Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PCAP Error #378

Open
tom-pryke opened this issue Sep 27, 2022 · 7 comments
Open

PCAP Error #378

tom-pryke opened this issue Sep 27, 2022 · 7 comments
Labels
bug Something isn't working

Comments

@tom-pryke
Copy link

tom-pryke commented Sep 27, 2022
edited

Hi,

I'm trying to run the e2e docker compose example on an M1 Mac (ARM). I've made no changes to the example.

I'm getting the following error (from the e2e_analysis_1 container):

"error": "failed to start packet capture (eth0: SIOCETHTOOL(ETHTOOL_GET_TS_INFO) ioctl failed: Function not implemented)"}

I think the network interface should be en0 rather than eth0. I was wondering if this was configurable, and whether I'm likely to hit other blockers trying to run on ARM?

Thanks,

Tom
@calebbrown calebbrown added the bug Something isn't working label Sep 28, 2022
@calebbrown
Copy link
Contributor

Thanks for the bug report!

I will try and reproduce this on my M1 MacBook Pro.

@calebbrown
Copy link
Contributor

I ran into this issue while trying to get it to run: docker/for-mac#6297

@calebbrown
Copy link
Contributor

@tom-pryke do you have any more details on how you're running this and the version of Docker/Docker Compose you're using?

I suspect the kernel Docker is using on the M1 Mac in QEMU does not the correct module support.

@tom-pryke
Copy link
Author

tom-pryke commented Sep 28, 2022
edited

@calebbrown I'm using Docker for Mac, version 20.10.12 and docker-compose version 1.29.2. I did also try with docker compose v2 but ran into the same issue. I also have docker desktop 4.4.2.

I'm running the e2e example using:

docker-compose up -d

Update:

Same results when running Docker 20.10.17, compose 2.10.2 and desktop 4.12.0

@calebbrown
Copy link
Contributor

calebbrown commented Sep 30, 2022
edited

Thanks for those details. I've spent some more time researching this, and:

  1. the package-analysis project is built to run on amd64/x86_64 architectures
  2. Docker for M1 Mac (arm64) supports amd64 via emulation (qemu) running a minimal Linux installation
  3. there is no support for netfilter, iptables in Docker for M1 Macs with this minimal Linux install on QEMU.

We could try and add arm64 support, but this will mean results will differ between our production and development environments. In the future we may want to have arm64 based workers, but this would be in addition to amd64.

The other option would be to allow the network isolation to be disabled, but since we are running untrusted workloads this would put your local network at risk of attack.

Unfortunately this means your only good option for running Package Analysis on an M1 Mac is to install UTM (https://mac.getutm.app/) or QEMU (https://www.qemu.org/) and use package-analysis inside an emulated VM.

For reference I have been able to successfully start the docker-compose stack using UTM, with an Arch Linux qcow2 image.

@calebbrown
Copy link
Contributor

I will leave this bug open to track documentation updates to help users on M1 Macs (or any other non-amd64 architectures).

@calebbrown calebbrown mentioned this issue Sep 30, 2022
Open
@tom-pryke
Copy link
Author

Thanks for looking into it. I'll try setting up with an emulated VM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@calebbrown @tom-pryke