Skip to content

Commit

Permalink
fix(errors/tun): document k8s fix for tun device restriction (#114)
Browse files Browse the repository at this point in the history
  • Loading branch information
holysoles authored Dec 18, 2024
1 parent bb23197 commit c1642c8
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions errors/tun.md
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,23 @@ This happens on LXC containers.
🙏 thanks to [@user037951](https://github.com/user037951), [source discussion](https://github.com/qdm12/gluetun/discussions/637#discussioncomment-2120340).
🙏 thanks to [@Vendetta1985](https://github.com/Vendetta1985), [source comment](https://github.com/qdm12/gluetun/issues/700#issuecomment-1039595490)
## `cannot Unix Open TUN device file: operation not permitted`
### Kubernetes
This can occur due to [a change in containerd](https://github.com/opencontainers/runc/pull/3468) that restricts access to the tun device from un-priviledged containers.
To resolve, ensure the container is marked as privileged:
```yaml
containers:
- image: ghcr.io/qdm12/gluetun:<version>
securityContext:
privileged: true
```

There is some additional context and discussion on [this issue](https://github.com/tailscale/tailscale/issues/10814) on the tailscale project.

## `creating TUN device file node: file exists`

Either:
Expand Down

0 comments on commit c1642c8

Please sign in to comment.