Minikube weird behavior under VPN

minikube hyperkit vpn
use minikube with vpn
minikube proxy
minikube host-only-cidr
minikube restart
vm is unable to access k8s.gcr.io, you may need to configure a proxy or set --image-repository
minikube behind proxy
usr/local/bin/minikube cannot execute binary file

I was just curious if there are known workarounds for the Minikube Vpn issue apart from clean wipe of the minikube from the machine and reinstallation. Minikube works just fine when it is connected to either office network or home network but goes dead when connected to a vpn. When I do a kubectl get pods gives an i/o timeout. I did read couple of git issues in their Issues section but none of the solutions seemed comprehensive.

Using Mac OS Minikube V0.25.Any suggestion is truly appreciated!

There are some issues reported around VPN for minikube.

In particular, issue 2344 shows the exact error message:

$kubectl version
Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.0", GitCommit:"925c127ec6b946659ad0fd596fa959be43f0cc05", GitTreeState:"clean", BuildDate:"2017-12-15T21:07:38Z", GoVersion:"go1.9.2", Compiler:"gc", Platform:"linux/amd64"}
Unable to connect to the server: Gateway Time-out

Not sure any good solution to correct routing but there is remedy for this to disable TLS verification.

From issue 2325:

On a side node, on Windows 10 1709 update, Hyper-V comes with a build in "Default Switch". If use it in minikube start, then everything works in minikube. All Host VPN (I have 2, Cisco Anyconnect and ArraySSL VPN) works inside minikube.

Some networking settings are suggested in "vpn or proxy for easier local development (issue 38)".

Issue 1413 suggests:

In order to remedy VPN issues, it is helpful to specify the hostonly nic used by minikube. This way other VMs on that NIC will have no issues talking to each other even when Cisco wrecks the local network. Docker Machine tdocker-machine create) exposes this property:

--virtualbox-hostonly-nictype "82540EM"   

This is not yet available with minikube though.

As a workaround, specifying IP addresses in the same CIDR as minikube will set put the VM on the same host only network. For example, applying an ip address 192.168.99.XX will use the same host only network that minikube uses with its IP address 192.168.99.10X.

Proxies and VPNs, How to use minikube with a VPN or HTTP/HTTPS Proxy access resources within the VM. minikube uses two IP ranges, which should not go through the proxy:. Minikube weird behavior under VPN. I was just curious if there are known workarounds for the Minikube Vpn issue apart from clean wipe of the minikube from the machine and reinstallation. Minikube works just fine when it is connected to either office network or home network but goes dead when connected to a vpn.

I suggest not using VPN with Minikube. The work-arounds do not work for me always or when I upgrade my VPN software or reboot my laptop.

I observed that VPN drops ingress traffic on unknown interface (with unknown IP address, port and DNS name) from Minikube into the laptop for security reasons.

Can't use Minikube on VPN · Issue #1099 · kubernetes/minikube , Weird. I believe this is an issue with this Cisco VPN Client and has nothing to Here are the logs I see when I start minikube in debug mode. Open Cisco AnyConnect Secure Mobility Client (VPN client for work) and minikube no longer works. minikube start hangs, kubectl commands cannot reach the host. What you expected to happen: Minikube should work while connected to a VPN. How to reproduce it (as minimally and precisely as possible): Create minikube off of VPN; Connect to VPN; Try to use minikube

I had this problem when the Cisco VPN was connected to our business network. I was able to stop the VPN, then start the minikube and could run kubectl version with the VPN stopped. I then started the VPN with minikube running and reissued the kubectl version command and it worked without timeout. I have not tested beyond this however.

minikube version: v0.28.2
kubectl version
Client Version: version.Info{Major:"1", Minor:"11", 
GitVersion:"v1.11.2", 
GitCommit:"bb9ffb1654d4a729bb4cec18ff088eacc153c239", 
GitTreeState:"clean", BuildDate:"2018-08-08T16:31:10Z", 
GoVersion:"go1.10.3", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"10",     
GitVersion:"v1.10.0", 
GitCommit:"fc32d2f3698e36b93322a3465f63a14e9f0eaead", 
GitTreeState:"clean", BuildDate:"2018-03-26T16:44:10Z", 
GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}

I had also upgraded VirtualBox to Version 5.2.18 r124319 (Qt5.6.3) prior to performing the reinstallation of minikube with the VPN off. However, this may not have had any affect as I was on newer versions of VirtualBox than others had recommending to upgrade to.

kubernetes/minikube, Anyone know of a simple VPN in Go that works cross platform? #etcd behavior changed #sudo route -n add -net $(minikube ssh -- sudo  Since minikube is meant to run in a local environment, on a single VM, I like the approach suggested by @yuvipanda (static local route) much better than the VPN idea for the following reasons: you can reach services on their actual IP (10.0.0.x) and port no extra network. no port forwarding. no extra users to create.

A reason for unexplained connection timeouts on Kubernetes/Docker, While migrating we noticed an increase of connection timeouts in The response time of those slow requests was strange. Dropping packets on a low loaded server sounds rather like an exception than a normal behavior. Basically minikube dashboard command does not open the app on IE, or it opens a blank URLbit weird. The guys bypassed that by going to chrome.

datawire/telepresence, accessing services in minikube must be supported out of the box in the telepresence.log I can see that it is trying to resolve a strange DNS name I have a feeling this has to do with EC2's internal DNS server's behavior, which involves interestingly, telepresence --method=vpn-tcp works fine from this ec2 instance. @vvsh The issue is that minikube is attempting to use the DockerNat Virtual Switch which will not be properly configured for minikube (it is used by Docker For Windows). You need to create another virtual switch with internet access and specify minikube to use that via the --hyperv-virtual-switch flag.

Building Card-Highlighting-Animation as in the App-Store, In the AppStore (iOS 11) on the left "today"-tab, there are several card views. 757 | Minikube weird behavior under VPN; 8743 | How to load data using XHR in​  I have been checking if I see the issue anywhere else and I found that minikube is having the same issue. My guess is that there is a bug in one of the libraries that both Docker and Minikube are using or the issue might even be in the Go standard library. Hope this helps.