Kubernetes

Question

Kubernetes

fniko opened this issue 5 years ago · comments

Describe the bug
I am unable to run this image in Kubernetes, the pod keeps failing with CrashLoopBackOff and the logs says level=fatal msg="operation not supported" only. Do you have any advice about how to troubleshoot this?

To Reproduce
Steps to reproduce the behavior:

Create deployment.yml
kubectl apply -f deployment.yml

Expected behavior
The pod should start

Code
Describe pod

apiVersion: apps/v1
kind: Deployment
metadata:
  name: wireguard
spec:
  replicas: 1
  selector:
    matchLabels:
      component: wireguard
  template:
    metadata:
      labels:
        component: wireguard
    spec:
      volumes:
        - name: wg-data
          persistentVolumeClaim:
            claimName: wg-pv-claim
      containers:
        - name: wg-ui
          image: "embarkstudios/wireguard-ui"
          command: ["/wireguard-ui"]
          securityContext:
            privileged: true
          ports:
            - containerPort: 8080
              name: gui
            - containerPort: 5555
              name: wireguard
          volumeMounts:
            - mountPath: /data
              name: wg-data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: wg-pv-claim
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 2Gi
---
apiVersion: v1
kind: Service
metadata:
  name: wireguard
  labels:
    component: wireguard
spec:
  ports:
    - name: gui
      port: 8080
      targetPort: 8080
    - name: wireguard
      port: 5555
      targetPort: 5555
  selector:
    component: wireguard
  type: LoadBalancer

Do you have any tips how to run in k8s or debug?

Fredrik Grönqvist · Answer 1 · Wed Jan 22 2020 16:12:15 GMT+0800 (China Standard Time)

Hi @fniko,

Thanks for creating an issue. We are currently running this in Kubernetes internally. I will look into creating an example within the upcoming weeks. Do you have wireguard installed on the node you have the ui running?

fniko · Answer 2 · Mon Jan 27 2020 19:18:05 GMT+0800 (China Standard Time)

Hi @freddd, thank you for the response.
I am not aware about wireguard presence on the node, however, I supposed this is not mandatory.
I tried to run the UI locally (host machine does not have wg either) and it just worked.

I believe installing the wg on the node is not possible, because of autoscaling etc.

Markus Viitamäki · Answer 3 · Thu Jul 23 2020 18:53:05 GMT+0800 (China Standard Time)

We have now merged #82 which was provided by @m0ssc0de
This will enable you to run a version of wg-ui in kubernetes or other platforms where your host does not have the wireguard kernel module enabled.

The new image you will find over at docker hub (embarkstudios/wireguard-ui:userspace)

Feel free to give it a try!

Markus Viitamäki · Answer 4 · Fri Jul 24 2020 04:20:59 GMT+0800 (China Standard Time)

@fniko if you still have a problem with this, could you give it a try using the new docker image?

fniko · Answer 5 · Sun Jul 26 2020 18:58:00 GMT+0800 (China Standard Time)

@suom1 Hello, since it is a very long time, I switched to another approach using sole Docker containers.
If I get into this, I will let you know.