Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support Lima VMs iptables rules #27

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

feat: support Lima VMs iptables rules #27

wants to merge 1 commit into from

Conversation

night0wl
Copy link

New Features:

  • Adds support for Lima-based VM by added a necessary iptables rule

Caveats:

  • For Colima, still need to manually symlink /var/run/docker.sock

TODO:

  • Update documentation

@night0wl night0wl mentioned this pull request May 27, 2023
Open
gregnr
gregnr reviewed May 27, 2023
View reviewed changes
Copy link
Member

@gregnr gregnr left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fantastic work @night0wl! Confirming regular Docker Desktop still works with iptables-legacy?

For /var/run/docker.sock, probably the best solution is to support custom Docker daemon endpoints via config file. We can address that separately in #24.

client/main.go
err = ipt.AppendUnique(
"filter", "FORWARD",
"-s", hostPeerIp,
"-p", "tcp", "-j", "ACCEPT",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't be any reason to restrict forwarding for just TCP right?

@th3fallen
Copy link

any updates on this?

@mhumeSF
Copy link

mhumeSF commented Dec 9, 2023
edited
Loading

I wanted to add my experience using colima. Since v0.6.0 colima uses ubuntu as the base vm os – docker-mac-net-connect works as is with the addition of running sudo iptables -A FORWARD -s 10.33.33.1 -j ACCEPT when ssh'd into the vm.

@RafalSkolasinski
Copy link

Guys, this would be great as it would allow to provide out of the box support to folks that don't want to use Docker Desktop.

Does this require any further testing?

@tylerauerbeck
Copy link

@gregnr Is this something that you see landing in this project? Anything that still needs tested, etc. as part of this (or future) PRs?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gregnr gregnr gregnr left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@night0wl @th3fallen @mhumeSF @RafalSkolasinski @tylerauerbeck @gregnr