Can't intercept a service running on a Kind cluster on Mac laptop

[gsantoro]

Describe the bug
I cannot intercept a service running in a Kind cluster on a Mac laptop M1.

To Reproduce
Steps to reproduce the behavior:

1. When I run 'telepresence intercept my-nginx --port 3000`
2. I see the following errors

2022-12-07 15:57:36.2936 info    Traffic Agent Init v1.13.5
2022-12-07 15:57:36.3353 error   failed to clear chain TEL_INBOUND_TCP: running [/sbin/iptables -t nat -N TEL_INBOUND_TCP --wait]: exit status 3: iptables v1.8.7 (legacy): can't initialize iptables table `nat': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

error: failed to clear chain TEL_INBOUND_TCP: running [/sbin/iptables -t nat -N TEL_INBOUND_TCP --wait]: exit status 3: iptables v1.8.7 (legacy): can't initialize iptables table `nat': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Stream closed EOF for default/my-nginx-6c4489594c-pws84 (tel-agent-init)

Expected behavior
Interceptors should work

Versions (please complete the following information):

• Output of telepresence version

❯ telepresence version
Enhanced Client: v2.9.4
Root Daemon    : v2.9.4
User Daemon    : v2.9.4
Traffic Manager: v2.9.4

• Operating system of workstation running telepresence commands. MacOs v12.6.1, Apple M1 Max chipset

➜ docker version
Client:
 Cloud integration: v1.0.29
 Version:           20.10.21
 API version:       1.41
 Go version:        go1.18.7
 Git commit:        baeda1f
 Built:             Tue Oct 25 18:01:18 2022
 OS/Arch:           darwin/arm64
 Context:           default
 Experimental:      true

Server: Docker Desktop 4.14.1 (91661)
 Engine:
  Version:          20.10.21
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.18.7
  Git commit:       3056208
  Built:            Tue Oct 25 17:59:41 2022
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.6.9
  GitCommit:        1c90a442489720eec95342e1789ee8a5e1b9536f
 runc:
  Version:          1.1.4
  GitCommit:        v1.1.4-0-g5fd4c4d
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

• Kubernetes environment and version

➜ kubectl version
Client Version: version.Info{Major:"1", Minor:"25", GitVersion:"v1.25.4", GitCommit:"872a965c6c6526caa949f0c6ac028ef7aff3fb78", GitTreeState:"clean", BuildDate:"2022-11-09T13:28:30Z", GoVersion:"go1.19.3", Compiler:"gc", Platform:"darwin/arm64"}
Kustomize Version: v4.5.7
Server Version: version.Info{Major:"1", Minor:"25", GitVersion:"v1.25.3", GitCommit:"434bfd82814af038ad94d62ebe59b133fcb50506", GitTreeState:"clean", BuildDate:"2022-11-02T03:24:50Z", GoVersion:"go1.19.2", Compiler:"gc", Platform:"linux/arm64"}

[ericfuxealth]

I also can't get intercept to work on M1 Chip Macbook:

• minikube
• Rancher Desktop (k3s)

$ telepresence version
Enhanced Client: v2.9.5
Root Daemon    : v2.9.5
User Daemon    : v2.9.5
Traffic Manager: v2.9.5

Mac OS version 12.4 (Chip: Apple M1 Pro)

Error message

$ telepresence intercept mainapp --namespace xealth --port 9000
telepresence intercept: error: Back-off restarting failed container
The logs of Pod mainapp-6cfdcd564-hcjk2 might provide more details

[cindymullins-dw]

@gsantoro , @ericfuxealth , you might try using symbolic ports rather than numeric. If that helps could you please let us know?

[AlmogBaku]

it also doesn't work for us with a named port.

see my comment here
#2596 (comment)

[gsantoro]

I tested with a named port as well. No luck

[thallgren]

The Telepresence images in release 2.11.1 are multi-arch and will run natively on M1. I think that will resolve this issue.

[thallgren]

I'm closing this as a duplicate of #2596