docs: allowlist host.docker.internal hostname on Minikube start

[johnnyhuy]

Encountered an issue running kubectl commands on the dev container.

$ kubectl get po -A

Unable to connect to the server: x509: certificate is valid for minikubeCA, control-plane.minikube.internal, kubernetes.default.svc.cluster.local, kubernetes.default.svc, kubernetes.default, kubernetes, localhost, not host.docker.internal

Looks like Minikube doesn't allow host.docker.internal by default on their "default" (auto-detect) driver.

Feel free to re-word it if needed 🙂

Fix

Start Minikube on the host machine and add host.docker.internal to the generated certificate used on the Kube API server.

minikube start --apiserver-names=host.docker.internal

Alternatively, we can disable TLS on the Kube config with insecure-skip-tls-verify: true, however that feels like a larger security risk.

My system

• M1 Mac MacOS 12.1
• Minikube v1.25.2 on Darwin 12.1 (arm64)
• Docker v20.10.12, build e91ed57
• VSCode v1.65.2

[bamurtaugh]

Thanks for your contribution @johnnyhuy! Would you be able to update the language in the code change and PR title/description to allowlist?

[bamurtaugh]

Thanks again for opening this PR!

As a heads up, our team has been actively focused on an updated plan for community contributions and this repo moving forward, which we've now outlined in this issue: https://github.com/microsoft/vscode-dev-containers/issues/1589. This includes moving to a couple new repos for images (https://github.com/devcontainers/images) and Features (https://github.com/devcontainers/features).

We anticipate to have a similar repo and distribution process for templates/definitions. We'll keep everyone updated (likely via another issue in this repo or comment on https://github.com/microsoft/vscode-dev-containers/issues/1589) when our new templates repo is available and the process is defined.

Please let me know if you have any questions, thank you!