net: put host ip address replication behind a flag

Signed-off-by: Abiola Ibrahim <[email protected]>
abiosoft · Aug 13, 2024 · cabce88 · cabce88
1 parent cf86fa9
commit cabce88
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 14 deletions.
diff --git a/cmd/start.go b/cmd/start.go
@@ -155,8 +155,11 @@ func init() {
 	startCmd.Flags().BoolVarP(&startCmdArgs.Flags.Foreground, "foreground", "f", false, "Keep colima in the foreground")
 	startCmd.Flags().StringVar(&startCmdArgs.Hostname, "hostname", "", "custom hostname for the virtual machine")
 
+	// host IP addresses
+	startCmd.Flags().BoolVar(&startCmdArgs.Network.HostAddresses, "network-host-addresses", false, "support port forwarding to specific host IP addresses")
+
 	if util.MacOS() {
-		// network
+		// network address
 		startCmd.Flags().BoolVar(&startCmdArgs.Network.Address, "network-address", false, "assign reachable IP address to the VM")
 
 		// vm type
@@ -437,6 +440,9 @@ func prepareConfig(cmd *cobra.Command) {
 			startCmdArgs.ActivateRuntime = current.ActivateRuntime
 		}
 	}
+	if !cmd.Flag("network-host-addresses").Changed {
+		startCmdArgs.Network.HostAddresses = current.Network.HostAddresses
+	}
 	if util.MacOS() {
 		if !cmd.Flag("network-address").Changed {
 			startCmdArgs.Network.Address = current.Network.Address

diff --git a/config/config.go b/config/config.go
@@ -73,9 +73,10 @@ type Kubernetes struct {
 
 // Network is VM network configuration
 type Network struct {
-	Address      bool              `yaml:"address"`
-	DNSResolvers []net.IP          `yaml:"dns"`
-	DNSHosts     map[string]string `yaml:"dnsHosts"`
+	Address       bool              `yaml:"address"`
+	DNSResolvers  []net.IP          `yaml:"dns"`
+	DNSHosts      map[string]string `yaml:"dnsHosts"`
+	HostAddresses bool              `yaml:"hostAddresses"`
 }
 
 // Mount is volume mount

diff --git a/embedded/defaults/colima.yaml b/embedded/defaults/colima.yaml
@@ -77,6 +77,14 @@ network:
   dnsHosts:
     host.docker.internal: host.lima.internal
 
+  # Replicate host IP addresses in the VM. This enables port forwarding to specific
+  # host IP addresses.
+  #   e.g. `docker run --port 10.0.1.2:8080:8080 alpine` would only forward to the
+  #   specified IP address.
+  #
+  # Default: false
+  hostAddresses: false
+
 # ===================================================================== #
 # ADVANCED CONFIGURATION
 # ===================================================================== #

diff --git a/environment/vm/lima/lima.go b/environment/vm/lima/lima.go
@@ -378,10 +378,8 @@ func (l *limaVM) addPostStartActions(a *cli.ActiveCommandChain, conf config.Conf
 
 	// replicate addresses when network address is disabled
 	a.Add(func() error {
-		if !conf.Network.Address {
-			if err := l.replicateHostAddresses(); err != nil {
-				logrus.Warnln(fmt.Errorf("unable to assign host IP addresses to the VM: %w", err))
-			}
+		if err := l.replicateHostAddresses(conf); err != nil {
+			logrus.Warnln(fmt.Errorf("unable to assign host IP addresses to the VM: %w", err))
 		}
 		return nil
 	})

diff --git a/environment/vm/lima/network.go b/environment/vm/lima/network.go
@@ -5,6 +5,7 @@ import (
 	"os"
 	"path/filepath"
 
+	"github.com/abiosoft/colima/config"
 	"github.com/abiosoft/colima/embedded"
 	"github.com/abiosoft/colima/environment/vm/lima/limautil"
 	"github.com/abiosoft/colima/util"
@@ -26,18 +27,20 @@ func (l *limaVM) writeNetworkFile() error {
 	return nil
 }
 
-func (l *limaVM) replicateHostAddresses() error {
-	for _, ip := range util.HostIPAddresses() {
-		if err := l.RunQuiet("sudo", "ip", "address", "add", ip.String()+"/24", "dev", "lo"); err != nil {
-			return err
+func (l *limaVM) replicateHostAddresses(conf config.Config) error {
+	if !conf.Network.Address && conf.Network.HostAddresses {
+		for _, ip := range util.HostIPAddresses() {
+			if err := l.RunQuiet("sudo", "ip", "address", "add", ip.String()+"/24", "dev", "lo"); err != nil {
+				return err
+			}
 		}
 	}
 	return nil
 }
 
 func (l *limaVM) removeHostAddresses() {
 	conf, _ := limautil.InstanceConfig()
-	if !conf.Network.Address {
+	if !conf.Network.Address && conf.Network.HostAddresses {
 		for _, ip := range util.HostIPAddresses() {
 			_ = l.RunQuiet("sudo", "ip", "address", "del", ip.String()+"/24", "dev", "lo")
 		}

diff --git a/environment/vm/lima/yaml.go b/environment/vm/lima/yaml.go
@@ -246,7 +246,7 @@ func newConf(ctx context.Context, conf config.Config) (l limaconfig.Config, err
 		)
 
 		// bind all host addresses when network address is not enabled
-		if !conf.Network.Address {
+		if !conf.Network.Address && conf.Network.HostAddresses {
 			for _, ip := range util.HostIPAddresses() {
 				l.PortForwards = append(l.PortForwards,
 					limaconfig.PortForward{