https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# rancher-desktop
a
This message was deleted.
f
Hi, strange, on Linux I can see that RD node Internal IP is the same as lima's eth0 IP
n
I cannot ping the IP Address from my mac's terminal
f
also the annotation on the node is different than yours, are you using correct context/cluster for kubectl?
n
ping 192.168.205.2 PING 192.168.205.2 (192.168.205.2): 56 data bytes Request timeout for icmp_seq 0
Yes
Copy code
kubectx
cmoullia/c114-e-eu-de-containers-cloud-ibm-com:32429/IAM#cmoullia@redhat.com
default/c114-e-eu-de-containers-cloud-ibm-com:32429/IAM#cmoullia@redhat.com
kind-kind
kubernetes-admin@kubernetes
--> "rancher-desktop"

and 

k get nodes
NAME                   STATUS   ROLES                  AGE    VERSION
lima-rancher-desktop   Ready    control-plane,master   143d   v1.21.9+k3s1
f
this is from my RD 1.4.1 on Linux:
Copy code
$ kubectl get nodes -o wide
NAME                   STATUS   ROLES                  AGE   VERSION        INTERNAL-IP    EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION   CONTAINER-RUNTIME
lima-rancher-desktop   Ready    control-plane,master   27h   v1.23.6+k3s1   192.168.5.15   <none>        Alpine Linux v3.15   5.15.40-0-virt   <containerd://1.5.11>
n
on macos
Copy code
k get nodes -o wide
NAME                   STATUS   ROLES                  AGE    VERSION        INTERNAL-IP     EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION   CONTAINER-RUNTIME
lima-rancher-desktop   Ready    control-plane,master   143d   v1.21.9+k3s1   192.168.205.2   <none>        Alpine Linux v3.15   5.15.40-0-virt   <containerd://1.5.11>
f
anyway I'd recommend you to do RD update - the node lives 143d days and I'd say lot of things changed in meantime
n
I'm using RD - 1.4.1
Will reset ti
f
I'd do factory reset via RD UI if possible - that should pull everything from scratch
n
Copy code
k get nodes -o wide
NAME                   STATUS   ROLES                  AGE     VERSION        INTERNAL-IP    EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION   CONTAINER-RUNTIME
lima-rancher-desktop   Ready    control-plane,master   2m31s   v1.21.9+k3s1   192.168.5.15   <none>        Alpine Linux v3.15   5.15.40-0-virt   <containerd://1.5.11>
 ~  ping 192.168.5.15
PING 192.168.5.15 (192.168.5.15): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
f
ok, the node has right ip now - ping doesn't work to lima VM as it using qemu user networking which doesn't support ICMP
... you may run 
rdctl shell
to get into lima shell
n
I can ssh
Copy code
rdctl shell
lima-rancher-desktop:/Users/cmoullia$ ifcofig
/bin/ash: ifcofig: not found
lima-rancher-desktop:/Users/cmoullia$ ifconfig
cni0      Link encap:Ethernet  HWaddr E6:D9:93:FB:DE:B2
          inet addr:10.42.0.1  Bcast:10.42.0.255  Mask:255.255.255.0
          inet6 addr: fe80::e4d9:93ff:fefb:deb2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1450  Metric:1
          RX packets:8242 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8665 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1859556 (1.7 MiB)  TX bytes:2949775 (2.8 MiB)

eth0      Link encap:Ethernet  HWaddr 52:55:55:4A:B8:EC
          inet addr:192.168.5.15  Bcast:0.0.0.0  Mask:255.255.255.0
f
perfect, now it looks good to me
n
Is there an traefix ingress example that I could test ?
I deployed the following exemple but cannot access the route from my local macos using http://whoami.192.168.5.15.nip.io/ -> https://gist.github.com/cmoulliard/c53df84d1e9199cad18a0cfbdb0d5334
Question: Is it possible to access from Google Chrome opened within my laptop (= my mac running rancher desktop) the IP address of the Lima VM = 
192.168.5.15
as on my mac the IP address is 
192.168.1.90
?
f
No, traffic is forwarded to 127.0.0.1 so use eg. 
- host: <http://myhost.127.0.0.1.nip.io|myhost.127.0.0.1.nip.io>
then you should be able open in browser http://myhost.127.0.0.1.nip.io
f
There seems to be some confusions about the internal network (eth0, always 
192.168.5.0/24
, and the additional networks supported on macOS (bridged and shared) (interfaces 
rd0
and 
rd1
). The additional interfaces are "real" interfaces and don't use port forwarding, but are only available when you enable "administrative" access ("sudo").
This is an image from our Lima talk, but it applies to Rancher Desktop too (but just one VM):
Rancher Desktop will try to use the bridged network, if it got an IPv4 address. Sometimes that doesn't work for local networking reasons; then it will fall back to the shared network, and if that also doesn't work (or if "sudo" was not enabled), it uses the internal qemu network that is not routable from the host, but relies on port forwarding.
The 
192.168.205.2
address is from the shared network range, so should have been reachable from inside the host, but not from other machines on the local network. I don't know why this didn't work for you, and it is too late now to investigate since you reset the configuration.
(Rancher Desktop configures the shared network to use the 
192.168.205.0/24
subnet so it doesn't conflict if you also run regular lima side-by-side with it).
n
I will enable 
sudo
and do another test. That should be great to better document how networks are configured between the host and VMs like also that someone add a getting started real example using traefix ;-)
I do --> • Allow sudo access • Get the IP address 
IP=$(get node/lima-rancher-desktop -o json | jq ".status.addresses[0].address")
• Set up the ingress host to : 
<http://whoami.192.168.205.2.nip.io/>
• Access from my browser 
<http://whoami.192.168.205.2.nip.io/>
f
And, is it working?
Quick check if you can reach traefik:
Copy code
$ curl -k https://$(kubectl get svc traefik -n kube-system -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
404 page not found
The 
404
means it worked 🙂 Otherwise you would have gotten connection refused or some other lower level error. If you can make an https connection, it means you have reached the ingress controller
n
And, is it working?
Yes 🙂
🦜 1
f
Good; glad to hear that! 🙂
n
Copy code
curl -k https://$(kubectl get svc traefik -n kube-system -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
404 page not found
👍 1
27 Views
Open in Slack
PreviousNext
Powered by