From c263b20e321879706e934f15490ea60087af5cb0 Mon Sep 17 00:00:00 2001
From: Nino Kodabande <nkodabande@suse.com>
Date: Thu, 5 Sep 2024 17:22:47 -0700
Subject: [PATCH 1/4] Remove networkingTunnel from settings

Signed-off-by: Nino Kodabande <nkodabande@suse.com>
---
 e2e/backend.e2e.spec.ts                               |  2 --
 e2e/pages/preferences/virtualMachine.ts               |  2 --
 pkg/rancher-desktop/backend/kube/wsl.ts               |  4 ++--
 pkg/rancher-desktop/backend/wsl.ts                    | 10 ++--------
 pkg/rancher-desktop/config/__tests__/settings.spec.ts |  8 ++------
 pkg/rancher-desktop/config/settings.ts                |  4 +---
 pkg/rancher-desktop/config/settingsImpl.ts            |  1 +
 .../commandServer/__tests__/settingsValidator.spec.ts |  1 -
 .../main/commandServer/settingsValidator.ts           | 11 ++---------
 9 files changed, 10 insertions(+), 33 deletions(-)

diff --git a/e2e/backend.e2e.spec.ts b/e2e/backend.e2e.spec.ts
index c29efaa0882..3fc8b232aad 100644
--- a/e2e/backend.e2e.spec.ts
+++ b/e2e/backend.e2e.spec.ts
@@ -155,8 +155,6 @@ test.describe.serial('KubernetesBackend', () => {
         expectedDefinition['application.adminAccess'] = false;
         expectedDefinition['virtualMachine.numberCPUs'] = false;
         expectedDefinition['virtualMachine.memoryInGB'] = false;
-      } else if (process.platform === 'win32') {
-        expectedDefinition['experimental.virtualMachine.networkingTunnel'] = false;
       }
 
       const expected: Record<string, {current: any, desired: any, severity: 'reset' | 'restart'}> = {};
diff --git a/e2e/pages/preferences/virtualMachine.ts b/e2e/pages/preferences/virtualMachine.ts
index f1641ef4e33..ba49692c034 100644
--- a/e2e/pages/preferences/virtualMachine.ts
+++ b/e2e/pages/preferences/virtualMachine.ts
@@ -13,7 +13,6 @@ export class VirtualMachineNav {
   readonly msizeInKib: Locator;
   readonly protocolVersion: Locator;
   readonly securityModel: Locator;
-  readonly networkingTunnel: Locator;
   readonly vmType: Locator;
   readonly qemu: Locator;
   readonly vz: Locator;
@@ -35,7 +34,6 @@ export class VirtualMachineNav {
     this.msizeInKib = page.locator('[data-test="msizeInKib"]');
     this.protocolVersion = page.locator('[data-test="protocolVersion"]');
     this.securityModel = page.locator('[data-test="securityModel"]');
-    this.networkingTunnel = page.locator('[data-test="networkingTunnel"]');
     this.vmType = page.locator('[data-test="vmType"]');
     this.qemu = page.locator('[data-test="QEMU"]');
     this.vz = page.locator('[data-test="VZ"]');
diff --git a/pkg/rancher-desktop/backend/kube/wsl.ts b/pkg/rancher-desktop/backend/kube/wsl.ts
index 5815debdec7..6e72097d0a1 100644
--- a/pkg/rancher-desktop/backend/kube/wsl.ts
+++ b/pkg/rancher-desktop/backend/kube/wsl.ts
@@ -227,10 +227,10 @@ export default class WSLKubernetesBackend extends events.EventEmitter implements
           }
           await util.promisify(timers.setTimeout)(1_000);
         }
-        const rdNetworking = `--rd-networking=${ config?.experimental.virtualMachine.networkingTunnel }`;
 
+        // TODO: remove once --rd-networking removed from k3s_kubeconfig.go
         await this.k3sHelper.updateKubeconfig(
-          async() => await this.vm.execCommand({ capture: true }, await this.vm.getWSLHelperPath(), 'k3s', 'kubeconfig', rdNetworking));
+          async() => await this.vm.execCommand({ capture: true }, await this.vm.getWSLHelperPath(), 'k3s', 'kubeconfig', '--rd-networking=true'));
       });
 
     const client = this.client = kubeClient?.() || new KubeClient();
diff --git a/pkg/rancher-desktop/backend/wsl.ts b/pkg/rancher-desktop/backend/wsl.ts
index 1f19a94f60e..531879cf87c 100644
--- a/pkg/rancher-desktop/backend/wsl.ts
+++ b/pkg/rancher-desktop/backend/wsl.ts
@@ -1294,13 +1294,7 @@ export default class WSLBackend extends events.EventEmitter implements VMBackend
                 }),
                 this.progressTracker.action('Configuring image proxy', 50, async() => {
                   const allowedImagesConf = '/usr/local/openresty/nginx/conf/allowed-images.conf';
-                  let resolver;
-
-                  if (this.cfg?.experimental.virtualMachine.networkingTunnel) {
-                    resolver = `resolver ${ rdNetworkingDNS } ipv6=off;\n`;
-                  } else {
-                    resolver = `resolver ${ await this.ipAddress } ipv6=off;\n`;
-                  }
+                  const resolver = `resolver ${ rdNetworkingDNS } ipv6=off;\n`;
 
                   await this.writeFile(`/usr/local/openresty/nginx/conf/nginx.conf`, NGINX_CONF, 0o644);
                   await this.writeFile(`/usr/local/openresty/nginx/conf/resolver.conf`, resolver, 0o644);
@@ -1650,7 +1644,7 @@ export default class WSLBackend extends events.EventEmitter implements VMBackend
     }
 
     return Promise.resolve(this.kubeBackend.requiresRestartReasons(
-      this.cfg, cfg, { 'experimental.virtualMachine.networkingTunnel': { current: this.cfg.experimental.virtualMachine.networkingTunnel } }));
+      this.cfg, cfg));
   }
 
   /**
diff --git a/pkg/rancher-desktop/config/__tests__/settings.spec.ts b/pkg/rancher-desktop/config/__tests__/settings.spec.ts
index 64ac3c4734e..a2243f17fb5 100644
--- a/pkg/rancher-desktop/config/__tests__/settings.spec.ts
+++ b/pkg/rancher-desktop/config/__tests__/settings.spec.ts
@@ -354,7 +354,6 @@ describe('settings', () => {
               },
               experimental: {
                 virtualMachine: {
-                  networkingTunnel: true,
                 },
               },
               kubernetes: {
@@ -472,8 +471,7 @@ describe('settings', () => {
         version:      settings.CURRENT_SETTINGS_VERSION,
         experimental: {
           virtualMachine: {
-            networkingTunnel: true,
-            proxy:            {
+            proxy: {
               noproxy: ['1.2.3.4', '11.12.13.14', '21.22.23.24'],
             },
           },
@@ -506,8 +504,7 @@ describe('settings', () => {
         version:      settings.CURRENT_SETTINGS_VERSION,
         experimental: {
           virtualMachine: {
-            networkingTunnel: true,
-            proxy:            {
+            proxy: {
               noproxy: ['1.2.3.4', '11.12.13.14', '21.22.23.24'],
             },
           },
@@ -587,7 +584,6 @@ describe('settings', () => {
         },
         experimental: {
           virtualMachine: {
-            networkingTunnel: true,
           },
         },
         kubernetes:     {},
diff --git a/pkg/rancher-desktop/config/settings.ts b/pkg/rancher-desktop/config/settings.ts
index 87a2b0098ee..2a1ac8b522e 100644
--- a/pkg/rancher-desktop/config/settings.ts
+++ b/pkg/rancher-desktop/config/settings.ts
@@ -132,9 +132,7 @@ export const defaultSettings = {
           cacheMode:       CacheMode.MMAP,
         },
       },
-      /* windows only: legacy setting, always ignored */
-      networkingTunnel: true,
-      proxy:            {
+      proxy: {
         enabled:  false,
         address:  '',
         password: '',
diff --git a/pkg/rancher-desktop/config/settingsImpl.ts b/pkg/rancher-desktop/config/settingsImpl.ts
index e08d4c2a005..06a6d15203e 100644
--- a/pkg/rancher-desktop/config/settingsImpl.ts
+++ b/pkg/rancher-desktop/config/settingsImpl.ts
@@ -487,6 +487,7 @@ export const updateTable: Record<number, (settings: any, locked : boolean) => vo
   },
   13: (settings) => {
     _.unset(settings, 'virtualMachine.hostResolver');
+    _.unset(settings, 'experimental.virtualMachine.networkingTunnel');
   },
 };
 
diff --git a/pkg/rancher-desktop/main/commandServer/__tests__/settingsValidator.spec.ts b/pkg/rancher-desktop/main/commandServer/__tests__/settingsValidator.spec.ts
index 655da2f7a05..0271d4acc68 100644
--- a/pkg/rancher-desktop/main/commandServer/__tests__/settingsValidator.spec.ts
+++ b/pkg/rancher-desktop/main/commandServer/__tests__/settingsValidator.spec.ts
@@ -78,7 +78,6 @@ describe(SettingsValidator, () => {
       ['experimental', 'virtualMachine', 'mount', '9p', 'protocolVersion'],
       ['experimental', 'virtualMachine', 'mount', '9p', 'securityModel'],
       ['experimental', 'virtualMachine', 'mount', 'type'],
-      ['experimental', 'virtualMachine', 'networkingTunnel'], // Cannot be set
       ['experimental', 'virtualMachine', 'type'],
       ['experimental', 'virtualMachine', 'useRosetta'],
       ['experimental', 'virtualMachine', 'proxy', 'noproxy'],
diff --git a/pkg/rancher-desktop/main/commandServer/settingsValidator.ts b/pkg/rancher-desktop/main/commandServer/settingsValidator.ts
index 71ec2ee08a0..27a7604a8b3 100644
--- a/pkg/rancher-desktop/main/commandServer/settingsValidator.ts
+++ b/pkg/rancher-desktop/main/commandServer/settingsValidator.ts
@@ -122,15 +122,8 @@ export default class SettingsValidator {
               cacheMode:       this.checkLima(this.check9P(this.checkEnum(...Object.values(CacheMode)))),
             },
           },
-          // networkingTunnel only applies to Win32, but deployment profiles on macOS/Linux may still include
-          // the setting. Since we changed the default value, this would now throw a validation error.
-          // see https://github.com/rancher-sandbox/rancher-desktop/issues/6953
-          // The setting will be removed once the legacy Windows networking mode is disabled, so until
-          // then we will allow changing the setting on all platforms to avoid the profile error.
-          // Changing the setting will have no effect on macOS/Linux anyways.1
-          networkingTunnel: this.checkUnchanged,
-          useRosetta:       this.checkPlatform('darwin', this.checkRosetta),
-          type:             this.checkPlatform('darwin', this.checkMulti(
+          useRosetta: this.checkPlatform('darwin', this.checkRosetta),
+          type:       this.checkPlatform('darwin', this.checkMulti(
             this.checkEnum(...Object.values(VMType)),
             this.checkVMType),
           ),

From f39719faf0f445dcd4e103612746d34c7be33c49 Mon Sep 17 00:00:00 2001
From: Nino Kodabande <nkodabande@suse.com>
Date: Thu, 5 Sep 2024 17:57:31 -0700
Subject: [PATCH 2/4] Remove networkingTunnel from rdctl

Signed-off-by: Nino Kodabande <nkodabande@suse.com>
---
 src/go/rdctl/pkg/plist/plist_test.go | 3 ---
 src/go/rdctl/pkg/reg/reg_test.go     | 3 +--
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/go/rdctl/pkg/plist/plist_test.go b/src/go/rdctl/pkg/plist/plist_test.go
index c745fe5854c..01447865170 100644
--- a/src/go/rdctl/pkg/plist/plist_test.go
+++ b/src/go/rdctl/pkg/plist/plist_test.go
@@ -149,7 +149,6 @@ func TestJsonToPlistFormat(t *testing.T) {
           "cacheMode": "mmap"
         }
       },
-      "networkingTunnel": false,
       "proxy": {
         "enabled": false,
         "address": "",
@@ -277,8 +276,6 @@ func TestJsonToPlistFormat(t *testing.T) {
             <string>mmap</string>
           </dict>
         </dict>
-        <key>networkingTunnel</key>
-        <false/>
         <key>type</key>
         <string>qemu</string>
         <key>useRosetta</key>
diff --git a/src/go/rdctl/pkg/reg/reg_test.go b/src/go/rdctl/pkg/reg/reg_test.go
index 05fb696b83f..1f5e6be24bf 100644
--- a/src/go/rdctl/pkg/reg/reg_test.go
+++ b/src/go/rdctl/pkg/reg/reg_test.go
@@ -284,7 +284,6 @@ func TestJsonToRegFormat(t *testing.T) {
           "cacheMode": "mmap"
         }
       },
-      "networkingTunnel": false,
       "proxy": {
         "enabled": false,
         "address": "",
@@ -298,6 +297,6 @@ func TestJsonToRegFormat(t *testing.T) {
 `
 		lines, err := JsonToReg("hkcu", "defaults", jsonBody)
 		assert.NoError(t, err)
-		assert.Equal(t, 76, len(lines))
+		assert.Equal(t, 75, len(lines))
 	})
 }

From 97971817c756b820e7491e78d63956dd596c74da Mon Sep 17 00:00:00 2001
From: Nino Kodabande <nkodabande@suse.com>
Date: Thu, 5 Sep 2024 18:10:47 -0700
Subject: [PATCH 3/4] Remove networking tunnel from rdctl

Signed-off-by: Nino Kodabande <nkodabande@suse.com>
---
 pkg/rancher-desktop/backend/kube/wsl.ts |  3 +-
 src/go/wsl-helper/cmd/k3s_kubeconfig.go | 81 ++-----------------------
 2 files changed, 6 insertions(+), 78 deletions(-)

diff --git a/pkg/rancher-desktop/backend/kube/wsl.ts b/pkg/rancher-desktop/backend/kube/wsl.ts
index 6e72097d0a1..28f94a4950a 100644
--- a/pkg/rancher-desktop/backend/kube/wsl.ts
+++ b/pkg/rancher-desktop/backend/kube/wsl.ts
@@ -228,9 +228,8 @@ export default class WSLKubernetesBackend extends events.EventEmitter implements
           await util.promisify(timers.setTimeout)(1_000);
         }
 
-        // TODO: remove once --rd-networking removed from k3s_kubeconfig.go
         await this.k3sHelper.updateKubeconfig(
-          async() => await this.vm.execCommand({ capture: true }, await this.vm.getWSLHelperPath(), 'k3s', 'kubeconfig', '--rd-networking=true'));
+          async() => await this.vm.execCommand({ capture: true }, await this.vm.getWSLHelperPath(), 'k3s', 'kubeconfig'));
       });
 
     const client = this.client = kubeClient?.() || new KubeClient();
diff --git a/src/go/wsl-helper/cmd/k3s_kubeconfig.go b/src/go/wsl-helper/cmd/k3s_kubeconfig.go
index 76d5c73d4ff..d3d3e3f4cb9 100644
--- a/src/go/wsl-helper/cmd/k3s_kubeconfig.go
+++ b/src/go/wsl-helper/cmd/k3s_kubeconfig.go
@@ -20,10 +20,7 @@ package cmd
 
 import (
 	"fmt"
-	"net"
-	"net/url"
 	"os"
-	"strings"
 	"time"
 
 	"github.com/sirupsen/logrus"
@@ -55,10 +52,7 @@ type kubeConfig struct {
 
 const kubeConfigExistTimeout = 10 * time.Second
 
-var (
-	k3sKubeconfigViper = viper.New()
-	rdNetworking       bool
-)
+var k3sKubeconfigViper = viper.New()
 
 // k3sKubeconfigCmd represents the `k3s kubeconfig` command.
 var k3sKubeconfigCmd = &cobra.Command{
@@ -99,80 +93,15 @@ var k3sKubeconfigCmd = &cobra.Command{
 			return err
 		}
 
-		if rdNetworking {
-			// vm-switch in rdNetworking binds to localhost:Port by default.
-			// Since k3s.yaml comes with servers preset at 127.0.0.1, there
-			// is nothing for us to do here, just write the config and return.
-			return yaml.NewEncoder(os.Stdout).Encode(config)
-		}
-		ip, err := getClusterIP()
-		if err != nil {
-			return err
-		}
-		// Fix up any clusters at 127.0.0.1, using the IP address we found.
-		for clusterIdx, cluster := range config.Clusters {
-			server, err := url.Parse(cluster.Cluster.Server)
-			if err != nil {
-				// Ignore any clusters with invalid servers
-				continue
-			}
-			if server.Hostname() != "127.0.0.1" {
-				continue
-			}
-			if server.Port() != "" {
-				server.Host = net.JoinHostPort(ip.String(), server.Port())
-			} else {
-				server.Host = ip.String()
-			}
-			config.Clusters[clusterIdx].Cluster.Server = server.String()
-		}
-		// Emit the result
-		err = yaml.NewEncoder(os.Stdout).Encode(config)
-		if err != nil {
-			return err
-		}
-
-		return nil
+		// vm-switch in rdNetworking binds to localhost:Port by default.
+		// Since k3s.yaml comes with servers preset at 127.0.0.1, there
+		// is nothing for us to do here, just write the config and return.
+		return yaml.NewEncoder(os.Stdout).Encode(config)
 	},
 }
 
-func getClusterIP() (net.IP, error) {
-	var ip net.IP
-	// Find the IP address of eth0.
-	iface, err := net.InterfaceByName("eth0")
-	if err != nil {
-		// Use a random interface, assuming we're testing on Windows.
-		ifaces, err := net.Interfaces()
-		if err != nil {
-			return nil, err
-		}
-		iface = &ifaces[0]
-		fmt.Fprintf(os.Stderr, "Could not find eth0, using fallback interface %s\n", iface.Name)
-	}
-	addrs, err := iface.Addrs()
-	if err != nil {
-		return nil, err
-	}
-	for _, addr := range addrs {
-		// addr.String() gives "192.2.3.4/16", so we need to chop off the netmask
-		ip = net.ParseIP(strings.SplitN(addr.String(), "/", 2)[0])
-		if ip == nil {
-			continue
-		}
-		ip = ip.To4()
-		if ip != nil {
-			break
-		}
-	}
-	if ip == nil {
-		return nil, fmt.Errorf("could not find IPv4 address on interface %s", iface.Name)
-	}
-	return ip, nil
-}
-
 func init() {
 	k3sKubeconfigCmd.Flags().String("k3sconfig", "/etc/rancher/k3s/k3s.yaml", "Path to k3s kubeconfig")
-	k3sKubeconfigCmd.Flags().BoolVar(&rdNetworking, "rd-networking", false, "Enable the experimental Rancher Desktop Networking")
 	k3sKubeconfigViper.AutomaticEnv()
 	if err := k3sKubeconfigViper.BindPFlags(k3sKubeconfigCmd.Flags()); err != nil {
 		logrus.WithError(err).Fatal("Failed to set up flags")

From 5234e43e3fee4045e71f22e5161c465016ef116e Mon Sep 17 00:00:00 2001
From: Nino Kodabande <nkodabande@suse.com>
Date: Thu, 5 Sep 2024 18:29:57 -0700
Subject: [PATCH 4/4] Remove networkingTunnel option from command API

Signed-off-by: Nino Kodabande <nkodabande@suse.com>
---
 pkg/rancher-desktop/assets/specs/command-api.yaml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/pkg/rancher-desktop/assets/specs/command-api.yaml b/pkg/rancher-desktop/assets/specs/command-api.yaml
index 569af5a0733..09266716943 100644
--- a/pkg/rancher-desktop/assets/specs/command-api.yaml
+++ b/pkg/rancher-desktop/assets/specs/command-api.yaml
@@ -688,11 +688,6 @@ components:
                         cacheMode:
                           type: string
                           enum: [none, loose, fscache, mmap]
-                networkingTunnel:
-                  type: boolean
-                  x-rd-platforms: [win32]
-                  x-rd-usage: tunnel networking so it originates from the host
-                  x-rd-hidden: true # Only available by editing settings file directly.
                 type:
                   type: string
                   enum: [qemu, vz]