search

crc-org / crc

CRC is a tool to help you run containers. It manages a local OpenShift 4.x cluster, Microshift or a Podman VM optimized for testing and development purposes
https://crc.dev
Apache License 2.0
1.26k stars 241 forks source link

Changes to config option `host-network-access` should work without re-starting the daemon #3367

Open anjannath opened 2 years ago

anjannath commented 2 years ago

Setting the host-network-access config option allows access to services running in the host from the vm but changes to this only takes place when the daemon is started/re-started https://github.com/code-ready/crc/blob/c5926eb68da0e8c7e0c1b6aff7efd5b6c42069b0/cmd/crc/cmd/daemon.go#L108-L114

if there's a daemon already running changes to this config doesn't kick-in unless user runs crc cleanup and then crc setup or manually restarts the daemon, this is not a good experience as with our current flow on a clean installation crc setup is handled by an on-boarding wizard and that doesn't expose this config option so users end up running crc setup twice in any case

It'd be nicer if changes to this config option didn't require a user to run cleanup & setup and was handled internally by crc

or we could just keep it enabled always like done in gvproxy for podman: https://github.com/containers/gvisor-tap-vsock/blob/5b1aff8ba74374aeb62eaa06faa496faf2c56d74/cmd/gvproxy/main.go#L196-L198

Note: this config option needs to be set to 'true' to enable CIFS file sharing support on windows

praveenkumar commented 2 years ago

We can enable it by default because it is host to vm communication, if user don't want they can use config option to set it false.

anjannath commented 2 years ago

We can enable it by default because it is host to vm communication, if user don't want they can use config option to set it false.

I'd also be okay with enabling it by default just for windows since we only need it there

praveenkumar commented 2 years ago

We can enable it by default because it is host to vm communication, if user don't want they can use config option to set it false.

I'd also be okay with enabling it by default just for windows since we only need it there

I would say just go for every platform not only for windows, we already have config option if someone wants to disable this.

cfergeau commented 2 years ago

The option was added to keep some isolation between the VM and the host. In comparison, with system networking, you don't have access to the host ports from the VM by default. If crc config set went through the daemon, it would hopefully be possible to dynamically change it. Maybe something can be done with https://github.com/spf13/viper#watching-and-re-reading-config-files ? Though this API was very racy last I checked, so maybe not a good option.