minikube tunnel

cmd/minikube/cmd/config/util.go

@@ -114,7 +114,7 @@ func EnableOrDisableAddon(name string, val string) error {
 	if err != nil {
 		return err
 	}
-	host, err := cluster.CheckIfApiExistsAndLoad(api)
+	host, err := cluster.CheckIfHostExistsAndLoad(api, config.GetMachineName())
 	if err != nil {
 		return errors.Wrap(err, "getting host")
 	}

cmd/minikube/cmd/env.go

@@ -306,7 +306,7 @@ var dockerEnvCmd = &cobra.Command{
 			os.Exit(1)
 		}
 		defer api.Close()
-		host, err := cluster.CheckIfApiExistsAndLoad(api)
+		host, err := cluster.CheckIfHostExistsAndLoad(api, config.GetMachineName())
 		if err != nil {
 			fmt.Fprintf(os.Stderr, "Error getting host: %s\n", err)
 			os.Exit(1)

cmd/minikube/cmd/env_test.go

@@ -45,10 +45,12 @@ func (f FakeNoProxyGetter) GetNoProxyVar() (string, string) {
 }
 
 var defaultAPI = &tests.MockAPI{
-	Hosts: map[string]*host.Host{
-		config.GetMachineName(): {
-			Name:   config.GetMachineName(),
-			Driver: &tests.MockDriver{},
+	FakeStore: tests.FakeStore{
+		Hosts: map[string]*host.Host{
+			config.GetMachineName(): {
+				Name:   config.GetMachineName(),
+				Driver: &tests.MockDriver{},
+			},
 		},
 	},
 }
@@ -81,7 +83,9 @@ func TestShellCfgSet(t *testing.T) {
 		{
 			description: "no host specified",
 			api: &tests.MockAPI{
-				Hosts: make(map[string]*host.Host),
+				FakeStore: tests.FakeStore{
+					Hosts: make(map[string]*host.Host),
+				},
 			},
 			shell:            "bash",
 			expectedShellCfg: nil,

cmd/minikube/cmd/ssh.go

@@ -24,6 +24,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
 	"k8s.io/minikube/pkg/minikube/cluster"
+	"k8s.io/minikube/pkg/minikube/config"
 	"k8s.io/minikube/pkg/minikube/machine"
 )
 
@@ -39,7 +40,7 @@ var sshCmd = &cobra.Command{
 			os.Exit(1)
 		}
 		defer api.Close()
-		host, err := cluster.CheckIfApiExistsAndLoad(api)
+		host, err := cluster.CheckIfHostExistsAndLoad(api, config.GetMachineName())
 		if err != nil {
 			fmt.Fprintf(os.Stderr, "Error getting host: %s\n", err)
 			os.Exit(1)

cmd/minikube/cmd/start.go

@@ -187,7 +187,7 @@ func runStart(cmd *cobra.Command, args []string) {
 		selectedKubernetesVersion = constants.DefaultKubernetesVersion
 	}
 	// Load profile cluster config from file
-	cc, err := loadConfigFromFile(viper.GetString(cfg.MachineProfile))
+	cc, err := cfg.Load()
 	if err != nil && !os.IsNotExist(err) {
 		glog.Errorln("Error loading profile config: ", err)
 	}
@@ -463,23 +463,3 @@ func saveConfigToFile(data []byte, file string) error {
 	}
 	return nil
 }
-
-func loadConfigFromFile(profile string) (cfg.Config, error) {
-	var cc cfg.Config
-
-	profileConfigFile := constants.GetProfileFile(profile)
-
-	if _, err := os.Stat(profileConfigFile); os.IsNotExist(err) {
-		return cc, err
-	}
-
-	data, err := ioutil.ReadFile(profileConfigFile)
-	if err != nil {
-		return cc, err
-	}
-
-	if err := json.Unmarshal(data, &cc); err != nil {
-		return cc, err
-	}
-	return cc, nil
-}

cmd/minikube/cmd/status.go

@@ -88,7 +88,7 @@ var statusCmd = &cobra.Command{
 				returnCode |= clusterNotRunningStatusFlag
 			}
 
-			ip, err := cluster.GetHostDriverIP(api)
+			ip, err := cluster.GetHostDriverIP(api, config.GetMachineName())
 			if err != nil {
 				glog.Errorln("Error host driver ip status:", err)
 				cmdUtil.MaybeReportErrorAndExitWithCode(err, internalErrorCode)

cmd/minikube/cmd/tunnel.go

@@ -0,0 +1,87 @@
+/*
+Copyright 2018 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cmd
+
+import (
+	"context"
+	"flag"
+	"github.com/golang/glog"
+	"github.com/spf13/cobra"
+	"k8s.io/minikube/pkg/minikube/config"
+	"k8s.io/minikube/pkg/minikube/machine"
+	"k8s.io/minikube/pkg/minikube/service"
+	"k8s.io/minikube/pkg/minikube/tunnel"
+	"os"
+	"os/signal"
+)
+
+var cleanup bool
+
+// tunnelCmd represents the tunnel command
+var tunnelCmd = &cobra.Command{
+	Use:   "tunnel",
+	Short: "tunnel makes services of type LoadBalancer accessible on localhost",
+	Long:  `tunnel creates a route to services deployed with type LoadBalancer and sets their Ingress to their ClusterIP`,
+	PersistentPreRun: func(cmd *cobra.Command, args []string) {
+		RootCmd.PersistentPreRun(cmd, args)
+	},
+	Run: func(cmd *cobra.Command, args []string) {
+		flag.Lookup("logtostderr").Value.Set("true")
+		manager := tunnel.NewManager()
+
+		if cleanup {
+			glog.Info("Checking for tunnels to cleanup...")
+			if err := manager.CleanupNotRunningTunnels(); err != nil {
+				glog.Errorf("error cleaning up: %s", err)
+			}
+			return
+		}
+
+		glog.Infof("Creating docker machine client...")
+		api, e := machine.NewAPIClient()
+		if e != nil {
+			glog.Fatalf("error creating dockermachine client: %s", e)
+		}
+		machineName := config.GetMachineName()
+
+		glog.Infof("Creating k8s client...")
+		clientset, e := service.K8s.GetClientset()
+		if e != nil {
+			glog.Fatalf("error creating K8S clientset: %s", e)
+		}
+		v1 := clientset.CoreV1()
+
+		ctrlC := make(chan os.Signal, 1)
+		signal.Notify(ctrlC, os.Interrupt)
+		ctx, cancel := context.WithCancel(context.Background())
+		go func() {
+			<-ctrlC
+			cancel()
+		}()
+
+		done, e := manager.StartTunnel(ctx, machineName, api, config.Loader, v1)
+		if e != nil {
+			glog.Fatalf("error starting tunnel: %s", e)
+		}
+		<-done
+	},
+}
+
+func init() {
+	tunnelCmd.Flags().BoolVarP(&cleanup, "cleanup", "c", false, "call with cleanup=true to remove old tunnels")
+	RootCmd.AddCommand(tunnelCmd)
+}

cmd/minikube/cmd/update-context.go

@@ -43,12 +43,13 @@ var updateContextCmd = &cobra.Command{
 			os.Exit(1)
 		}
 		defer api.Close()
-		ip, err := cluster.GetHostDriverIP(api)
+		machineName := config.GetMachineName()
+		ip, err := cluster.GetHostDriverIP(api, machineName)
 		if err != nil {
 			glog.Errorln("Error host driver ip status:", err)
 			cmdUtil.MaybeReportErrorAndExit(err)
 		}
-		kstatus, err := kcfg.UpdateKubeconfigIP(ip, constants.KubeconfigPath, config.GetMachineName())
+		kstatus, err := kcfg.UpdateKubeconfigIP(ip, constants.KubeconfigPath, machineName)
 		if err != nil {
 			glog.Errorln("Error kubeconfig status:", err)
 			cmdUtil.MaybeReportErrorAndExit(err)

docs/networking.md

@@ -10,3 +10,40 @@ To determine the NodePort for your service, you can use a `kubectl` command like
 We also have a shortcut for fetching the minikube IP and a service's `NodePort`:
 
 `minikube service --url $SERVICE`
+
+### LoadBalancer emulation (`minikube tunnel`)
+
+Services of type `LoadBalancer` can be exposed via the `minikube tunnel` command. 
+
+````shell
+$ sudo "PATH=$PATH" "HOME=$HOME" minikube tunnel
+[sudo] password for *****: 
+INFO[0000] Creating docker machine client...            
+INFO[0000] Creating k8s client...                       
+INFO[0000] Setting up router...                         
+INFO[0000] Setting up tunnel...                         
+INFO[0000] Started minikube tunnel. Tunnel requires root access. Please wait for the password prompt! 
+INFO[0005] Adding route for CIDR 10.96.0.0/12 to gateway 192.168.39.90 
+INFO[0005] About to run command: [sudo ip route add 10.96.0.0/12 via 192.168.39.90] 
+INFO[0005]                                              
+TunnelState:
+	minikube: Running
+	route: 10.96.0.0/12 -> 192.168.39.90
+	services: []
+INFO[0055] Patched nginx with IP 10.101.207.169         
+TunnelState:
+	minikube: Running
+	route: 10.96.0.0/12 -> 192.168.39.90
+	services: [nginx]
+```` 
+
+
+`minikube tunnel` runs as a separate daemon, creates a network route on the host to the service CIDR of the cluster using the cluster's IP address as a gateway. 
+Adding a route requires root privileges for the user, and thus there are differences in how to run `minikube tunnel` depending on the OS.    
+
+Recommended way to use on Linux with KVM2 driver and MacOSX with Hyperkit driver: 
+
+`sudo "PATH=$PATH" "HOME=$HOME" minikube tunnel`
+
+Using VirtualBox on Windows _both_ `minikube start` and `minikube tunnel` needs to be started from the same Administrator user session otherwise [VBoxManage can't recognize the created VM](https://forums.virtualbox.org/viewtopic.php?f=6&t=81551).     
+

docs/tunnel.md

@@ -0,0 +1,144 @@
+# Minikube Tunnel Design Doc
+
+## Background
+
+Minikube today only exposes a single IP address for all cluster and VM communication.
+This effectively requires users to connect to any running Pods, Services or LoadBalancers over ClusterIPs, which can require modifications to workflows when compared to developing against a production cluster.
+
+A main goal of Minikube is to minimize the differences required in code and configuration between development and production, so this is not ideal.
+If all cluster IP addresses and Load Balancers were made available on the minikube host machine, these modifications would not be necessary and users would get the "magic" experience of developing from inside a cluster.
+
+Tools like telepresence.io, sshuttle, and the OpenVPN chart provide similar capabilities already.
+
+Also, Steve Sloka has provided a very detailed guide on how to setup a similar configuration [manually](https://stevesloka.com/2017/06/12/access-minikube-service-from-linux-host/).
+
+Elson Rodriguez has provided a similar guide, including a Minikube [external LB controller](https://github.com/elsonrodriguez/minikube-lb-patch).
+
+## Example usage
+
+```shell
+$ minikube tunnel
+Starting minikube tunnel process. Press Ctrl+C to exit.
+All cluster IPs and load balancers are now available from your host machine.
+```
+
+## Overview
+
+We will introduce a new command, `minikube tunnel`, that must be run with root permissions.
+This command will:
+
+* Establish networking routes from the host into the VM for all IP ranges used by Kubernetes.
+* Enable a cluster controller that allocates IPs to services external `LoadBalancer` IPs.
+* Clean up routes and IPs when stopped, or when `minikube` stops.
+
+Additionally, we will introduce a Minikube LoadBalancer controller that manages a CIDR of IPs and assigns them to services of type `LoadBalancer`.
+These IPs will also be made available on the host machine.
+
+## Network Routes
+
+Minikube drivers usually establish "host-only" IP addresses (192.168.1.1, for example) that route into the running VM
+from the host.
+
+The new `minikube tunnel` command will create a static routing table entry that maps the CIDRs used by Pods, Services and LoadBalancers to the host-only IP, obtainable via the `minikube ip` command.
+
+The commands below detail adding routes for the entire `/8` block, we should probably add individual entries for each CIDR we manage instead.
+
+### Linux
+
+Route entries for the entire 10.* block can be added via:
+
+```shell
+sudo ip route add 10.0.0.0/8 via $(minikube ip)
+```
+
+and deleted via:
+
+```shell
+sudo ip route delete 10.0.0.0/8
+```
+
+The routing table can be queried with `netstat -nr -f inet` 
+
+### OSX
+
+Route entries can be added via:
+
+```shell
+sudo route -n add 10.0.0.0/8 $(minikube ip)
+```
+
+and deleted via:
+
+```shell
+sudo route -n delete 10.0.0.0/8
+
+```
+
+The routing table can be queried with `netstat -nr -f inet`
+
+### Windows
+
+Route entries can be added via:
+
+```shell
+route ADD 10.0.0.0 MASK 255.0.0.0 <minikube ip>
+```
+
+and deleted via:
+
+```shell
+route DELETE 10.0.0.0 
+```
+
+The routing table can be queried with `route print -4`
+
+### Handling unclean shutdowns 
+
+Unclean shutdowns of the tunnel process can result in partially executed cleanup process, leaving network routes in the routing table. 
+We will keep track of the routes created by each tunnel in a centralized location in the main minikube config directory. 
+This list serves as a registry for tunnels containing information about 
+- machine profile 
+- process ID 
+- and the route that was created
+
+The cleanup command cleans the routes from both the routing table and the registry for tunnels that are not running: 
+
+``` 
+minikube tunnel --cleanup
+```
+
+Updating the tunnel registry and the routing table is an atomic transaction: 
+
+- create route in the routing table + create registry entry if both are successful, otherwise rollback  
+- delete route in the routing table + remove registry entry if both are successful, otherwise rollback 
+
+*Note*: because we don't support currently real multi cluster setup (due to overlapping CIDRs), the handling of running/not-running processes is not strictly required however it is forward looking.  
+
+### Handling routing table conflicts  
+
+A routing table conflict happens when a destination CIDR of the route required by the tunnel overlaps with an existing route. 
+Minikube tunnel will warn the user if this happens and should not create the rule. 
+There should not be any automated removal of conflicting routes.
+
+*Note*: If the user removes the minikube config directory, this might leave conflicting rules in the network routing table that will have to be cleaned up manually.  
+
+
+## Load Balancer Controller
+
+In addition to making IPs routable, minikube tunnel will assign an external IP (the ClusterIP) to all services of type `LoadBalancer`.
+
+The logic of this controller will be, roughly:
+
+```python
+for service in services:
+  if service.type == "LoadBalancer" and len(service.ingress) == 0:
+    add_ip_to_service(ClusterIP, service)
+sleep
+```
+
+Note that the Minikube ClusterIP can change over time (during system reboots) and this loop should also handle reconcilliation of those changes.
+
+## Handling multiple clusters 
+
+Multiple clusters are currently not supported due to our inability to specify ServiceCIDR. 
+This causes conflicting routes having the same destination CIDR.