Closed jrparks closed 3 months ago
If the container is failing to start (or remain started), you can use this process to see if you can find any errors
https://github.com/kasmtech/workspaces-issues/issues/444#issuecomment-1736460285
Its possible you may need to add the following to your docker run config for the workspaces
{
"extra_hosts": {
"proxy": "<your kasm server's ip>"
}
}
Well adding in the extra_hosts configuration allowed me to load up the container however its not using the tunnel to go out to the internet as the external IP address is not correct. I can verify that by running a curl ipinfo.io/json in a terminal within the container. I also confirmed the DNS's are not using the VPN provider DNS and they are exposed.
Also to ensure everything was pristine as possible I built a fresh install of Kasm 1.15. I loaded in my custom VPN container and tried a default workplace image using the 1.15 images and they have the same problem, they are not using the VPN. When I tried with an old 1.14 image it worked. The problem is within the new image build for sure.
I enabled root on the container image, logged in and from a terminal and ran: bash -c 'ip route delete default && ip route add default via 172.20.0.2'. That allowed me to change the default route manually from the terminal and I could go through the tunnel. For some reason the Docker Exec config is not running the cmd on first launch. Obviously doing that manually is not going to work so I need to figure out what is causing the command not to run during first_launch.
Well I just downloaded the core 1.15 git repo and tried to build it and got the following error:
=> [base_layer 46/74] COPY ./src/ubuntu/install/squid/install/ /dockerstartup/install/ 0.1s => ERROR [base_layer 47/74] RUN bash /dockerstartup/install/squid_install/install_squi 5.1s [base_layer 47/74] RUN bash /dockerstartup/install/squid_install/install_squid.sh && rm -rf /dockerstartup/install/squid_install/: 0.228 ++ sed s/x86_64/amd64/g 0.230 ++ arch 0.231 ++ sed s/aarch64/arm64/g 0.231 + ARCH=amd64 0.232 + [[ amd64 == \a\r\m\6\4 ]] 0.232 + LIBSSLURL=http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.21_amd64.deb 0.232 + SQUID_COMMIT=1149fc830c7edcb383eec390cce2beba16befde5 0.232 ++ grep -q Jammy /etc/os-release 0.233 + wget -qO- https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/1149fc830c7edcb383eec390cce2beba16befde5/output/kasm-squid-builder_amd64.tar.gz 0.233 + tar -xzf - -C / 2.026 + wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.21_amd64.deb -O libssl1.1.amd64.deb 2.029 --2024-02-28 18:42:51-- http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.21_amd64.deb 2.029 Resolving archive.ubuntu.com (archive.ubuntu.com)... 91.189.91.81, 185.125.190.36, 185.125.190.39, ... 2.073 Connecting to archive.ubuntu.com (archive.ubuntu.com)|91.189.91.81|:80... connected. 2.142 HTTP request sent, awaiting response... 404 Not Found 2.210 2024-02-28 18:42:52 ERROR 404: Not Found. 2.210
dockerfile-kasm-core:105 103 | ### Install Squid 104 | COPY ./src/ubuntu/install/squid/install/ $INST_SCRIPTS/squid_install/ 105 | >>> RUN bash $INST_SCRIPTS/squid_install/install_squid.sh && rm -rf $INST_SCRIPTS/squid_install/ 106 | COPY ./src/ubuntu/install/squid/resources/*.conf /etc/squid/ 107 | COPY ./src/ubuntu/install/squid/resources/start_squid.sh /etc/squid/start_squid.sh ERROR: failed to solve: process "/bin/sh -c bash $INST_SCRIPTS/squid_install/install_squid.sh && rm -rf $INST_SCRIPTS/squid_install/" did not complete successfully: exit code: 8
#######***####### I made a change to install_squid.sh to resolve this on my copy below:
if [[ "${ARCH}" == "arm64" ]]; then LIBSSLURL="http://ports.ubuntu.com/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.22_arm64.deb" else LIBSSLURL="http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.22_amd64.deb" fi
I will continue looking further when I get a few minutes.
Thank you. The libssl issue is unrelated to the VPN sidecar issue. We are tracking both and working on a fix.
They should be out in a day or so
I believe we have a fix in the develop
tags. Can you please try ?
e.g kasmweb/brave:develop
I just tested and it is working. Nice work!
There are other errors I see in the log of the container you are going to want to investigate as well unrelated to the VPN issue. I could post them here but they don't appear related to the VPN issue.
Hello,
The sidecar VPN is no longer working with the 1.15 Ubuntu images, the images just hang. If I remove the Docker Exec Config it will start however the network is not going over the VPN network.
{ "first_launch": { "user": "root", "privileged": true, "cmd": "bash -c 'ip route delete default && ip route add default via 172.20.0.2'" } }
I still have the 1.14-Rolling images and they work fine still even on the new version of Kasm.
Would someone have a look at this please?
Thank you