https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# rancher-desktop
a
This message was deleted.
q
Copy code
% nerdctl run -it alpine
<http://docker.io/library/alpine:latest|docker.io/library/alpine:latest>:                                                  resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:69665d02cb32192e52e07644d76bc6f25abeb5410edc1c7a81a10ba3f0efb90a:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:c41ab5c992deb4fe7e5da09f67a8804a46bd0592bfdf0b1847dde0e0889d2bff: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:d74e625d91152966d38fe8a62c60daadb96d4b94c1a366de01fab5f334806239:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:af6eaf76a39c2d3e7e0b8a0420486e3df33c4027d696c076a99a3d0ac09026af:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 1.5 s                                                                    total:  3.1 Mi (2.1 MiB/s)
FATA[0001] subnet 10.4.0.0/24 overlaps with other one on this address space
Error: exit status 1
f
Yeah, it is a problem with the lack of network namespace on WSL, so we can't cleanup the iptables rules when you exit Rancher Desktop. It should be fixed by either 
wsl --shutdown
or by manually deleting iptables rules from any WSL distro, e.g.
Copy code
sudo iptables -F
sudo iptables -L | awk '/^Chain CNI/ {print $2}' | xargs -l sudo iptables -X
q
macOS
f
Oh, so yes, 
nerdctl
hates you 馃槥
Let me see if there is something in Github
I know on Windows this is not a conflict with another network, but a collision with leftover iptables rules 
nerdctl
created itself. I'm not sure what the cause is on macOS.
q
f
Did you try if changing the bridge network specification works for you? When I tried it, it didn't work, but the bug I opened has been closed: The CIDR of the bridge can't be changed (`network with name bridge already exists`) 路 Issue #1490 路 containerd/nerdctl
If this actually works now, please leave a comment, so we can eventually make this configurable...
q
inside lima or outside?
Copy code
lima-rancher-desktop:/Users/jsoref$ nerdctl network rm bridge
FATA[0000] subnet 10.4.0.0/24 overlaps with other one on this address space
f
Doesn't matter; the 
nerdctl
command always runs inside the VM.
q
not technically the same behavior?
f
Hm, so it looks like the issue is closed, but not actually fixed? Which 
nerdctl
version are you using?
q
Copy code
lima-rancher-desktop:/Users/jsoref$ nerdctl version
Client:
 Version:	v1.0.0
 OS/Arch:	linux/arm64
 Git commit:	c00780a1f5b905b09812722459c54936c9e070e6
 buildctl:
  Version:	v0.10.5
  GitCommit:	bc26045116045516ff2427201abd299043eaf8f7

Server:
 containerd:
  Version:	v1.6.8
  GitCommit:	9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
 runc:
  Version:	1.1.4
  GitCommit:	5fd4c4d144137e991c4acebb2146ab1483a97925
looks like someone needs to upgrade it?
Copy code
Merge pull request #1554 from fahedouch/cni-env-default-network-status
fix network creation behavior
 main (#1554)
 v1.2.1  v1.2.0 v1.1.0
@AkihiroSuda
f
Are you running an old version of RD?
q
am i?
(I don't think so..., but, I could be wrong)
f
No, you are right, 1.7 was released in December...
q
hmm, the nerdctl fix was late Nov
f
Try to upgrade nerdctl to 1.2.1 and see if that helps? I use this script (just update the version):
Copy code
#!/bin/bash

set -eux

VERSION=${VERSION:-1.1.0}

rdctl shell sudo -i wget <https://github.com/containerd/nerdctl/releases/download/v${VERSION}/nerdctl-${VERSION}-linux-amd64.tar.gz>
rdctl shell sudo -i tar xvfz nerdctl-${VERSION}-linux-amd64.tar.gz -C /usr/local/libexec/nerdctl nerdctl
rdctl shell sudo -i rm nerdctl-${VERSION}-linux-amd64.tar.gz
q
1.1.0 seems reasonable, do you really want 1.2.1? remember i'm on 1.0
f
You can use the same script to downgrade again... I would try the latest first
If that alone isn't enough, try editing the config manually:
Copy code
rdctl shell sudo vi /etc/cni/net.d/nerdctl-bridge.conflist
q
Copy code
lima-rancher-desktop:/Users/jsoref$ nerdctl version
WARN[0000] environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
WARN[0000] environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
WARN[0000] environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
WARN[0000] environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
FATA[0000] rootless containerd not running? (hint: use `containerd-rootless-setuptool.sh install` to start rootless containerd): environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
f
You have to run it as 
root
q
Copy code
lima-rancher-desktop:/Users/jsoref$ sudo nerdctl version
Client:
 Version:	v1.2.1
 OS/Arch:	linux/amd64
 Git commit:	a0bbfd75ba92bcb11ac6059bf4f6f4e50c6da0b8
 buildctl:
  Version:	v0.10.5
  GitCommit:	bc26045116045516ff2427201abd299043eaf8f7

Server:
 containerd:
  Version:	v1.6.8
  GitCommit:	9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
 runc:
  Version:	1.1.4
  GitCommit:	5fd4c4d144137e991c4acebb2146ab1483a97925
Copy code
lima-rancher-desktop:/Users/jsoref$ sudo nerdctl network ls
NETWORK ID    NAME    FILE
              cbr0    /etc/cni/net.d/10-flannel.conflist
              host
              none
that's progress
Copy code
jsoref@jsoref-mbp ~ % nerdctl network ls
NETWORK ID    NAME    FILE
              cbr0    /etc/cni/net.d/10-flannel.conflist
              host
              none
Still can't run things automatically (didn't actually expect to be able to, just testing):
Copy code
jsoref@jsoref-mbp ~ % nerdctl run -it busybox
<http://docker.io/library/busybox:latest|docker.io/library/busybox:latest>:                                                 resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:2c8ed5408179ff4f53242a4bdd2706110ce000be239fe37a61be9c52f704c437: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:bab98d58e29e4eb5744a69057a7b3d6ce99b19363a0e52c40301a5db43abf83c:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:1487bff95222881565c7c063129c2c2ce3d6fc4d14796ac7627bd1f167bc5621:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 1.7 s                                                                    total:  2.0 Mi (1.2 MiB/s)
FATA[0001] failed to create default network: subnet 10.4.0.0/24 overlaps with other one on this address space
Error: exit status 1
there's no network named 
bridge
"did you mean cbr0"?
Copy code
lima-rancher-desktop:/Users/jsoref$ sudo nerdctl network rm bridge
FATA[0000] 1 errors:
no such network: bridge
f
Weird, this is what I get with 1.2.1:
Copy code
$ nerdctl network ls
NETWORK ID      NAME      FILE
                cbr0      /etc/cni/net.d/10-flannel.conflist
17f29b073143    bridge    /etc/cni/net.d/nerdctl-bridge.conflist
                host
                none
q
didn't you manually create that file?
Copy code
lima-rancher-desktop:/Users/jsoref$ ls /etc/cni/net.d/
10-flannel.conflist
fwiw, i can't easily determine where in https://github.com/search?q=repo%3Arancher-sandbox%2Francher-desktop+nerdctl&amp;type=code&amp;p=3 the version of 
nerdctl
is specified (doesn't really matter, but i did try to check)
f
nerdctl
is pre-installed in the alpine-lima ISO image
Sorry, no further ideas
q
It'd be nice if that info was included somewhere easily reachable from the main rancher desktop.app...
(I can maybe file that next week)
518 Views
Open in Slack
PreviousNext
Powered by