Skip to content
/ multipass-vpnkit Public

Inject vpnkit network interface in Canonical Multipass.run

8 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

amine7536/multipass-vpnkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
hack
hack
 
 
vpnkit
vpnkit
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
global.mk
global.mk
 
 

Repository files navigation

multipass-vpnkit

Inject vpnkit network interface in Canonical Multipass.run

Problem

Canonical Multipass.run https://multipass.run/ is great for spawning Ubuntu VM quickly. Unfortunately on MacOS Multipass VMs can't access resources located behind a VPN. This "hack" makes Multipass (hyperkit) play nice with corporate VPNs by using VPNKit https://github.com/moby/vpnkit.

How it works

The idea is to substitute the hyperkit binary by a shell script that injects a secondary network interfaces connected to vpnkit -s 2:1,virtio-vpnkit,path=/var/run/vpnkit.socket. Credit for this technique goes to https://github.com/AlmirKadric-Published/docker-tuntap-osx.

Dependencies

You need to install Docker For Mac https://www.docker.com/docker-mac or manually install VPNKit binary in /usr/local/bin/vpnkit.

Installation

Usage:
  make <target> <variables>

Example:
  make vpnkit

Targets:
  hack     Install hack
  vpnkit   Configure vpnkit

Configure VPNKit

Install io.pixelfactory.vpnkit.plist.

$ make vpnkit
make[1]: Entering directory '/Users/amine/Dev/multipass-vpnkit/vpnkit'
/Library/LaunchDaemons/io.pixelfactory.vpnkit.plist: service already loaded
make[1]: Leaving directory '/Users/amine/Dev/multipass-vpnkit/vpnkit'

Install hack

Move original hyperkit binary to /Library/Application\ Support/com.canonical.multipass/bin/hyperkit.original and replace it with hyperkit.sh.

$ make hack

Usage

You can use Multipass as usual. The script hyperkit.sh will "inject" the network interface virtio-vpnkit,path=/var/run/vpnkit.socket.

# Start your VM
$ multipass launch --name ubuntu

# Configure network
$ multipass exec ubuntu -- bash -c "sudo dhclient enp0s2f1"
cmp: EOF on /tmp/tmp.n9kuxd3EyQ which is empty

# Get ip
$ multipass exec ubuntu -- ifconfig enp0s2f1
enp0s2f1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.66.5  netmask 255.255.255.0  broadcast 192.168.66.255
        inet6 fe80::50:ff:fe00:3  prefixlen 64  scopeid 0x20<link>
        ether 02:50:00:00:00:03  txqueuelen 1000  (Ethernet)
        RX packets 5  bytes 832 (832.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 23  bytes 3614 (3.6 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

You can know access your private resources (behind corporate VPN) from your VM.

Uninstall

sudo -i
cd /Library/Application\ Support/com.canonical.multipass/bin/
mv hyperkit.original hyperkit

About

Inject vpnkit network interface in Canonical Multipass.run

Topics

macos docker ubuntu hyperkit multipass vpnkit

Resources

Readme
Activity

Stars

8 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages