kubernetes · prezha · Apr 17, 2023 · Apr 18, 2023 · Apr 18, 2023 · Apr 18, 2023
diff --git a/cmd/minikube/cmd/start_flags.go b/cmd/minikube/cmd/start_flags.go
@@ -473,6 +473,11 @@ func getNetwork(driverName string) string {
 		return n
 	}
 	switch n {
+	case "vmnet-host", "vmnet-shared", "vmnet-bridged":
+		//TODO: check if QEMU v7.1+ version is installed
+		if runtime.GOOS != "darwin" {
+			exit.Message(reason.Usage, "The vmnet-* network is only supported on macOS")
+		}
 	case "socket_vmnet":
 		if runtime.GOOS != "darwin" {
 			exit.Message(reason.Usage, "The socket_vmnet network is only supported on macOS")
@@ -491,7 +496,7 @@ func getNetwork(driverName string) string {
 		n = "builtin"
 	case "builtin":
 	default:
-		exit.Message(reason.Usage, "--network with QEMU must be 'builtin' or 'socket_vmnet'")
+		exit.Message(reason.Usage, "--network with QEMU must be 'builtin' (aka 'user') or 'socket_vmnet', and for QEMU v7.1+, it can also be 'vmnet-host', 'vmnet-shared' or 'vmnet-bridged'")
 	}
 	if n == "builtin" {
 		msg := "You are using the QEMU driver without a dedicated network, which doesn't support `minikube service` & `minikube tunnel` commands."

diff --git a/pkg/drivers/qemu/qemu.go b/pkg/drivers/qemu/qemu.go
@@ -18,6 +18,7 @@ package qemu
 
 import (
 	"archive/tar"
+	"bufio"
 	"bytes"
 	"encoding/json"
 	"fmt"
@@ -26,6 +27,7 @@ import (
 	"net"
 	"os"
 	"os/exec"
+	"os/user"
 	"path/filepath"
 	"runtime"
 	"strconv"
@@ -176,7 +178,11 @@ func checkPid(pid int) error {
 	if err != nil {
 		return err
 	}
-	return process.Signal(syscall.Signal(0))
+	// when user sends a signal to an existing privileged process, "operation not permitted" error is returned, but the process exists, which is all we care about here
+	if err = process.Signal(syscall.Signal(0)); err == nil || strings.Contains(err.Error(), "operation not permitted") {
+		return nil
+	}
+	return err
 }
 
 func (d *Driver) GetState() (state.State, error) {
@@ -254,7 +260,7 @@ func (d *Driver) Create() error {
 			}
 			break
 		}
-	case "socket_vmnet":
+	case "socket_vmnet", "vmnet-host", "vmnet-shared", "vmnet-bridged":
 		d.SSHPort, err = d.GetSSHPort()
 		if err != nil {
 			return err
@@ -366,7 +372,7 @@ func getAvailableTCPPortFromRange(minPort, maxPort int) (int, error) {
 	return 0, fmt.Errorf("unable to allocate tcp port")
 }
 
-func (d *Driver) Start() error {
+func (d *Driver) Start() error { //nolint to suppress cyclomatic complexity 31 is high (> 30) (gocyclo)
 	machineDir := filepath.Join(d.StorePath, "machines", d.GetMachineName())
 
 	var startCmd []string
@@ -446,6 +452,10 @@ func (d *Driver) Start() error {
 		startCmd = append(startCmd,
 			"-device", fmt.Sprintf("virtio-net-pci,netdev=net0,mac=%s", d.MACAddress), "-netdev", "socket,id=net0,fd=3",
 		)
+	case "vmnet-host", "vmnet-shared", "vmnet-bridged":
+		startCmd = append(startCmd,
+			"-netdev", fmt.Sprintf("%s,id=net0,isolated=off", d.Network), "-device", fmt.Sprintf("virtio-net-pci,netdev=net0,mac=%s", d.MACAddress),
+		)
 	default:
 		return fmt.Errorf("unknown network: %s", d.Network)
 	}
@@ -482,13 +492,20 @@ func (d *Driver) Start() error {
 			d.diskPath())
 	}
 
-	// If socket network, start with socket_vmnet.
+	// for socket_vmnet network, start with socket_vmnet
 	startProgram := d.Program
 	if d.Network == "socket_vmnet" {
 		startProgram = d.SocketVMNetClientPath
 		startCmd = append([]string{d.SocketVMNetPath, d.Program}, startCmd...)
 	}
 
+	// vmnet network requires elevated privileges
+	if strings.HasPrefix(d.Network, "vmnet-") {
+		//TODO: handle windows
+		startProgram = "sudo"
+		startCmd = append([]string{"--stdin", "env", fmt.Sprintf("PATH=%q", os.Getenv("PATH")), d.Program}, startCmd...)
+	}
+
 	startFunc := cmdOutErr
 	if runtime.GOOS == "windows" {
 		startFunc = cmdStart
@@ -502,7 +519,17 @@ func (d *Driver) Start() error {
 	switch d.Network {
 	case "builtin", "user":
 		d.IPAddress = "127.0.0.1"
-	case "socket_vmnet":
+	case "socket_vmnet", "vmnet-host", "vmnet-shared", "vmnet-bridged":
+		// for vmnet network, we need to restore user's access to qemu.pid and monitor in minikube's home dir
+		if strings.HasPrefix(d.Network, "vmnet-") {
+			if user, err := user.Current(); err != nil {
+				log.Errorf("cannot get current user and thus cannot take ownership of %s and %s (continuing anyway, but will likely fail): %v", d.pidfilePath(), d.monitorPath(), err)
+			} else if stdout, stderr, err := startFunc("sudo", "-S", "chown", user.Username, d.pidfilePath(), d.monitorPath()); err != nil {
+				fmt.Printf("OUTPUT: %s\n", stdout)
+				fmt.Printf("ERROR: %s\n", stderr)
+			}
+		}
+
 		var err error
 		getIP := func() error {
 			d.IPAddress, err = pkgdrivers.GetIPAddressByMACAddress(d.MACAddress)
@@ -566,11 +593,61 @@ func isBootpdError(err error) bool {
 func cmdOutErr(cmdStr string, args ...string) (string, string, error) {
 	cmd := exec.Command(cmdStr, args...)
 	log.Debugf("executing: %s %s", cmdStr, strings.Join(args, " "))
+
+	var err error
+
+	// allow using SUDO_PASSWORD env var for ci/cd automation, if present
+	// otherwise, prompt user to enter sudo password without echoing it using os.Stdin
+	var stdin io.WriteCloser
+	cmd.Stdin = os.Stdin
+	secret, found := os.LookupEnv("SUDO_PASSWORD")
+	if found {
+		cmd.Stdin = nil // unset to avoid "Stdin already set" error
+		if stdin, err = cmd.StdinPipe(); err != nil {
+			return "", "", fmt.Errorf("cannot create StdinPipe: %v", err)
+		}
+	}
+
 	var stdout bytes.Buffer
-	var stderr bytes.Buffer
 	cmd.Stdout = &stdout
-	cmd.Stderr = &stderr
-	err := cmd.Run()
+
+	// try detecting password prompt for sudo in StdErr (sudo has to be run with '-S' flag for this to work),
+	// while preserving original StdErr content by using tee reader
+	var stderr bytes.Buffer
+	errPipe, err := cmd.StderrPipe()
+	if err != nil {
+		return "", "", fmt.Errorf("cannont create StderrPipe: %v", err)
+	}
+	errTee := io.TeeReader(errPipe, &stderr)
+
+	go func() {
+		var buf []byte
+		r := bufio.NewReader(errTee)
+		for {
+			b, err := r.ReadByte()
+			if err != nil && !errors.Is(err, io.EOF) && !errors.Is(err, os.ErrClosed) {
+				log.Errorf("reading from stderr failed: %v", err)
+				break
+			}
+			buf = append(buf, b)
+
+			// macOS has "Password:" and Linux has "[sudo] password for root:" prompt
+			if strings.Contains(string(buf), "assword") && strings.HasSuffix(string(buf), ":") {
+				// try SUDO_PASSWORD first, if one exists
+				if stdin != nil {
+					if _, err := io.WriteString(stdin, fmt.Sprintf("%s\n", secret)); err != nil {
+						log.Errorf("writing to stdin failed: %v", err)
+						break
+					}
+					continue
+				}
+				// alternatively, use os.Stdin for prompt
+				fmt.Printf("\nsudo password:  ")
+			}
+		}
+	}()
+
+	err = cmd.Run()
 	stdoutStr := stdout.String()
 	stderrStr := stderr.String()
 	log.Debugf("STDOUT: %s", stdoutStr)

diff --git a/pkg/minikube/cluster/ip.go b/pkg/minikube/cluster/ip.go
@@ -67,8 +67,12 @@ func HostIP(host *host.Host, clusterName string) (net.IP, error) {
 			// user network case
 			return net.ParseIP("10.0.2.2"), nil
 		}
-		// socket_vmnet network case
-		return net.ParseIP("192.168.105.1"), nil
+		// socket_vmnet and vmnet network case: host ip should be start address of subnet
+		vmIP := net.ParseIP(ipString).To4()
+		if vmIP == nil {
+			return []byte{}, errors.Wrap(err, "Error converting VM IP address to IPv4 address")
+		}
+		return net.IPv4(vmIP[0], vmIP[1], vmIP[2], byte(1)), nil
 	case driver.HyperV:
 		v := reflect.ValueOf(host.Driver).Elem()
 		var hypervVirtualSwitch string

diff --git a/translations/de.json b/translations/de.json
@@ -24,6 +24,7 @@
 	"--kvm-numa-count range is 1-8": "Der Wertebereich für --kvm-numa-count ist 1-8",
 	"--network flag is only valid with the docker/podman and KVM drivers, it will be ignored": "Der Parameter --network kann nur mit dem docker/podman und den KVM Treibern verwendet werden, er wird ignoriert werden",
 	"--network flag is only valid with the docker/podman, KVM and Qemu drivers, it will be ignored": "--network flag kann nur mit docker/podman, KVM und Qemu Treibern verwendet werden",
+	"--network with QEMU must be 'builtin' (aka 'user') or 'socket_vmnet', and for QEMU v7.1+, it can also be 'vmnet-host', 'vmnet-shared' or 'vmnet-bridged'": "",
 	"--network with QEMU must be 'builtin' or 'socket_vmnet'": "--network muss entweder 'builtin' oder 'socket_vmnet' enthalten, wenn der QEMU Treiber verwendet wird",
 	"--static-ip is only implemented on Docker and Podman drivers, flag will be ignored": "--static-ip ist nur für Docker und Podman Treiber implementiert, der Parameter wird ignoriert",
 	"--static-ip overrides --subnet, --subnet will be ignored": "--static-ip überschreibt --subnet, --subnet wird ignoriert werden",
@@ -809,6 +810,7 @@
 	"The total number of nodes to spin up. Defaults to 1.": "Die Gesamtzahl der zu startenden Nodes. Default: 1.",
 	"The value passed to --format is invalid": "Der mit --format angegebene Wert ist ungültig",
 	"The value passed to --format is invalid: {{.error}}": "Der mit --format angegebene Wert ist ungültig: {{.error}}",
+	"The vmnet network is not yet supported on windows": "",
 	"The {{.addon}} addon is only supported with the KVM driver.\n\nFor GPU setup instructions see: https://minikube.sigs.k8s.io/docs/tutorials/nvidia/": "",
 	"The {{.driver_name}} driver should not be used with root privileges.": "Der Treiber {{.driver_name}} sollte nicht mit Root-Rechten verwendet werden.",
 	"There are a couple ways to enable the required file sharing:\n1. Enable \"Use the WSL 2 based engine\" in Docker Desktop\nor\n2. Enable file sharing in Docker Desktop for the %s%s directory": "Es gibt mehrere Möglichkeiten das benötigte File-Sharing zu aktivieren:\n1. Aktiviere \"Use the WSL 2 based engine\" in Docker Desktop\noder\n2. Aktiviere File-Sharing in Docker Desktop für das %s%s Verzeichnis",

diff --git a/translations/es.json b/translations/es.json
@@ -25,7 +25,7 @@
 	"--kvm-numa-count range is 1-8": "--kvm-numa-count el rango es 1-8",
 	"--network flag is only valid with the docker/podman and KVM drivers, it will be ignored": "el flag --network es válido solamente con docker/podman y KVM, será ignorado",
 	"--network flag is only valid with the docker/podman, KVM and Qemu drivers, it will be ignored": "",
-	"--network with QEMU must be 'builtin' or 'socket_vmnet'": "",
+	"--network with QEMU must be 'builtin' (aka 'user') or 'socket_vmnet', and for QEMU v7.1+, it can also be 'vmnet-host', 'vmnet-shared' or 'vmnet-bridged'": "",
 	"--static-ip is only implemented on Docker and Podman drivers, flag will be ignored": "",
 	"--static-ip overrides --subnet, --subnet will be ignored": "",
 	"1) Recreate the cluster with Kubernetes {{.new}}, by running:\n\t  \n\t\t  minikube delete{{.profile}}\n\t\t  minikube start{{.profile}} --kubernetes-version={{.prefix}}{{.new}}\n\t  \n\t\t2) Create a second cluster with Kubernetes {{.new}}, by running:\n\t  \n\t\t  minikube start -p {{.suggestedName}} --kubernetes-version={{.prefix}}{{.new}}\n\t  \n\t\t3) Use the existing cluster at version Kubernetes {{.old}}, by running:\n\t  \n\t\t  minikube start{{.profile}} --kubernetes-version={{.prefix}}{{.old}}\n\t\t": "",
@@ -786,6 +786,7 @@
 	"The total number of nodes to spin up. Defaults to 1.": "",
 	"The value passed to --format is invalid": "",
 	"The value passed to --format is invalid: {{.error}}": "",
+	"The vmnet network is not yet supported on windows": "",
 	"The {{.addon}} addon is only supported with the KVM driver.\n\nFor GPU setup instructions see: https://minikube.sigs.k8s.io/docs/tutorials/nvidia/": "",
 	"The {{.driver_name}} driver should not be used with root privileges.": "El controlador {{.driver_name}} no se debe utilizar con privilegios de raíz.",
 	"There are a couple ways to enable the required file sharing:\n1. Enable \"Use the WSL 2 based engine\" in Docker Desktop\nor\n2. Enable file sharing in Docker Desktop for the %s%s directory": "",

diff --git a/translations/fr.json b/translations/fr.json
@@ -25,6 +25,7 @@
 	"--kvm-numa-count range is 1-8": "la tranche de --kvm-numa-count est 1 à 8",
 	"--network flag is only valid with the docker/podman and KVM drivers, it will be ignored": "l'indicateur --network est valide uniquement avec les pilotes docker/podman et KVM, il va être ignoré",
 	"--network flag is only valid with the docker/podman, KVM and Qemu drivers, it will be ignored": "L'indicateur --network n'est valide qu'avec les pilotes docker/podman, KVM et Qemu, il sera ignoré",
+	"--network with QEMU must be 'builtin' (aka 'user') or 'socket_vmnet', and for QEMU v7.1+, it can also be 'vmnet-host', 'vmnet-shared' or 'vmnet-bridged'": "",
 	"--network with QEMU must be 'builtin' or 'socket_vmnet'": "--network avec QEMU doit être 'builtin' ou 'socket_vmnet'",
 	"--network with QEMU must be 'user' or 'socket_vmnet'": "--network avec QEMU doit être 'user' ou 'socket_vmnet'",
 	"--static-ip is only implemented on Docker and Podman drivers, flag will be ignored": "--static-ip n'est implémenté que sur les pilotes Docker et Podman, l'indicateur sera ignoré",
@@ -794,6 +795,7 @@
 	"The total number of nodes to spin up. Defaults to 1.": "Le nombre total de nœuds à faire tourner. La valeur par défaut est 1.",
 	"The value passed to --format is invalid": "La valeur passée à --format n'est pas valide",
 	"The value passed to --format is invalid: {{.error}}": "La valeur passée à --format n'est pas valide : {{.error}}",
+	"The vmnet network is not yet supported on windows": "",
 	"The {{.addon}} addon is only supported with the KVM driver.\n\nFor GPU setup instructions see: https://minikube.sigs.k8s.io/docs/tutorials/nvidia/": "Le module complémentaire {{.addon}} n'est pris en charge qu'avec le pilote KVM.\n\nPour les instructions de configuration du GPU, consultez : https://minikube.sigs.k8s.io/docs/tutorials/nvidia/",
 	"There are a couple ways to enable the required file sharing:\n1. Enable \"Use the WSL 2 based engine\" in Docker Desktop\nor\n2. Enable file sharing in Docker Desktop for the %s%s directory": "Il existe plusieurs manières d'activer le partage de fichiers requis :\n1. Activez \"Utiliser le moteur basé sur WSL 2\" dans Docker Desktop\nou\n2. Activer le partage de fichiers dans Docker Desktop pour le répertoire %s%s",
 	"These --extra-config parameters are invalid: {{.invalid_extra_opts}}": "Ces paramètres --extra-config ne sont pas valides : {{.invalid_extra_opts}}",

diff --git a/translations/ja.json b/translations/ja.json
@@ -24,6 +24,7 @@
 	"--kvm-numa-count range is 1-8": "--kvm-numa-count の範囲は 1～8 です",
 	"--network flag is only valid with the docker/podman and KVM drivers, it will be ignored": "--network フラグは、docker/podman および KVM ドライバーでのみ有効であるため、無視されます",
 	"--network flag is only valid with the docker/podman, KVM and Qemu drivers, it will be ignored": "--network フラグは、docker/podman, KVM および Qemu ドライバーでのみ有効であるため、無視されます",
+	"--network with QEMU must be 'builtin' (aka 'user') or 'socket_vmnet', and for QEMU v7.1+, it can also be 'vmnet-host', 'vmnet-shared' or 'vmnet-bridged'": "",
 	"--network with QEMU must be 'builtin' or 'socket_vmnet'": "QEMU を用いる場合、--network は、'builtin' か 'socket_vmnet' でなければなりません",
 	"--network with QEMU must be 'user' or 'socket_vmnet'": "QEMU を用いる場合、--network は、'user' か 'socket_vmnet' でなければなりません",
 	"--static-ip is only implemented on Docker and Podman drivers, flag will be ignored": "--static-ip フラグは、Docker および Podman ドライバー上でのみ実装されているため、無視されます",
@@ -761,6 +762,7 @@
 	"The total number of nodes to spin up. Defaults to 1.": "",
 	"The value passed to --format is invalid": "--format の値が無効です",
 	"The value passed to --format is invalid: {{.error}}": "--format の値が無効です: {{.error}}",
+	"The vmnet network is not yet supported on windows": "",
 	"The {{.addon}} addon is only supported with the KVM driver.\n\nFor GPU setup instructions see: https://minikube.sigs.k8s.io/docs/tutorials/nvidia/": "",
 	"There are a couple ways to enable the required file sharing:\n1. Enable \"Use the WSL 2 based engine\" in Docker Desktop\nor\n2. Enable file sharing in Docker Desktop for the %s%s directory": "必要なファイル共有を有効にする方法が 2 つあります:\n1. Docker Desktop 中の「Use the WSL 2 based engine」を有効にする\nまたは\n2. %s%s ディレクトリー用の Docker Desktop でファイル共有を有効にする",
 	"These --extra-config parameters are invalid: {{.invalid_extra_opts}}": "次の --extra-config パラメーターは無効です: {{.invalid_extra_opts}}",

diff --git a/translations/ko.json b/translations/ko.json
@@ -28,6 +28,7 @@
 	"- Restart your {{.driver_name}} service": "{{.driver_name}} 서비스를 다시 시작하세요",
 	"--kvm-numa-count range is 1-8": "--kvm-numa-count 범위는 1-8 입니다",
 	"--network flag is only valid with the docker/podman, KVM and Qemu drivers, it will be ignored": "--network 는 docker나 podman 에서만 유효합니다. KVM이나 Qemu 드라이버에서는 인자가 무시됩니다",
+	"--network with QEMU must be 'builtin' (aka 'user') or 'socket_vmnet', and for QEMU v7.1+, it can also be 'vmnet-host', 'vmnet-shared' or 'vmnet-bridged'": "",
 	"--network with QEMU must be 'builtin' or 'socket_vmnet'": "QEMU 에서 --network 는 'builtin' 이나 'socket_vmnet' 이어야 합니다",
 	"--static-ip is only implemented on Docker and Podman drivers, flag will be ignored": "--static-ip 는 Docker와 Podman 드라이버에서만 구현되었습니다. 인자는 무시됩니다",
 	"--static-ip overrides --subnet, --subnet will be ignored": "--static-ip 는 --subnet 을 재정의하기 때문에, --subnet 은 무시됩니다",
@@ -796,6 +797,7 @@
 	"The total number of nodes to spin up. Defaults to 1.": "",
 	"The value passed to --format is invalid": "",
 	"The value passed to --format is invalid: {{.error}}": "",
+	"The vmnet network is not yet supported on windows": "",
 	"The {{.addon}} addon is only supported with the KVM driver.\n\nFor GPU setup instructions see: https://minikube.sigs.k8s.io/docs/tutorials/nvidia/": "",
 	"There are a couple ways to enable the required file sharing:\n1. Enable \"Use the WSL 2 based engine\" in Docker Desktop\nor\n2. Enable file sharing in Docker Desktop for the %s%s directory": "",
 	"These --extra-config parameters are invalid: {{.invalid_extra_opts}}": "",

diff --git a/translations/pl.json b/translations/pl.json
@@ -27,7 +27,7 @@
 	"- Restart your {{.driver_name}} service": "",
 	"--kvm-numa-count range is 1-8": "",
 	"--network flag is only valid with the docker/podman, KVM and Qemu drivers, it will be ignored": "",
-	"--network with QEMU must be 'builtin' or 'socket_vmnet'": "",
+	"--network with QEMU must be 'builtin' (aka 'user') or 'socket_vmnet', and for QEMU v7.1+, it can also be 'vmnet-host', 'vmnet-shared' or 'vmnet-bridged'": "",
 	"--static-ip is only implemented on Docker and Podman drivers, flag will be ignored": "",
 	"--static-ip overrides --subnet, --subnet will be ignored": "",
 	"1) Recreate the cluster with Kubernetes {{.new}}, by running:\n\t  \n\t\t  minikube delete{{.profile}}\n\t\t  minikube start{{.profile}} --kubernetes-version={{.prefix}}{{.new}}\n\t  \n\t\t2) Create a second cluster with Kubernetes {{.new}}, by running:\n\t  \n\t\t  minikube start -p {{.suggestedName}} --kubernetes-version={{.prefix}}{{.new}}\n\t  \n\t\t3) Use the existing cluster at version Kubernetes {{.old}}, by running:\n\t  \n\t\t  minikube start{{.profile}} --kubernetes-version={{.prefix}}{{.old}}\n\t\t": "",
@@ -798,6 +798,7 @@
 	"The total number of nodes to spin up. Defaults to 1.": "",
 	"The value passed to --format is invalid": "Wartość przekazana do --format jest nieprawidłowa",
 	"The value passed to --format is invalid: {{.error}}": "Wartość przekazana do --format jest nieprawidłowa: {{.error}}",
+	"The vmnet network is not yet supported on windows": "",
 	"The {{.addon}} addon is only supported with the KVM driver.\n\nFor GPU setup instructions see: https://minikube.sigs.k8s.io/docs/tutorials/nvidia/": "",
 	"The {{.driver_name}} driver should not be used with root privileges.": "{{.driver_name}} nie powinien być używany z przywilejami root'a.",
 	"There are a couple ways to enable the required file sharing:\n1. Enable \"Use the WSL 2 based engine\" in Docker Desktop\nor\n2. Enable file sharing in Docker Desktop for the %s%s directory": "",