Skip to content

Instantly share code, notes, and snippets.

@yankcrime

yankcrime/lima-macos-shared-networking.md

Last active November 10, 2022 19:37
Show Gist options
  • Save yankcrime/4c1b50b7b8dc85757e2bc0baf75d9a82 to your computer and use it in GitHub Desktop.
Save yankcrime/4c1b50b7b8dc85757e2bc0baf75d9a82 to your computer and use it in GitHub Desktop.
Download ZIP
Lima and shared networking on macOS
Raw
lima-macos-shared-networking.md

Configuring Lima to use shared networking on macOS with socket_vmnet

Install https://github.com/lima-vm/socket_vmnet:

% git clone https://github.com/lima-vm/socket_vmnet.git
% cd socket_vmnet
% sudo make PREFIX=/opt/socket_vmnet install

~/.lima/_config/networks.yaml:

# Paths to vde executables. Because vde_vmnet is invoked via sudo it should be
# installed where only root can modify/replace it. This means also none of the
# parent directories should be writable by the user.
#
# The varRun directory also must not be writable by the user because it will
# include the vde_vmnet pid files. Those will be terminated via sudo, so replacing
# the pid files would allow killing of arbitrary privileged processes. varRun
# however MUST be writable by the daemon user.
#
# None of the paths segments may be symlinks, why it has to be /private/var
# instead of /var etc.
paths:
  socketVMNet: /opt/socket_vmnet/bin/socket_vmnet
  varRun: /private/var/run/lima
  sudoers: /private/etc/sudoers.d/lima

group: everyone

networks:
  shared:
    mode: shared
    gateway: 192.168.105.1
    dhcpEnd: 192.168.105.254
    netmask: 255.255.255.0
  bridged:
    mode: bridged
    interface: en0
    # bridged mode doesn't have a gateway; dhcp is managed by outside network
  host:
    mode: host
    gateway: 192.168.106.1
    dhcpEnd: 192.168.106.254
    netmask: 255.255.255.0

Generate the sudoers entry:

% limactl sudoers | sudo tee /etc/sudoers.d/lima

Note that it's important to do this after you update the networks.yaml configuration file as that changes the output. If you do this the wrong way round and create the sudoers file before changing the network config, limactl will error saying that the sudoers file is out of sync.

Add these two lines to your VM definition somewhere:

networks:
- lima: shared

There's an example test instance with this setting already in place, so you can verify it's working by doing:

% limactl start --name=default template://vmnet

[..]

% limactl shell default ip -br a
lo               UNKNOWN        127.0.0.1/8 ::1/128
eth0             UP             192.168.5.15/24 metric 100 fec0::5055:55ff:fe9f:ad75/64 fe80::5055:55ff:fe9f:ad75/64
lima0            UP             192.168.105.2/24 metric 100 fdb6:d44f:8ad7:7f77:5055:55ff:fe35:4007/64 fe80::5055:55ff:fe35:4007/64

You should be able to ping the IP assigned to the lima0 interface:

% ping -c 1 192.168.105.2
PING 192.168.105.2 (192.168.105.2): 56 data bytes
64 bytes from 192.168.105.2: icmp_seq=0 ttl=64 time=0.439 ms

--- 192.168.105.2 ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.439/0.439/0.439/0.000 ms
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment