* Port forwarding and `guix system vm`
@ 2020-07-07 18:16 Christopher Lemmer Webber
2020-07-07 19:59 ` Jan Nieuwenhuizen
0 siblings, 1 reply; 4+ messages in thread
From: Christopher Lemmer Webber @ 2020-07-07 18:16 UTC (permalink / raw)
To: help-guix
Hello!
I've been trying to figure out how to do port forwarding with
`guix system vm` and have not (alas) yet succeeded.
Here's what I've tried so far:
# testing forwarding http
`guix system vm guix-config-dustycloud.scm --share=$HOME/tmp/guix-vm-exchange=/exchange` -nic hostfwd=tcp::8088-:80
# testing forwarding ssh
`guix system vm guix-config-dustycloud.scm --share=$HOME/tmp/guix-vm-exchange=/exchange` -nic hostfwd=tcp::10022-:22
In both the case of trying to ssh and trying to access via a web
browser, it just hangs.
I can also add all the rest of the -nic stuff the manual recommends:
`guix system vm guix-config-dustycloud.scm --share=$HOME/tmp/guix-vm-exchange=/exchange` -nic user,model=virtio-net-pci,hostfwd=tcp::8088-:80
... same problem. (However, it looks like the script adds the
virtio-net-pci and stuff these days, so I'm not sure that stuff is
necessary...)
Any ideas?
config looks like:
(operating-system
(host-name "dustycloud")
(timezone "America/")
(locale "en_US.UTF-8")
;; TODO: this will need to switch out depending on if this is in a local VM or not
(bootloader (grub-configuration (target "/dev/sda")))
(file-systems (cons (file-system
(device "/dev/sda1")
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users (cons (user-account
(name "cwebber")
(group "users")
;; Adding the account to the "wheel" group
;; makes it a sudoer.
(supplementary-groups '("wheel"))
(home-directory "/home/cwebber"))
%base-user-accounts))
(packages (cons* tcpdump
nss-certs ;for HTTPS access
gnutls
git
rsync
openssh
lynx
%base-packages))
(services (cons* (service openssh-service-type
(openssh-configuration
(password-authentication? #f)
(authorized-keys
`(("cwebber" ,(local-file "/home/cwebber/.ssh/id_rsa.pub"))))))
(service mcron-service-type
(mcron-configuration (jobs (list %gc-job))))
(service nginx-service-type
(nginx-configuration
(server-blocks
(list (nginx-server-configuration
(server-name '("www.dustycloud.org" "dustycloud.org"))
(root "/srv/http/dustycloud.org")
(listen '("80")))))))
%base-services)))
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Port forwarding and `guix system vm`
2020-07-07 18:16 Port forwarding and `guix system vm` Christopher Lemmer Webber
@ 2020-07-07 19:59 ` Jan Nieuwenhuizen
2020-07-07 20:18 ` Christopher Lemmer Webber
0 siblings, 1 reply; 4+ messages in thread
From: Jan Nieuwenhuizen @ 2020-07-07 19:59 UTC (permalink / raw)
To: Christopher Lemmer Webber; +Cc: help-guix
Christopher Lemmer Webber writes:
Hello!
> Hello!
>
> I've been trying to figure out how to do port forwarding with
> `guix system vm` and have not (alas) yet succeeded.
>
> Here's what I've tried so far:
[..]
> `guix system vm guix-config-dustycloud.scm --share=$HOME/tmp/guix-vm-exchange=/exchange` -nic user,model=virtio-net-pci,hostfwd=tcp::8088-:80
It looks like I definately need the -nic user,model=virtio-net-pci bit,
e.g. this for ssh
/gnu/store/0gdyvca8czl2a62dyfmjjalxhibx53w9-run-vm.sh -nic user,model=virtio-net-pci,hostfwd=tcp::10022-:22
> ... same problem. (However, it looks like the script adds the
> virtio-net-pci and stuff these days, so I'm not sure that stuff is
> necessary...)
>
> Any ideas?
After trying and looking at your config...yeah,
> config looks like:
>
> (operating-system
[...]
> (services (cons* (service openssh-service-type
> (openssh-configuration
> (password-authentication? #f)
> (authorized-keys
> `(("cwebber" ,(local-file "/home/cwebber/.ssh/id_rsa.pub"))))))
> (service mcron-service-type
> (mcron-configuration (jobs (list %gc-job))))
> (service nginx-service-type
> (nginx-configuration
> (server-blocks
> (list (nginx-server-configuration
> (server-name '("www.dustycloud.org" "dustycloud.org"))
> (root "/srv/http/dustycloud.org")
> (listen '("80")))))))
> %base-services)))
You want to add something like
(service dhcp-client-service-type)
This config worked for me:
--8<---------------cut here---------------start------------->8---
(use-modules (gnu))
(use-service-modules networking ssh web)
(use-package-modules admin certs screen ssh tls)
(operating-system
(host-name "dustycloud")
(timezone "America/")
(locale "en_US.UTF-8")
;; TODO: this will need to switch out depending on if this is in a local VM or not
(bootloader (grub-configuration (target "/dev/sda")))
(file-systems (cons (file-system
(device "/dev/sda1")
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users (cons (user-account
(name "janneke")
(group "users")
;; Adding the account to the "wheel" group
;; makes it a sudoer.
(supplementary-groups '("wheel"))
(home-directory "/home/janneke"))
%base-user-accounts))
(packages (cons* nss-certs ;for HTTPS access
openssh-sans-x
%base-packages))
(services (cons*
(service dhcp-client-service-type)
(service openssh-service-type
(openssh-configuration
(openssh openssh-sans-x)
(password-authentication? #f)
(authorized-keys
`(("janneke" ,(local-file "/home/janneke/.ssh/id_rsa.pub"))))))
(service nginx-service-type
(nginx-configuration
(server-blocks
(list (nginx-server-configuration
(server-name '("www.dustycloud.org" "dustycloud.org"))
(root "/srv/http")
(listen '("80")))))))
%base-services)))
--8<---------------cut here---------------end--------------->8---
In our chat on IRC I mentioned that adding this "-nic user,virtio-net-pci bit",
I mentioned that this gives me two eth devices:
--8<---------------cut here---------------start------------->8---
eth0 Link encap:Ethernet HWaddr 52:54:00:12:34:56
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1314 TX bytes:1286
eth1 Link encap:Ethernet HWaddr 52:54:00:12:34:57
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11 errors:0 dropped:0 overruns:0 frame:0
TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1784 TX bytes:1706
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:0.0.0.0 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 TX bytes:0
--8<---------------cut here---------------end--------------->8---
I noticed this yesterday while struggled similarly, and found that
removing this bit from run-sh; like so:
--8<---------------cut here---------------start------------->8---
sed 's,-nic user[^ ]* ,,' /gnu/store/j8fqc160diq82da7913gpdlcjca45rhz-run-vm.sh > run-vm.sh
--8<---------------cut here---------------end--------------->8---
and running "run-vm.sh, will create only eth0. I blamed this second
eth1 device for my ssh'ing troubles...but I cannot reproduce that
today...dunno!
Greetings,
Janneke
--
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Port forwarding and `guix system vm`
2020-07-07 19:59 ` Jan Nieuwenhuizen
@ 2020-07-07 20:18 ` Christopher Lemmer Webber
2020-07-07 23:21 ` Christopher Lemmer Webber
0 siblings, 1 reply; 4+ messages in thread
From: Christopher Lemmer Webber @ 2020-07-07 20:18 UTC (permalink / raw)
To: Jan Nieuwenhuizen; +Cc: help-guix
Jan Nieuwenhuizen writes:
> You want to add something like
>
> (service dhcp-client-service-type)
... doh, I can't believe I missed that. Thank you!
>
> In our chat on IRC I mentioned that adding this "-nic user,virtio-net-pci bit",
> I mentioned that this gives me two eth devices:
>
> --8<---------------cut here---------------start------------->8---
> eth0 Link encap:Ethernet HWaddr 52:54:00:12:34:56
> inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:3 errors:0 dropped:0 overruns:0 frame:0
> TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:1314 TX bytes:1286
>
> eth1 Link encap:Ethernet HWaddr 52:54:00:12:34:57
> inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:11 errors:0 dropped:0 overruns:0 frame:0
> TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:1784 TX bytes:1706
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Bcast:0.0.0.0 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:65536 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:0 TX bytes:0
> --8<---------------cut here---------------end--------------->8---
I'm also seeing a duplicate network device as above. (Not sure if it's
causing problems or not.)
> I noticed this yesterday while struggled similarly, and found that
> removing this bit from run-sh; like so:
>
> --8<---------------cut here---------------start------------->8---
> sed 's,-nic user[^ ]* ,,' /gnu/store/j8fqc160diq82da7913gpdlcjca45rhz-run-vm.sh > run-vm.sh
> --8<---------------cut here---------------end--------------->8---
>
> and running "run-vm.sh, will create only eth0. I blamed this second
> eth1 device for my ssh'ing troubles...but I cannot reproduce that
> today...dunno!
>
> Greetings,
> Janneke
It does seem like having two network devices bound to the same address
would be ripe for a heisenbug though, right? So maybe...
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Port forwarding and `guix system vm`
2020-07-07 20:18 ` Christopher Lemmer Webber
@ 2020-07-07 23:21 ` Christopher Lemmer Webber
0 siblings, 0 replies; 4+ messages in thread
From: Christopher Lemmer Webber @ 2020-07-07 23:21 UTC (permalink / raw)
Cc: help-guix
Christopher Lemmer Webber writes:
> Jan Nieuwenhuizen writes:
>
>> In our chat on IRC I mentioned that adding this "-nic user,virtio-net-pci bit",
>> I mentioned that this gives me two eth devices:
>>
>> --8<---------------cut here---------------start------------->8---
>> eth0 Link encap:Ethernet HWaddr 52:54:00:12:34:56
>> inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:3 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:1000
>> RX bytes:1314 TX bytes:1286
>>
>> eth1 Link encap:Ethernet HWaddr 52:54:00:12:34:57
>> inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:11 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:1000
>> RX bytes:1784 TX bytes:1706
>>
>> lo Link encap:Local Loopback
>> inet addr:127.0.0.1 Bcast:0.0.0.0 Mask:255.0.0.0
>> UP LOOPBACK RUNNING MTU:65536 Metric:1
>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:1000
>> RX bytes:0 TX bytes:0
>> --8<---------------cut here---------------end--------------->8---
>
> I'm also seeing a duplicate network device as above. (Not sure if it's
> causing problems or not.)
>
>> I noticed this yesterday while struggled similarly, and found that
>> removing this bit from run-sh; like so:
>>
>> --8<---------------cut here---------------start------------->8---
>> sed 's,-nic user[^ ]* ,,' /gnu/store/j8fqc160diq82da7913gpdlcjca45rhz-run-vm.sh > run-vm.sh
>> --8<---------------cut here---------------end--------------->8---
>>
>> and running "run-vm.sh, will create only eth0. I blamed this second
>> eth1 device for my ssh'ing troubles...but I cannot reproduce that
>> today...dunno!
>>
>> Greetings,
>> Janneke
>
> It does seem like having two network devices bound to the same address
> would be ripe for a heisenbug though, right? So maybe...
See bug#42252 for a continued discussion fo this issue.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-07-07 23:21 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-07-07 18:16 Port forwarding and `guix system vm` Christopher Lemmer Webber
2020-07-07 19:59 ` Jan Nieuwenhuizen
2020-07-07 20:18 ` Christopher Lemmer Webber
2020-07-07 23:21 ` Christopher Lemmer Webber
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.