0.7.3`](https://github.com/abiosoft/colima/releases/tag/v0.7.3)

[Compare Source](abiosoft/colima@v0.7.2...v0.7.3)

#### Highlights

This is an hotfix release to address crashes during startup on macOS Sequoia 15 beta for M1 and M2 devices. [#&#8203;1109](abiosoft/colima#1109)

#### Commits

-   cli: fix broken flag for non-m3 devices on macOS 15 by [@&#8203;abiosoft](https://github.com/abiosoft) in abiosoft/colima#1110

**Full Changelog**: abiosoft/colima@v0.7.2...v0.7.3

### [`v0.7.2`](https://github.com/abiosoft/colima/releases/tag/v0.7.2)

[Compare Source](abiosoft/colima@v0.7.1...v0.7.2)

#### Highlights

This is an hotfix release to address regressions introduced in v0.7.1.

#### Fixes

-   Incorrect checksum for macOS binaries on Github releases. Fixes [#&#8203;1106](abiosoft/colima#1106)
-   Port mapping to specific host IP addresses has been moved behind `--network-host-addresses` flag and disabled by default. Fixes [#&#8203;1103](abiosoft/colima#1103)

#### Commits

-   chore: generate checksum files after signing assets by codesign by [@&#8203;suzuki-shunsuke](https://github.com/suzuki-shunsuke) in abiosoft/colima#1105
-   net: put host ip address replication behind a flag by [@&#8203;abiosoft](https://github.com/abiosoft) in abiosoft/colima#1107

#### New Contributors

-   [@&#8203;suzuki-shunsuke](https://github.com/suzuki-shunsuke) made their first contribution in abiosoft/colima#1105

**Full Changelog**: abiosoft/colima@v0.7.1...v0.7.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants