Prepare for v0.3.3 (abiosoft#174)

* core: add configurable dns * core: update nerdctl to 0.16.1 * fixes abiosoft#131: expose docker certs to vm * core: copy registry certs for all runtimes * containerd: bump nerdctl 0.16.1 → 0.17.0 * docs: update readme
Mu-L · Feb 16, 2022 · ac876a5 · ac876a5
1 parent a856dd6
commit ac876a5
Show file tree

Hide file tree

Showing 6 changed files with 130 additions and 41 deletions.
diff --git a/INSTALL.md b/INSTALL.md
@@ -18,9 +18,9 @@ brew install --HEAD colima
 
 Stable version
 
-```
+```
 sudo port install colima
-```
+```
 
 ## Nix
 
@@ -42,7 +42,7 @@ Binaries are available with every release on the [releases page](https://github.
 
 ```sh
 # download binary
-curl -LO https://github.com/abiosoft/colima/releases/download/v0.3.2/colima-$(uname)-$(uname -m)
+curl -LO https://github.com/abiosoft/colima/releases/download/v0.3.3/colima-$(uname)-$(uname -m)
 
 # install in $PATH
 install colima-$(uname)-$(uname -m) /usr/local/bin/colima # or sudo install if /usr/local/bin requires root.

diff --git a/README.md b/README.md
@@ -130,12 +130,23 @@ To provide container runtimes on macOS with minimal setup.
 
 ## What is with the name?
 
-Colima means Containers in Lima.
+Colima means Containers in [Lima](https://github.com/lima-vm/lima).
 
 Since Lima is aka Linux on Mac. By transitivity, Colima can also mean Containers on Linux on Mac.
 
 ## FAQ
 
+<details>
+<summary>How does Colima compare to Lima?</summary>
+<p>
+
+Colima is basically a higher level usage of Lima and utilises Lima to provide Docker, Containerd and/or Kubernetes.
+
+If you want more control over the underlying VM, you can either use Lima directly or override Colima's VM settings with [Lima overrides](https://github.com/lima-vm/lima/blob/873a39c6652fe5fcb07ee08418f39ccaeeea6979/pkg/limayaml/default.yaml#L271).
+
+</p>
+</details>
+
 <details>
 <summary>Can it run alongside Docker for Mac?</summary>
 <p>
@@ -195,7 +206,7 @@ Feedbacks would be appreciated.
 
 ## Help Wanted
 
-- ~~Homebrew formula~~
+- Documentation
 - Testing on M1 Macs
 
 ## Sponsoring the Project

diff --git a/cmd/start.go b/cmd/start.go
@@ -26,7 +26,8 @@ The --runtime, --disk and --arch flags are only used on initial start and ignore
  " colima start --with-kubernetes\n" +
  " colima start --runtime containerd --with-kubernetes\n" +
  " colima start --cpu 4 --memory 8 --disk 100\n" +
- " colima start --arch aarch64",
+ " colima start --arch aarch64\n" +
+ " colima start --dns 1.1.1.1 --dns 8.8.8.8",
  RunE: func(cmd *cobra.Command, args []string) error {
  return newApp().Start(startCmdArgs.Config)
  },
@@ -73,6 +74,9 @@ The --runtime, --disk and --arch flags are only used on initial start and ignore
  if !cmd.Flag("ssh-agent").Changed {
  startCmdArgs.VM.ForwardAgent = current.VM.ForwardAgent
  }
+ if !cmd.Flag("dns").Changed {
+ startCmdArgs.VM.DNS = current.VM.DNS
+ }
 
  log.Println("using", current.Runtime, "runtime")
 
@@ -140,9 +144,5 @@ func init() {
  startCmd.Flags().StringToStringVarP(&startCmdArgs.VM.Env, "env", "e", nil, "environment variables for the VM")
  _ = startCmd.Flags().MarkHidden("env")
 
- // dns application is not as straightforward in alpine
- // coupled with the fact that Lima now supports DNS propagation from the host
- // this is no longer priority
  startCmd.Flags().IPSliceVarP(&startCmdArgs.VM.DNS, "dns", "n", nil, "DNS servers for the VM")
- _ = startCmd.Flags().MarkHidden("dns")
 }
diff --git a/environment/vm/lima/certs.go b/environment/vm/lima/certs.go
@@ -0,0 +1,44 @@
+package lima
+
+import (
+ "fmt"
+ "path/filepath"
+
+ "github.com/abiosoft/colima/config"
+ "github.com/abiosoft/colima/util"
+)
+
+func (l limaVM) copyCerts() error {
+ log := l.Logger()
+ err := func() error {
+ dockerCertsDirHost := filepath.Join(util.HomeDir(), ".docker", "certs.d")
+ dockerCertsDirGuest := "/etc/docker/certs.d"
+ if _, err := l.host.Stat(dockerCertsDirHost); err != nil {
+ // no certs found
+ return nil
+ }
+
+ // we are utilising the host cache path as it is the only guaranteed mounted path.
+
+ // copy to cache dir
+ dockerCertsCacheDir := filepath.Join(config.CacheDir(), "docker-certs")
+ if err := l.host.RunQuiet("mkdir", "-p", dockerCertsCacheDir); err != nil {
+ return err
+ }
+ if err := l.host.RunQuiet("cp", "-R", dockerCertsDirHost+"/.", dockerCertsCacheDir); err != nil {
+ return err
+ }
+
+ // copy from cache to vm
+ if err := l.RunQuiet("sudo", "mkdir", "-p", dockerCertsDirGuest); err != nil {
+ return err
+ }
+ return l.RunQuiet("sudo", "cp", "-R", dockerCertsCacheDir+"/.", dockerCertsDirGuest)
+ }()
+
+ // not a fatal error, a warning suffices.
+ if err != nil {
+ log.Warnln(fmt.Errorf("cannot copy registry certs to vm: %w", err))
+ }
+ return nil
+}
diff --git a/environment/vm/lima/lima.go b/environment/vm/lima/lima.go
@@ -115,6 +115,9 @@ func (l *limaVM) Start(conf config.Config) error {
  return os.Remove(configFile)
  })
 
+ // registry certs
+ a.Add(l.copyCerts)
+
  l.applyDNS(a, conf)
 
  // adding it to command chain to execute only after successful startup.
@@ -150,35 +153,58 @@ func (l limaVM) resume(conf config.Config) error {
  return l.host.Run(limactl, "start", config.Profile().ID)
  })
 
+ // registry certs
+ a.Add(l.copyCerts)
+
  l.applyDNS(a, conf)
 
  return a.Exec()
 }
 
 func (l limaVM) applyDNS(a *cli.ActiveCommandChain, conf config.Config) {
- // manually set the domain using systemd-resolve.
+ // manually set the DNS by modifying the resolve file.
  //
  // Lima's DNS settings is fixed at VM create and cannot be changed afterwards.
  // this is a better approach as it only applies on VM startup and gets reset at shutdown.
- // this is specific to ubuntu, may be different for other distros.
-
- if len(conf.VM.DNS) == 0 {
- return
- }
-
- a.Stage("applying DNS config")
+ // this is specific to Alpine , may be different for other distros.
+ log := l.Logger()
+ dnsFile := "/etc/resolv.conf"
+ dnsFileBak := dnsFile + ".lima"
 
- // apply settings
  a.Add(func() error {
- args := []string{"sudo", "systemd-resolve", "--interface", "eth0"}
- for _, ip := range conf.VM.DNS {
- args = append(args, "--set-dns", ip.String())
+ // backup the original dns file (if not previously done)
+ if l.RunQuiet("stat", dnsFileBak) != nil {
+ err := l.RunQuiet("sudo", "cp", dnsFile, dnsFileBak)
+ if err != nil {
+ // custom DNS config failure should not prevent the VM from starting
+ // as the default config will be used.
+ // Rather, warn and terminate setting the DNS config.
+ log.Warnln(fmt.Errorf("error backing up default DNS config: %w", err))
+ return nil
+ }
  }
- return l.Run(args...)
+ return nil
  })
- // restart service, should not be needed but to ascertain
+
  a.Add(func() error {
- return l.Run("sudo", "systemctl", "restart", "systemd-resolved")
+ // empty the file
+ if err := l.RunQuiet("sudo", "rm", "-f", dnsFile); err != nil {
+ return fmt.Errorf("error initiating DNS config: %w", err)
+ }
+
+ for _, dns := range conf.VM.DNS {
+ line := fmt.Sprintf(`echo nameserver %s >> %s`, dns.String(), dnsFile)
+ if err := l.RunQuiet("sudo", "sh", "-c", line); err != nil {
+ return fmt.Errorf("error applying DNS config: %w", err)
+ }
+ }
+
+ if len(conf.VM.DNS) > 0 {
+ return nil
+ }
+
+ // use the default Lima dns if no dns is set
+ return l.RunQuiet("sudo", "sh", "-c", fmt.Sprintf("cat %s >> %s", dnsFileBak, dnsFile))
  })
 }
 

diff --git a/environment/vm/lima/yaml.go b/environment/vm/lima/yaml.go
@@ -17,8 +17,8 @@ func newConf(conf config.Config) (l Config, err error) {
  l.Arch = environment.Arch(conf.VM.Arch).Value()
 
  l.Images = append(l.Images,
- File{Arch: environment.AARCH64, Location: "https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.3.2/alpine-lima-clm-3.14.3-aarch64.iso", Digest: "sha512:1f93efbfb3093203446f605647438d04d239d3ee591c06b85e79f067180eff5d6b24b9133d147731a0a68d6d3b8d233eed844c99453e2f697e8df70f5b9cb1eb"},
- File{Arch: environment.X8664, Location: "https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.3.2/alpine-lima-clm-3.14.3-x86_64.iso", Digest: "sha512:875482176ff2f43bf9472f84137d8b9a56d692ae19243436079c7f2f78cb6b13576601eef9102aaea796629215fc60308e69b590c81fe4139e9e84f1ec4a57f5"},
+ File{Arch: environment.AARCH64, Location: "https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.3.3-1/alpine-lima-clm-3.14.3-aarch64.iso", Digest: "sha512:07d5b98f93c48e103cc0a3610a99980c17a5c8ca3ea81ca66ee53de2a182d41568e6701c146728270ecf2b8a944abc34f25ebb0edcea3378f2c17c75a287f85c"},
+ File{Arch: environment.X8664, Location: "https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.3.3-1/alpine-lima-clm-3.14.3-x86_64.iso", Digest: "sha512:1bcdf1fec1f7de5938a1dd6effad9546d20ff6caf6eefc8224a66af74891f0337f6f1e9bb8c2b3231e1364be004c3b25457cbc427968e27750d60662093538aa"},
  )
 
  l.CPUs = conf.VM.CPU
@@ -30,7 +30,9 @@ func newConf(conf config.Config) (l Config, err error) {
  l.Firmware.LegacyBIOS = false
 
  l.DNS = conf.VM.DNS
- l.UseHostResolver = len(l.DNS) == 0 // use host resolver when no DNS is set
+ // always use host resolver to generate Lima's default resolv.conf file
+ // colima will override this in VM when custom DNS is set
+ l.HostResolver.Enabled = true
 
  l.Env = map[string]string{}
  for k, v := range conf.VM.Env {
@@ -98,19 +100,19 @@ func newConf(conf config.Config) (l Config, err error) {
 
 // Config is lima config. Code copied from lima and modified.
 type Config struct {
- Arch  environment.Arch `yaml:"arch,omitempty"`
- Images  []File `yaml:"images"`
- CPUs  int `yaml:"cpus,omitempty"`
- Memory  string `yaml:"memory,omitempty"`
- Disk  string `yaml:"disk,omitempty"`
- Mounts  []Mount `yaml:"mounts,omitempty"`
- SSH  SSH `yaml:"ssh,omitempty"`
- Containerd  Containerd `yaml:"containerd"`
- Env  map[string]string `yaml:"env,omitempty"`
- DNS  []net.IP `yaml:"-"` // will be handled manually by colima
- Firmware  Firmware `yaml:"firmware"`
- UseHostResolver bool  `yaml:"useHostResolver"`
- PortForwards  []PortForward `yaml:"portForwards,omitempty"`
+ Arch environment.Arch `yaml:"arch,omitempty"`
+ Images []File `yaml:"images"`
+ CPUs int `yaml:"cpus,omitempty"`
+ Memory string `yaml:"memory,omitempty"`
+ Disk string `yaml:"disk,omitempty"`
+ Mounts []Mount `yaml:"mounts,omitempty"`
+ SSH SSH `yaml:"ssh,omitempty"`
+ Containerd Containerd `yaml:"containerd"`
+ Env map[string]string `yaml:"env,omitempty"`
+ DNS []net.IP `yaml:"-"` // will be handled manually by colima
+ Firmware Firmware `yaml:"firmware"`
+ HostResolver HostResolver `yaml:"hostResolver"`
+ PortForwards []PortForward `yaml:"portForwards,omitempty"`
 }
 
 type File struct {
@@ -161,6 +163,12 @@ type PortForward struct {
  Proto Proto `yaml:"proto,omitempty" json:"proto,omitempty"`
  Ignore bool `yaml:"ignore,omitempty" json:"ignore,omitempty"`
 }
+
+type HostResolver struct {
+ Enabled bool `yaml:"enabled" json:"enabled"`
+ IPv6 bool `yaml:"ipv6,omitempty" json:"ipv6,omitempty"`
+}
+
 type volumeMount string
 
 func (v volumeMount) Writable() bool {