Private network not getting set up running under WSL2 (same Vagrantfile fine under Windows Vagrant)

[geerlingguy]

Vagrant version

Vagrant 2.2.9

Host operating system

Windows 10 (2004, May 2020)

Guest operating system

Ubuntu 16.04 (tried with others).

Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :

VAGRANTFILE_API_VERSION = "2"

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.box = "geerlingguy/ubuntu1604"
  config.vm.network :private_network, ip: "172.16.88.8"
  config.ssh.insert_key = false

  config.vm.synced_folder '.', '/vagrant', disabled: true

  config.vm.provider :virtualbox do |v|
    # For debugging.
    v.gui = true
    v.memory = 1024
  end
end

Debug output

https://gist.github.com/geerlingguy/2ccba46ce0c16d049d068cb2157d92dc

Expected behavior

The VirtualBox VM should be started, Vagrant should be able to connect to it (instead I get default: Warning: Connection refused. Retrying... over and over, and I can't connect via SSH), and the private network interface should be added (172.16.88.8).

Actual behavior

• Vagrant inside WSL2 can't connect to the VM it just started.
• Manually logging into the VM via VirtualBox GUI reveals only the NAT interface (10.0.2.15) and localhost:

Note that when I run vagrant up under the Windows environment via PowerShell, the correct interfaces are brought up, and Vagrant is able to connect to the VM:

Steps to reproduce

1. Install WSL2 on Windows 10 (2004), with Ubuntu bash
2. Create a directory with the above Vagrantfile in it
3. Download and install Vagrant for Linux in the WSL2 environment (regardless of it being installed in Windows)
4. Run vagrant up

References

• https://github.com/geerlingguy/ansible-for-devops/issues/291

[geerlingguy]

I also tried:

1. Run vagrant up in Powershell.
2. Run vagrant ssh in WSL2.

But I get the error message:

$ vagrant ssh
==> default: This machine used to live in C:/Users/jgeerling/Downloads/ansible-101/episode-14/ansible-for-devops/drupal but it's now at /mnt/c/Users/jgeerling/Downloads/ansible-101/episode-14/ansible-for-devops/drupal.
==> default: Depending on your current provider you may need to change the name of
==> default: the machine to run it as a different machine.

So I also tried vagrant provision inside WSL2, but Ansible couldn't connect to the localhost IP:

fatal: [default]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host 127.0.0.1 port 2222: Connection refused", "unreachable": true}

So then I tried using raw SSH:

$ ssh -p 2222 vagrant@127.0.0.1
ssh: connect to host 127.0.0.1 port 2222: Connection refused

But if I started the VM via Powershell (which sets up the host-only private network correctly, unlike in WSL2), I can connect via raw SSH inside WSL2 through that private network:

$ ssh vagrant@172.16.88.8
vagrant@172.16.88.8's password:
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 4.4.0-142-generic x86_64)

vagrant@drupal:~$

So it looks like maybe a network boundary issue when vagrant is running inside WSL? It seems that 127.0.0.1 won't resolve through to Windows at all (maybe it only resolves to the Ubuntu environment), and additionally, Vagrant running inside WSL2 is unable to set up the private network on 172.16.88.8 in VirtualBox, which is running in the Windows environment?

[geerlingguy]

Just as a note, I am able to get vagrant provision to run with an Ansible provisioner inside WSL2 on a machine that I started using vagrant up over in Windows, but I had to create a custom Ansible inventory file and set that in the provisioner config, then I also had to copy the insecure_private_key into a path on the Linux filesystem so I could modify its permissions (otherwise it's always 0777 and SSH fails since the key is open to everyone), and then I set the key file path in Ansible's inventory config, so in the end, I can hack around things to get Ansible-based provisioning working through Vagrant on WSL2 with a VM that was built using Vagrant in Powershell, but this setup is not very portable and requires a lot of hand-wringing.

See full details of the workaround in this comment: https://github.com/geerlingguy/ansible-for-devops/issues/291#issuecomment-648847520

[brettt89]

I too am facing the same problem on 2.2.9. However I am unable to run vagrant up in Powershell as I just get the error below.

         1: from C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/plugins/hosts/suse/host.rb:20:in `open'
C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/plugins/hosts/suse/host.rb:20:in `initialize': Cannot translate name. @ rb_sysopen - /etc/os-release (Errno::ELOOP)

Otherwise experiencing same "missing network" on VM + WSL + Host as experienced in OP. Same Windows verison, same Vagrant verison, etc.

[faisalburhanudin]

it's looks like vagrant cannot access network file in wsl 2, when I move vagrant file to windows directory, its work properly.

wsl directory from powershell

PS Microsoft.PowerShell.Core\FileSystem::\\wsl$\Ubuntu\home\faisal\workspace\src\github.com\faisalburhanudin\vagrant-sample> vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
Traceback (most recent call last):
        20: from C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/lib/vagrant/batch_action.rb:86:in `block (2 levels) in run'
        19: from C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/lib/vagrant/machine.rb:198:in `action'
        18: from C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/lib/vagrant/machine.rb:198:in `call'
        17: from C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/lib/vagrant/environment.rb:613:in `lock'
        16: from C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/lib/vagrant/machine.rb:212:in `block in action'
        15: from C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/lib/vagrant/machine.rb:240:in `action_raw'
        14: from C:/HashiCorp/Vagrant/embedded/gems/2.2.9/gems/vagrant-2.2.9/lib/vagrant/action/runner.rb:34:in `run'

windows directory

PS C:\Users\faisal\Documents\test> vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'generic/ubuntu2004' could not be found. Attempting to find and install...
    default: Box Provider: virtualbox
    default: Box Version: >= 0
==> default: Loading metadata for box 'generic/ubuntu2004'
    default: URL: https://vagrantcloud.com/generic/ubuntu2004
==> default: Adding box 'generic/ubuntu2004' (v3.0.20) for provider: virtualbox
    default: Downloading: https://vagrantcloud.com/generic/boxes/ubuntu2004/versions/3.0.20/providers/virtualbox.box
Download redirected to host: vagrantcloud-files-production.s3.amazonaws.com

[AMoghrabi]

Hey, I was wondering if anyone happened to get around this? It seems like a vagrant/wsl2 limitation but here's to hoping 🤞

[ebelfer2020]

I have the same problem in I get Warning Connection refused. Retrying. I can ssh log into the created machine with Putty.

Bringing machine 'web01' up with 'virtualbox' provider... ==> web01: Clearing any previously set forwarded ports... ==> web01: Clearing any previously set network interfaces... ==> web01: Preparing network interfaces based on configuration... web01: Adapter 1: nat ==> web01: Forwarding ports... web01: 80 (guest) => 8080 (host) (adapter 1) web01: 22 (guest) => 2222 (host) (adapter 1) ==> web01: Running 'pre-boot' VM customizations... ==> web01: Booting VM... ==> web01: Waiting for machine to boot. This may take a few minutes... web01: SSH address: 127.0.0.1:2222 web01: SSH username: vagrant web01: SSH auth method: private key web01: Warning: Connection refused. Retrying...

Vagrantfile Vagrant.configure("2") do |config| config.vm.define "web01" do |web01| web01.vm.box = "v0rtex//xenial64" web01.vm.network "forwarded_port", guest: 80, host: 8080 web01.vm.hostname = "web01" web01.ssh.forward_agent = true web01.ssh.port = 2222 web01.vm.synced_folder ".", "/vagrant", disabled: true web01.vm.provider "virtualbox" do |vb| vb.memory = "1024" end web01.vm.provision "ansible" do |ansible| ansible.playbook = "playbook.yml" end end

Distributor ID: Ubuntu Description: Ubuntu 20.04.1 LTS Release: 20.04 Codename: focal

[hstandeffer]

Is there any update on this? I've spent two days trying to configure WSL2 with Vagrant and am constantly having the same issue for Ansible's connection to localhost being refused. I've tried multiple fixes suggested and none of made any progress. I can see the box is running and can connect it to it using username and password in the virtualbox interface, but this always hangs on this step and refuses the connection and throws the following:

System info: Ansible 2.8.0; Vagrant 2.2.14; Linux Trellis version (per changelog): "Validate that letsencrypt_contact_emails is a list"

Failed to connect to the host via ssh: ssh: connect to host 127.0.0.1 port 2200: Connection refused fatal: [default]: UNREACHABLE! => {"changed": false, "unreachable": true}

Constant problems like this with workarounds that don't actually work are making Vagrant very frustrating to use with WSL2.

[vecin2]

I've just encountered the same issue

[rajeshvt]

I've the exact same issue with virtualbox provider. any help is greatly appreciated.

[oscarmparedes]

Same thing here. ssh from wsl2 times out on first vagrant up, even disabling key authentication and fallback to password.

[nmofonseca]

I have the same problem, to be honest I am suprised that his hasn't been picked up by the Hashicopr Vagrant team, since this will be something that a lot of people would like to be able to use, many of us are moving to mainly using the WLS2 instead of the windows itself and to be able to use Vagrant from inside it will certainly keep Vagrant very much alive.

[egarbi]

It seems to me this is nothing to do with Vagrant itself. The problem is in WSL2 you simply can't reach windows through localhost:port See the details here: https://github.com/microsoft/WSL/issues/4619 The only workaround that worked for me was running a socat just after vagrant forward the port (22 -> 2222)

This would be the exact steps: Download socat for windows from here

Extract the zip into a file that can be accessible from WSL2 (ie: /mnt/c/Users/your-user)

Run the molecule test from WSL2 molecule test --scenario-name vagrant --destroy==never

Check your logs until the port forwarding is done

==> rhel-7: Preparing network interfaces based on configuration...
    rhel-7: Adapter 1: nat
==> ing-rhel-7: Forwarding ports...
    rhel-7: 22 (guest) => 2222 (host) (adapter 1)
==> rhel-7: Running 'pre-boot' VM customizations...
==> rhel-7: Booting VM...
==> rhel-7: Waiting for machine to boot. This may take a few minutes...
    rhel-7: SSH address: 127.0.0.1:2222
    rhel-7: SSH username: vagrant
    rhel-7: SSH auth method: private key

Now run the following command to make localhost in Windows available from WSL2 socat tcp-listen:2222,fork exec:"/mnt/c/Users/your-user/socat/socat.exe - tcp\:localhost\:2222"

Of course, this is far from ideal, but I hope it helps to understand better the limitations.

[nusserstudios]

I was actually able to get Roots Trellis to work with this vagrant plugin - virtualbox_WSL2. Hopefully this helps someone as well. I struggled for months trying to get VirtualBox and Vagrant to work in Windows 10. It's really a WSL issue however, not Vagrant.

[aarfe]

As @nusserstudios mentions, I was also able to get it to work using the virtualbox_WSL2 plugin. Hopefully we'll need the plugin only as a workaround until this gets fixed in WSL2

[kkeane]

As @nusserstudios suggested, virtualbox_WSL2 worked for me. However, the Windows firewall still blocked access. I had to use the following PowerShell script to finally get everything to work the way I needed (you may also need to add other ports besides 53).

$adapters=(Get-NetAdapter | Where-Object Name -like 'vEthernet*')

Set-NetFirewallProfile -DisabledInterfaceAliases $adapters.Name

# For VirtualBox, we also need to allow DNS to/from anywhere
# If security is a concern, you could also set -RemoteAddress but we do not do that here
# for flexibility
New-NetFirewallRule -Name UsdDNSReq  -DisplayName "Allow DNS Req" -Direction Inbound  -LocalPort 53 -Protocol UDP -Action Allow
New-NetFirewallRule -Name UsdDNSResp -DisplayName "Allow DNS Resp" -Direction Inbound -RemotePort 53 -Protocol UDP -Action Allow
New-NetFirewallRule -Name UsdDNSTCPReq  -DisplayName "Allow DNS TCP Req" -Direction Inbound  -LocalPort 53 -Protocol TCP -Action Allow
New-NetFirewallRule -Name UsdDNSTCPResp -DisplayName "Allow DNS TCP Resp" -Direction Inbound -RemotePort 53 -Protocol TCP -Action Allow

I also found that virtualbox_WSL2 is not compatible with another plugin I'm using (landrush).

[andsus]

WSL2 has issue with Cisco AnnyConnect, which prevented to connect to internet. It's a show stopper bug for going forward. However if I need running Docker Desktop, it's rely on WSL2. The work around is to have WSL1 and and WSL2. Running Ansible in Window is a real pain. Does anyone have Vagrant with Window Hyper-V Hypervisor Provider for Vagrant successfully? VirtualBox 6.1 has it's own issue starting session. Sometime successful, other time not so. At home, for the Ansible for DevOps practitioner here, I use Ubuntu or Centos with libvert, kvm, really great. For work, stuck with Window laptop :)

[kkeane]

For me, Vagrant + Hyper-V + WSL 2 works beautifully in Windows, with one exception: vagrant up always asks me which switch to use.

If you prefer VirtualBox, VirtualBox 6.1.22 and later seem to finally work, at least most of the time.

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Tuesday, August 24th, 2021 at 10:29 PM, Andre Susantin @.***> wrote:

WSL2 has issue with Cisco AnnyConnect, which prevented to connect to internet. It's a show stopper bug for going forward. However if I need running Docker Desktop, it's rely on WSL2. The work around is to have WSL1 and and WSL2. Running Ansible in Window is a real pain. Does anyone have Vagrant with Window Hyper-V Hypervisor sucessfully? VirtualBox 6.1 has it's own issue starting session. Sometime successful, other time not so. At home, for the Ansible for DevOps practitioner here, I use Ubuntu or Centos with libvert, kvm, really great. For work, stuck with Window laptop :)

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.

[laurigates]

For me, Vagrant + Hyper-V + WSL 2 works beautifully in Windows, with one exception: vagrant up always asks me which switch to use. If you prefer VirtualBox, VirtualBox 6.1.22 and later seem to finally work, at least most of the time.

You should be able to use the Default Network Interface setting to remove the need of selecting the switch manually :)

Example: config.vm.network "public_network", bridge: "Default Switch"

[kkeane]

I have that setting, but unfortunately, the Hyper-V provider ignores it. I believe it's listed as a known issue.

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Wednesday, August 25th, 2021 at 12:01 AM, Lauri Gates @.***> wrote:

For me, Vagrant + Hyper-V + WSL 2 works beautifully in Windows, with one exception: vagrant up always asks me which switch to use. If you prefer VirtualBox, VirtualBox 6.1.22 and later seem to finally work, at least most of the time.

You should be able to use the Default Network Interface setting to remove the need of selecting the switch manually :)

Example: config.vm.network "public_network", bridge: "Default Switch"

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.

[staedter]

As @nusserstudios suggested, virtualbox_WSL2 worked for me. However, the Windows firewall still blocked access. I had to use the following PowerShell script to finally get everything to work the way I needed (you may also need to add other ports besides 53).

$adapters=(Get-NetAdapter | Where-Object Name -like 'vEthernet*')

Set-NetFirewallProfile -DisabledInterfaceAliases $adapters.Name

# For VirtualBox, we also need to allow DNS to/from anywhere
# If security is a concern, you could also set -RemoteAddress but we do not do that here
# for flexibility
New-NetFirewallRule -Name UsdDNSReq  -DisplayName "Allow DNS Req" -Direction Inbound  -LocalPort 53 -Protocol UDP -Action Allow
New-NetFirewallRule -Name UsdDNSResp -DisplayName "Allow DNS Resp" -Direction Inbound -RemotePort 53 -Protocol UDP -Action Allow
New-NetFirewallRule -Name UsdDNSTCPReq  -DisplayName "Allow DNS TCP Req" -Direction Inbound  -LocalPort 53 -Protocol TCP -Action Allow
New-NetFirewallRule -Name UsdDNSTCPResp -DisplayName "Allow DNS TCP Resp" -Direction Inbound -RemotePort 53 -Protocol TCP -Action Allow

I also found that virtualbox_WSL2 is not compatible with another plugin I'm using (landrush).

Thanks! Those firewall rules for the windows host solved my connection problem. And now vagrant + virtualbox + wsl2 works like a charm when using the virtualbox_WSL2 plugin for vagrant!

[songhanpoo]

Me too, do you have any solution for that ? Im stuck network access to instance on virtualbox. I have tried vagrant wsl plugin -> failed

WSL2 has issue with Cisco AnnyConnect, which prevented to connect to internet. It's a show stopper bug for going forward. However if I need running Docker Desktop, it's rely on WSL2. The work around is to have WSL1 and and WSL2. Running Ansible in Window is a real pain. Does anyone have Vagrant with Window Hyper-V Hypervisor Provider for Vagrant successfully? VirtualBox 6.1 has it's own issue starting session. Sometime successful, other time not so. At home, for the Ansible for DevOps practitioner here, I use Ubuntu or Centos with libvert, kvm, really great. For work, stuck with Window laptop :)