Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to start VM when default Docker socket is used #3153

Open
dharsanb opened this issue Jan 26, 2025 · 0 comments
Open

Unable to start VM when default Docker socket is used #3153

dharsanb opened this issue Jan 26, 2025 · 0 comments

Comments

@dharsanb
Copy link

Description

When the below option is enabled in Docker Desktop for Mac, I'm unable to create / start a VM. Disabling it, I'm able to create the VM and also able to re-enable the option without any issue.

Allow the default Docker socket to be used (requires password)
Creates /var/run/docker.sock which some third-party clients may use to communicate with Docker Desktop.

limactl version 1.0.4
Docker desktop version: 4.37.2
MacOS Sequoia 15.3 24D60

Image

Logs

{"level":"debug","msg":"ResolveVMType: resolved VMType \"vz\" (explicitly specified in []*LimaYAML{o,y,d}[1])","time":"2025-01-27T01:23:57+05:30"}
{"level":"debug","msg":"Creating iso file /Users/user/.lima/k3s/cidata.iso","time":"2025-01-27T01:23:57+05:30"}
{"level":"debug","msg":"Using /var/folders/vb/g2ggtrtd6nb7l_jth2t35dz40000gn/T/diskfs_iso2023373558 as workspace","time":"2025-01-27T01:23:57+05:30"}
{"level":"debug","msg":"Failed to detect CPU features. Assuming that AES acceleration is available on this Apple silicon.","time":"2025-01-27T01:23:57+05:30"}
{"level":"debug","msg":"OpenSSH version 9.8.1 detected","time":"2025-01-27T01:23:57+05:30"}
{"level":"debug","msg":"AES accelerator seems available, prioritizing [email protected] and [email protected]","time":"2025-01-27T01:23:57+05:30"}
{"level":"info","msg":"TCP (except for SSH) and UDP port forwarding is disabled","time":"2025-01-27T01:23:57+05:30"}
{"level":"info","msg":"hostagent socket created at /Users/user/.lima/k3s/ha.sock","time":"2025-01-27T01:23:57+05:30"}
{"level":"info","msg":"Starting VZ (hint: to watch the boot progress, see \"/Users/user/.lima/k3s/serial*.log\")","time":"2025-01-27T01:23:57+05:30"}
{"level":"debug","msg":"Start udp DNS listening on: 127.0.0.1:60908","time":"2025-01-27T01:23:57+05:30"}
{"level":"debug","msg":"Using search domains: [bbrouter]","time":"2025-01-27T01:23:57+05:30"}
{"level":"debug","msg":"Start tcp DNS listening on: 127.0.0.1:51749","time":"2025-01-27T01:23:57+05:30"}
{"level":"info","msg":"reloading dns nameservers to [192.168.1.1:53]","time":"2025-01-27T01:23:57+05:30"}
{"level":"fatal","msg":"cannot add network services: adding watcher failed: \"/private/var/run/docker.sock\": operation not supported on socket","time":"2025-01-27T01:23:57+05:30"}

Template used for debugging:

images:
  # Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release-20241119/ubuntu-24.04-server-cloudimg-amd64.img"
    arch: "x86_64"
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release-20241119/ubuntu-24.04-server-cloudimg-arm64.img"
    arch: "aarch64"
  # Fallback to the latest release image.
  # Hint: run `limactl prune` to invalidate the cache
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-amd64.img"
    arch: "x86_64"
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-arm64.img"
    arch: "aarch64"

# Mounts are disabled in this template, but can be enabled optionally.
mounts: [ ]

# containerd is managed by k3s, not by Lima, so the values are set to false here.
containerd:
  system: false
  user: false

mountTypesUnsupported:
networks:
  - vzNAT: true

portForwards:
  - ignore: true
    proto: any
    guestIP: 0.0.0.0
vmType: vz
arch: aarch64
cpus: 6
memory: 24GiB
disk: 256GiB

user:
  home: /home/{{.User}}

Actual template I wanted to use:

# Deploy kubernetes via k3s (which installs a bundled containerd).
# $ limactl start ./k3s.yaml
# $ limactl shell k3s kubectl
#
# It can be accessed from the host by exporting the kubeconfig file;
# the ports are already forwarded automatically by lima:
#
# $ export KUBECONFIG=$(limactl list k3s --format 'unix://{{.Dir}}/copied-from-guest/kubeconfig.yaml')
# $ kubectl get no
# NAME       STATUS   ROLES                  AGE   VERSION
# lima-k3s   Ready    control-plane,master   69s   v1.21.1+k3s1
#
# This template requires Lima v0.7.0 or later.

images:
  # Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release-20241119/ubuntu-24.04-server-cloudimg-amd64.img"
    arch: "x86_64"
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release-20241119/ubuntu-24.04-server-cloudimg-arm64.img"
    arch: "aarch64"
  # Fallback to the latest release image.
  # Hint: run `limactl prune` to invalidate the cache
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-amd64.img"
    arch: "x86_64"
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-arm64.img"
    arch: "aarch64"

# Mounts are disabled in this template, but can be enabled optionally.
mounts: [ ]

# containerd is managed by k3s, not by Lima, so the values are set to false here.
containerd:
  system: false
  user: false

provision:
  - mode: system
    script: |
      #!/bin/sh
      if [ ! -f /usr/bin/fish ]; then
              sudo apt-get install -y vim
              sudo apt-add-repository ppa:fish-shell/release-3 -y
              sudo apt update
              sudo apt install fish -y
              sudo chsh -s $(which fish)
      fi
      if [ ! -d /var/lib/rancher/k3s ]; then
              curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="server --write-kubeconfig-mode 644" sh -
      fi
probes:
  - script: |
      #!/bin/bash
      set -eux -o pipefail
      if ! timeout 30s bash -c "until test -f /etc/rancher/k3s/k3s.yaml; do sleep 3; done"; then
              echo >&2 "k3s is not running yet"
              exit 1
      fi
      if ! timeout 30s bash -c "until test -f /usr/bin/fish; do sleep 3; done"; then
                          echo >&2 "fish is not installed yet"
                          exit 1
      fi
    hint: |
      The k3s kubeconfig file has not yet been created.
      Run "limactl shell k3s sudo journalctl -u k3s" to check the log.
      If that is still empty, check the bottom of the log at "/var/log/cloud-init-output.log".
copyToHost:
  - guest: "/etc/rancher/k3s/k3s.yaml"
    host: "{{.Dir}}/copied-from-guest/kubeconfig.yaml"
    deleteOnStop: true
message: |
  To run `kubectl` on the host (assumes kubectl is installed), run the following commands:
  ------
  export KUBECONFIG="{{.Dir}}/copied-from-guest/kubeconfig.yaml"
  kubectl ...
  ------

upgradePackages: true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dharsanb