https://rancher.com/ logo
Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Powered by
Title
q

quick-keyboard-83126

03/07/2023, 7:33 PM
nerdctl hates me?
% nerdctl run -it alpine
<http://docker.io/library/alpine:latest|docker.io/library/alpine:latest>:                                                  resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:69665d02cb32192e52e07644d76bc6f25abeb5410edc1c7a81a10ba3f0efb90a:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:c41ab5c992deb4fe7e5da09f67a8804a46bd0592bfdf0b1847dde0e0889d2bff: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:d74e625d91152966d38fe8a62c60daadb96d4b94c1a366de01fab5f334806239:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:af6eaf76a39c2d3e7e0b8a0420486e3df33c4027d696c076a99a3d0ac09026af:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 1.5 s                                                                    total:  3.1 Mi (2.1 MiB/s)
FATA[0001] subnet 10.4.0.0/24 overlaps with other one on this address space
Error: exit status 1
f

fast-garage-66093

03/07/2023, 7:47 PM
Yeah, it is a problem with the lack of network namespace on WSL, so we can't cleanup the iptables rules when you exit Rancher Desktop. It should be fixed by either 
wsl --shutdown
or by manually deleting iptables rules from any WSL distro, e.g. 
sudo iptables -F
sudo iptables -L | awk '/^Chain CNI/ {print $2}' | xargs -l sudo iptables -X
q

quick-keyboard-83126

03/07/2023, 7:47 PM
macOS
f

fast-garage-66093

03/07/2023, 7:48 PM
Oh, so yes, 
nerdctl
hates you 😞
Let me see if there is something in Github
There is "FATA[0000] subnet 10.4.0.0/24 overlaps with other one on this address space" error when starting containers · Issue #3365 but it doesn't have a fix/workaround.
I know on Windows this is not a conflict with another network, but a collision with leftover iptables rules 
nerdctl
created itself. I'm not sure what the cause is on macOS.
q

quick-keyboard-83126

03/07/2023, 8:06 PM
https://github.com/rancher-sandbox/rancher-desktop/issues/3365#issuecomment-1458782172
f

fast-garage-66093

03/07/2023, 8:08 PM
Did you try if changing the bridge network specification works for you? When I tried it, it didn't work, but the bug I opened has been closed: The CIDR of the bridge can't be changed (`network with name bridge already exists`) · Issue #1490 · containerd/nerdctl
If this actually works now, please leave a comment, so we can eventually make this configurable...
q

quick-keyboard-83126

03/07/2023, 8:11 PM
inside lima or outside?
lima-rancher-desktop:/Users/jsoref$ nerdctl network rm bridge
FATA[0000] subnet 10.4.0.0/24 overlaps with other one on this address space
f

fast-garage-66093

03/07/2023, 8:12 PM
Doesn't matter; the 
nerdctl
command always runs inside the VM.
q

quick-keyboard-83126

03/07/2023, 8:13 PM
not technically the same behavior?
f

fast-garage-66093

03/07/2023, 8:13 PM
Hm, so it looks like the issue is closed, but not actually fixed? Which 
nerdctl
version are you using?
q

quick-keyboard-83126

03/07/2023, 8:13 PM
lima-rancher-desktop:/Users/jsoref$ nerdctl version
Client:
 Version:	v1.0.0
 OS/Arch:	linux/arm64
 Git commit:	c00780a1f5b905b09812722459c54936c9e070e6
 buildctl:
  Version:	v0.10.5
  GitCommit:	bc26045116045516ff2427201abd299043eaf8f7

Server:
 containerd:
  Version:	v1.6.8
  GitCommit:	9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
 runc:
  Version:	1.1.4
  GitCommit:	5fd4c4d144137e991c4acebb2146ab1483a97925
looks like someone needs to upgrade it?
Merge pull request #1554 from fahedouch/cni-env-default-network-status
fix network creation behavior
 main (#1554)
 v1.2.1  v1.2.0 v1.1.0
@AkihiroSuda
f

fast-garage-66093

03/07/2023, 8:15 PM
Are you running an old version of RD?
q

quick-keyboard-83126

03/07/2023, 8:15 PM
am i?
image.png
(I don't think so..., but, I could be wrong)
f

fast-garage-66093

03/07/2023, 8:16 PM
No, you are right, 1.7 was released in December...
q

quick-keyboard-83126

03/07/2023, 8:17 PM
hmm, the nerdctl fix was late Nov
f

fast-garage-66093

03/07/2023, 8:17 PM
Try to upgrade nerdctl to 1.2.1 and see if that helps? I use this script (just update the version): 
#!/bin/bash

set -eux

VERSION=${VERSION:-1.1.0}

rdctl shell sudo -i wget <https://github.com/containerd/nerdctl/releases/download/v${VERSION}/nerdctl-${VERSION}-linux-amd64.tar.gz>
rdctl shell sudo -i tar xvfz nerdctl-${VERSION}-linux-amd64.tar.gz -C /usr/local/libexec/nerdctl nerdctl
rdctl shell sudo -i rm nerdctl-${VERSION}-linux-amd64.tar.gz
q

quick-keyboard-83126

03/07/2023, 8:18 PM
1.1.0 seems reasonable, do you really want 1.2.1? remember i'm on 1.0
f

fast-garage-66093

03/07/2023, 8:19 PM
You can use the same script to downgrade again... I would try the latest first
If that alone isn't enough, try editing the config manually: 
rdctl shell sudo vi /etc/cni/net.d/nerdctl-bridge.conflist
q

quick-keyboard-83126

03/07/2023, 8:19 PM
lima-rancher-desktop:/Users/jsoref$ nerdctl version
WARN[0000] environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
WARN[0000] environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
WARN[0000] environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
WARN[0000] environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
FATA[0000] rootless containerd not running? (hint: use `containerd-rootless-setuptool.sh install` to start rootless containerd): environment variable XDG_RUNTIME_DIR is not set, see <https://rootlesscontaine.rs/getting-started/common/login/>
f

fast-garage-66093

03/07/2023, 8:20 PM
You have to run it as 
root
q

quick-keyboard-83126

03/07/2023, 8:20 PM
lima-rancher-desktop:/Users/jsoref$ sudo nerdctl version
Client:
 Version:	v1.2.1
 OS/Arch:	linux/amd64
 Git commit:	a0bbfd75ba92bcb11ac6059bf4f6f4e50c6da0b8
 buildctl:
  Version:	v0.10.5
  GitCommit:	bc26045116045516ff2427201abd299043eaf8f7

Server:
 containerd:
  Version:	v1.6.8
  GitCommit:	9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
 runc:
  Version:	1.1.4
  GitCommit:	5fd4c4d144137e991c4acebb2146ab1483a97925
lima-rancher-desktop:/Users/jsoref$ sudo nerdctl network ls
NETWORK ID    NAME    FILE
              cbr0    /etc/cni/net.d/10-flannel.conflist
              host
              none
that's progress
jsoref@jsoref-mbp ~ % nerdctl network ls
NETWORK ID    NAME    FILE
              cbr0    /etc/cni/net.d/10-flannel.conflist
              host
              none
Still can't run things automatically (didn't actually expect to be able to, just testing): 
jsoref@jsoref-mbp ~ % nerdctl run -it busybox
<http://docker.io/library/busybox:latest|docker.io/library/busybox:latest>:                                                 resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:2c8ed5408179ff4f53242a4bdd2706110ce000be239fe37a61be9c52f704c437: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:bab98d58e29e4eb5744a69057a7b3d6ce99b19363a0e52c40301a5db43abf83c:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:1487bff95222881565c7c063129c2c2ce3d6fc4d14796ac7627bd1f167bc5621:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 1.7 s                                                                    total:  2.0 Mi (1.2 MiB/s)
FATA[0001] failed to create default network: subnet 10.4.0.0/24 overlaps with other one on this address space
Error: exit status 1
there's no network named 
bridge
"did you mean cbr0"?
lima-rancher-desktop:/Users/jsoref$ sudo nerdctl network rm bridge
FATA[0000] 1 errors:
no such network: bridge
f

fast-garage-66093

03/07/2023, 8:22 PM
Weird, this is what I get with 1.2.1: 
$ nerdctl network ls
NETWORK ID      NAME      FILE
                cbr0      /etc/cni/net.d/10-flannel.conflist
17f29b073143    bridge    /etc/cni/net.d/nerdctl-bridge.conflist
                host
                none
q

quick-keyboard-83126

03/07/2023, 8:22 PM
didn't you manually create that file?
lima-rancher-desktop:/Users/jsoref$ ls /etc/cni/net.d/
10-flannel.conflist
fwiw, i can't easily determine where in https://github.com/search?q=repo%3Arancher-sandbox%2Francher-desktop+nerdctl&amp;type=code&amp;p=3 the version of 
nerdctl
is specified (doesn't really matter, but i did try to check)
f

fast-garage-66093

03/07/2023, 8:24 PM
nerdctl
is pre-installed in the alpine-lima ISO image
You can check https://docs.rancherdesktop.io/references/bundled-utilities or run 
nerdctl --version
Sorry, no further ideas
q

quick-keyboard-83126

03/07/2023, 8:26 PM
It'd be nice if that info was included somewhere easily reachable from the main rancher desktop.app...
(I can maybe file that next week)
9 Views
#rancher-desktopJoin Slack
Powered by