Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: Radxa Rock 5 ARM64 fails to initialize wg tunnel pod #20

Open
henryabra opened this issue Apr 26, 2023 · 5 comments
Open

Bug: Radxa Rock 5 ARM64 fails to initialize wg tunnel pod #20

henryabra opened this issue Apr 26, 2023 · 5 comments
Labels
bug Something isn't working

Comments

@henryabra
Copy link

Please provide a clear and concise description of the issue you are experiencing with GuardLlama.

While trying to install GuardLLama on a Rock 5 (raspberry pi like SBC), WG pod fails to initialize.
The OS installed is a custom build of Ubuntu Focal
uname -v = #rockchip SMP Mon Feb 6 09:18:21 UTC 2023

Please provide the steps to reproduce the issue.

  1. install via: curl -sfL https://get.guardllama.net | sh -
  2. access web ui
  3. add tunnel

Please describe the behavior you expected when performing the steps above.

init-wireguard-module.sh theoretically should work with arm64 ubuntu focal

Please describe the actual behavior you observed when performing the steps above.

Pods fail to initialize

Please provide any additional information or screenshots that might help us understand and resolve the issue.

wg tunnel pod logs:

sudo k3s kubectl logs --namespace=home wg-home-6bb967458-2gpv2
[INFO] Running iptables in legacy mode
Uname info: Linux wg-home-6bb967458-2gpv2 5.10.110-37-rockchip-g74457be0716d #rockchip SMP Mon Feb 6 09:18:21 UTC 2023 aarch64 aarch64 aarch64 GNU/Linux
Error: Unknown device type.
[INFO] Wireguard module is not active, attempting kernel header install and module compilation. If you believe that your kernel should have wireguard support already, make sure that it is activated via modprobe!
[INFO] Attempting kernel header install.
Get:1 http://ports.ubuntu.com/ubuntu-ports jammy InRelease [270 kB]
Get:2 http://ports.ubuntu.com/ubuntu-ports jammy-updates InRelease [119 kB]
Get:3 http://ports.ubuntu.com/ubuntu-ports jammy-backports InRelease [108 kB]
Get:4 http://ports.ubuntu.com/ubuntu-ports jammy-security InRelease [110 kB]
Get:5 http://ports.ubuntu.com/ubuntu-ports jammy/universe arm64 Packages [17.2 MB]
Get:6 http://ports.ubuntu.com/ubuntu-ports jammy/multiverse arm64 Packages [224 kB]
Get:7 http://ports.ubuntu.com/ubuntu-ports jammy/main arm64 Packages [1758 kB]
Get:8 http://ports.ubuntu.com/ubuntu-ports jammy/restricted arm64 Packages [24.2 kB]
Get:9 http://ports.ubuntu.com/ubuntu-ports jammy-updates/multiverse arm64 Packages [24.3 kB]
Get:10 http://ports.ubuntu.com/ubuntu-ports jammy-updates/main arm64 Packages [1190 kB]
Get:11 http://ports.ubuntu.com/ubuntu-ports jammy-updates/universe arm64 Packages [1018 kB]
Get:12 http://ports.ubuntu.com/ubuntu-ports jammy-updates/restricted arm64 Packages [547 kB]
Get:13 http://ports.ubuntu.com/ubuntu-ports jammy-backports/main arm64 Packages [48.9 kB]
Get:14 http://ports.ubuntu.com/ubuntu-ports jammy-backports/universe arm64 Packages [23.6 kB]
Get:15 http://ports.ubuntu.com/ubuntu-ports jammy-security/main arm64 Packages [844 kB]
Get:16 http://ports.ubuntu.com/ubuntu-ports jammy-security/universe arm64 Packages [772 kB]
Get:17 http://ports.ubuntu.com/ubuntu-ports jammy-security/restricted arm64 Packages [507 kB]
Get:18 http://ports.ubuntu.com/ubuntu-ports jammy-security/multiverse arm64 Packages [20.2 kB]
Fetched 24.8 MB in 6s (4305 kB/s)
Reading package lists...
E: No packages found
[INFO] No kernel headers found in the Ubuntu or Debian repos!! Will try the headers from host (if mapped), may or may not work.
[INFO] Kernel headers don't seem to be available in Ubuntu, Debian and Raspbian repos, or shared from the host; therefore can't compile the module. Falling back to wireguard-go.
time=2023-04-26T04:17:30.354Z level=INFO msg="Starting tunnel server" addr=:8080
time=2023-04-26T04:17:30.358Z level=INFO msg="Execing command" command="/usr/bin/wg-quick up wg0"
[#] ip link add wg0 type wireguard
Error: Unknown device type.
[!] Missing WireGuard kernel module. Falling back to slow userspace implementation.
[#] wireguard-go wg0
/usr/bin/wg-quick: line 32: /usr/bin/wireguard-go: cannot execute binary file: Exec format error
Unable to access interface: Protocol not supported
[#] ip link delete dev wg0
Cannot find device "wg0"
Error: exit status 1
Usage:
  glmmgr wg [flags]

Flags:
  -h, --help                   help for wg
      --http-addr string       the address that tunnel endpoint binds to (default ":8080")
      --tunnel-config string   path to tunnel config

Global Flags:
      --config string   config file
      --debug           debug

time=2023-04-26T04:17:30.465Z level=ERROR msg="error executing command" error="exit status 1"

Please provide the version of GuardLlama you are using.

glm-installer 1.1.0 (2023-04-16)

OS

Ubuntu Server 20.04

Cloud Provider

N/A

VPN Client

N/A
@henryabra henryabra added the bug Something isn't working label Apr 26, 2023
@henryabra
Copy link
Author

BTW I would love to contribute. If anyone can give me feedback on the dev env requirements and build process, I can give it a go.

@llamaonduty
Copy link
Member

👋 Thanks for reporting the bug!

The issue:

/usr/bin/wg-quick: line 32: /usr/bin/wireguard-go: cannot execute binary file: Exec format error

seems to me that thewireguard-go bin in the image isn't built for arm64. But we have an arm64 version of the image. So I'm confused about what goes wrong here 😕 .

BTW I would love to contribute. If anyone can give me feedback on the dev env requirements and build process, I can give it a go.

Thanks! Would love to see more contributions!

To get started developing, you would need to install Go, Flutter Web and Docker. After that, you

  1. git clone [email protected]:guardllamanet/guardllama.git
  2. Run make glm_install to set up a dev GuardLlama with k3d
  3. cd ui && flutter run -d chrome to start the UI. The token to login in dev is root

Other tasks may help you build & run tests like make build & make test. Let me know if you have other questions. I will write up a development guide soon.

@llamaonduty
Copy link
Member

I provisioned an aarch64 Ubuntu Focal EC2 instance, and the tunnel ran fine. Is there anything special about your OS. This is mine:

$ uname -m
aarch64
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.6 LTS
Release:        20.04
Codename:       focal

Can you give more details on your OS?

@llamaonduty
Copy link
Member

FYI, there is a new section on the development guide in case anyone is interested: https://github.com/guardllamanet/guardllama/blob/main/CONTRIBUTING.md#development

@henryabra
Copy link
Author

Weirdly enough, I got the same output as you did:

rock@rock-5b:~$ uname -m
aarch64
rock@rock-5b:~$ lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 20.04.6 LTS
Release:	20.04
Codename:	focal
rock@rock-5b:~$

Will try again over the weekend

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@henryabra @llamaonduty