Anka Virtualization 3.3.0

We are very excited to announce Anka Virtualization 3.3.0. In this version, you’re going to find several important features that all of our users will benefit from. Here is a summary:

1. Combined ARM and Intel PKG Installers
2. VM Networking IP Filtering
3. Automated log in for autologin disabled VM
4. Support for FileVault (ARM)
5. Anka click scripts inside VM (ARM)

Combined ARM and Intel PKG Installers

Customers will now find a single PKG installer for both Intel and ARM. Existing download URLs will remain the same, however, you will no longer be able to rely on the -intel and -arm suffixes on the PKG file.

VM Networking IP Filtering

Starting in Anka 3.3, users can use a VM/Template specific network traffic filtering which mimicks the behavior of ipf.conf.

This is only available for shared networking.

Filter rules are checked in descending order, with the first matching rule determining the treatment of the packet. For example, the following rules will block any traffic and ignore all other rules:

block any
pass out from all

Examples of rules you can set on a VM:

block out to 1.1.1.1 from any
block out to 1.1.1.1 port 53
block in to port 22
block out from port 68 to port 67
block in from any port 67 to any port 68
block any from port 67 to port 68
block any
block local

You can apply rules in several ways:

1. Globally for all VMs that run on the host by setting the path to the rules file: anka config net_filter /Users/myUser/vm-filter-rules. This will be ignored if the VM Template has filter rules applied already.

2. With a dynamic file from the host, set in the specific VM template, which is then applied at VM start time. This allows you to create rules specific to a VM + Host.

   ❯ cd ~; cat << EOF > ./rules
   pass in from 10.20.30.40
   pass out to 10.20.30.40
   block any
   EOF
   
   ❯ anka modify 13.3.1 network --filter rules
   
   ❯ anka show 13.3.1 network -f                                                                            
   pass in from 10.20.30.40
   pass out to 10.20.30.40
   block any
   
   ❯ cat ~/Library/Application\ Support/Veertu/Anka/vm_lib/c12ccfa5-8757-411e-9505-128190e9854e/config.yaml | grep net
   network_cards:
     controller: virtio-net
     net_filter: /Users/nathanpierce/rules
   

3. Embedding the rules inside of the VM’s config, but not require a file on the host. This is useful to avoid having to ensure the rules file exists on each host.

   ❯ cd ~; cat << EOF > ./rules
   block in from any port 22
   block local
   EOF
   
   ❯ anka modify 13.3.1 network -f- < rules
   
   ❯ anka show 13.3.1 network -f           
   block in from any port 22
   block local
   
   ❯ cat ~/Library/Application\ Support/Veertu/Anka/vm_lib/c12ccfa5-8757-411e-9505-128190e9854e/net_filter 
   block in from any port 22
   block local%
   

4. You can also apply a single rule using echo "block any" | anka modify 13.3.1 network -f-.

Applying new rules will remove all previously set.

You can disable the rules with anka modify 13.3.1 network --filter off.

Automated log in for autologin disabled VMs

Users requiring that VMs do not have autologin enabled can now set anka modify {VM_NAME_HERE} set custom-variable login_passwd {PASSWORD_HERE} with the appropriate password for the VM and allow Anka, post-boot, to run an anka click script that logs the user in. You can also specify anka start --login-passwd "${VM_PASSWD}" "${VM_NAME}".

Support for FileVault (ARM)

ARM users can now enable FileVault inside of their VMs. However, keep in mind that Apple disables autologin while FileVault is enabled. This will break existing flows until users update their sudo anka config default_passwd so that our anka click script can perform the log in, post-boot.

> anka start --help
usage: start [options] vmid

   Start or resume a VM

arguments:
  vmid                     VM to start

options:
  -f,--force               Start VM with minimum checks
  --login-passwd <val>     Provide the user password (not needed if auto-login enabled - default)
  -q,--quiet               Minimize output
  -v,--view                Open VM in an Anka window
  -u,--update-addons       Start in (auto)update mode

Anka click scripts inside VM (ARM)

Addons upgrade required.

ARM users will be able to use /Library/Application\ Support/Veertu/Anka/bin/click inside of their VMs to run click scripts. This is a major improvement for automation. An example is using the Prefer Discrete GPU in iOS simulator click script to improve iOS simulator performance.

• ←Previous
Next→