mwindower
commented
1 year ago This should be mergeable now? @Gerrit91
Open GrigoriyMikhalkin opened 1 year ago
mwindower
commented
1 year ago This should be mergeable now? @Gerrit91
Gerrit91
commented
1 year ago Requires next release of metal-images and pinning or changing to latest stable image, also needs rebase.
Gerrit91
commented
1 year ago @GrigoriyMikhalkin Can this be updated to current release state?
GrigoriyMikhalkin
commented
1 year ago @Gerrit91 Ready to merge)
Gerrit91
commented
1 year ago Just tried it out once again but somehow I could not connect from my local machine, which should be possible, right? I am using the latest head of metalctl.
This is the state:
❯ m machine ls
ID LAST EVENT WHEN AGE HOSTNAME PROJECT SIZE IMAGE PARTITION
e0ab02d2-27cd-5a5e-8efc-080ba80cf258 Waiting 2s v1-small-x86 mini-lab
2294c949-88f6-5390-8154-fa53d93a3313 🛡️ Phoned Home 27s 6m 19s fw 00000000-0000-0000-0000-000000000000 v1-small-x86 Firewall 2 Ubuntu 20221025 mini-lab
❯ make console-machine02
exit console with CTRL+5 and then quit telnet through q + ENTER
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
fw login: metal
Password: ...
metal@fw:~$ sudo -i
root@fw:~# tailscale status
0.0.0.1 2294c949-88f6-5390-8154-fa53d93a3313-hkfygtpd 00000000-0000-0000-0000-000000000000 linux -
❯ k -n metal-control-plane exec -it headscale-775c49cff8-rjhhm -- headscale nodes list
An updated version of Headscale has been found (0.17.0-beta2 vs. your current 0.17.0-alpha4). Check it out https://github.com/juanfont/headscale/releases
ID | Hostname | Name | NodeKey | Namespace | IP addresses | Ephemeral | Last seen | Online | Expired
1 | 2294c949-88f6-5390-8154-fa53d93a3313 | 2294c949-88f6-5390-8154-fa53d93a3313-hkfygtpd | [drhV6] | 00000000-0000-0000-0000-000000000000 | 0.0.0.1, fd7a:115c:a1e0::1 | false | 2022-11-10 15:54:24 | online | no
❯ m firewall ssh 2294c949-88f6-5390-8154-fa53d93a3313 -i files/ssh/id_rsa 16:47:57
accessing firewall through vpn ..........^C
# nothing happening anymore@Gerrit91 Sorry, my last comment was very much wrong. metalctl actually receives the Headscale address from metal-api.
I tested tailscale connection with latest metalctl version. Worked for me:
accessing firewall through vpn .... connected to e0ab02d2-27cd-5a5e-8efc-080ba80cf258 (ip fd7a:115c:a1e0::1) took: 889.111563msStrange that my firewall received an IPv4 address.
majst01
commented
1 year ago Strange that my firewall received an IPv4 address.
headscale_ip_prefixes is not specified and therefor both addressfamilies are supported
Gerrit91
commented
1 year ago I specified the prefixes now and also added them to the suggestion. Then, the firewall will get only an IPv6 address. However, connecting through metalctl still does not work for me. @majst01 Maybe you can try it out as well and tell me if it works for you such that we can narrow down if this problem only exists for me or not?
Gerrit91
commented
1 year ago @majst01 Ping?
Looks good now. We will now wait for the metal-images PR to be merged, adapt the image URL and then we can merge.