Light

mvisonneau / docker-tailscale Goto Github PK

View Code? Open in Web Editor NEW

85.0 4.0 39.0 60 KB

Run a Tailscale agent/relay in a container

License: Apache License 2.0

Dockerfile 26.68% Shell 73.32%

docker-tailscale's Introduction

docker-tailscale

Run Tailscale (agent/relay) in a container

Usage

Docker

docker run -d \
  -e TAILSCALE_AUTH_KEY=<your_auth_key> \
  -v /dev/net/tun:/dev/net/tun \
  --network host \
  --privileged \
  mvisonneau/tailscale

Kubernetes

# Add the helm repository to your local client
~$ helm repo add mvisonneau https://charts.visonneau.fr

# Install the relay
~$ helm install \
  tailscale-relay \
  mvisonneau/tailscale-relay \
  --set config.authKey=<your_auth_key>

More information on how to use the chart here.

Credits

inspired by @hamishforbes gist

docker-tailscale's People

Contributors

Stargazers

Watchers

docker-tailscale's Issues

headscale

Hello, thank you for the helm chart. how can I make this work with a headscale server please?

Too many empty arguments and relay not showing up in machine list

Hello,

I deployed your helm chart and the pod shows healthy. However the pod doesn't show up in my machine list for me to authorized the subnets. Here is the log output of the pod. I just don't know what I am missing. Any help would be greatly appreciated.

2022/08/21 14:48:20 logtail started
2022/08/21 14:48:20 Program starting: v1.26.0-te635c1a0b-g63b494195, Go 1.18.3-ts04d67b90d8: []string{"tailscaled", "-port", "0", "-socket", "/var/run/tailscale/tailscaled.sock", "-state", "kube:tailscale-relay-state", "-tun", "tailscale0", "-verbose", "0"}
2022/08/21 14:48:20 LogID: da629be8dcf7078f203b19998cc0814b7242d8e861ec26363de897457cd3096a
2022/08/21 14:48:20 logpolicy: using system state directory "/var/lib/tailscale"
logpolicy.Read /var/lib/tailscale/tailscaled.log.conf: open /var/lib/tailscale/tailscaled.log.conf: no such file or directory
2022/08/21 14:48:20 wgengine.NewUserspaceEngine(tun "tailscale0") ...
2022/08/21 14:48:20 router: disabling tunneled IPv6 due to system IPv6 config: exec: "ip6tables": executable file not found in $PATH
2022/08/21 14:48:20 dns: [rc=unknown ret=direct]
2022/08/21 14:48:20 dns: using *dns.directManager
2022/08/21 14:48:20 link state: interfaces.State{defaultRoute=eth0 ifs={eth0:[10.244.180.4/32]} v4=true v6=false}
2022/08/21 14:48:20 magicsock: disco key = d:7c7d4bb6abbebf93
2022/08/21 14:48:20 Creating WireGuard device...
2022/08/21 14:48:20 Bringing WireGuard device up...
2022/08/21 14:48:20 external route: up
2022/08/21 14:48:20 Bringing router up...
2022/08/21 14:48:20 Clearing router settings...
2022/08/21 14:48:20 Starting link monitor...
2022/08/21 14:48:20 Engine created.
2022/08/21 14:48:20 Start
too many non-flag arguments: ["10.244.0.0/16" "--advertise-tags=" "--auth-key=tskey-khWRam2CNTRL-PNXMrMsLZqgHPx3yVQckL" "--exit-node-allow-lan-access=false" "--exit-node=" "--force-reauth=false" "--host-routes=true" "--hostname=tailscale-tailscale-relay-0" "--login-server=https://login.tailscale.com" "--netfilter-mode=on" "--qr=false" "--shields-up=false" "--snat-subnet-routes=true"]
2022/08/21 14:48:50 logtail: dial "log.tailscale.io:443" failed: dial tcp: lookup log.tailscale.io: i/o timeout (in 30s), trying bootstrap...
2022/08/21 14:49:00 trying bootstrapDNS("derp6.tailscale.com", "68.183.90.120") for "log.tailscale.io" ...
2022/08/21 14:49:00 bootstrapDNS("derp6.tailscale.com", "68.183.90.120") for "log.tailscale.io" = [2600:1f18:429f:9305:4043:217b:512c:f8d4 34.229.201.48]
2022/08/21 14:49:00 logtail: bootstrap dial succeeded

Here is the deployment file

apiVersion: v1
kind: Pod
metadata:
  name: tailscale-tailscale-relay-0
  generateName: tailscale-tailscale-relay-
  namespace: vpn
  uid: ed843e3a-d052-4aee-a078-c73e609b2a5f
  resourceVersion: '100252'
  creationTimestamp: '2022-08-21T14:48:19Z'
  labels:
    app.kubernetes.io/component: tailscale
    app.kubernetes.io/instance: tailscale
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: tailscale-relay-0.1.7
    app.kubernetes.io/part-of: tailscale-relay
    app.kubernetes.io/version: v1.26.0
    controller-revision-hash: tailscale-tailscale-relay-6f8484f445
    helm.sh/chart: tailscale-relay-0.1.7
    statefulset.kubernetes.io/pod-name: tailscale-tailscale-relay-0
  annotations:
    checksum/configMap: b8c6e785726623fc609701151343fda3f8d28b2eae454629f3412311066790f7
    checksum/secret: b707c81695f84e79a379b8ca3ca9fc0d2c3a6c48dfc0fdc381a963594c9bc778
    cni.projectcalico.org/containerID: 0d78a55f2fc88aadc73030a183a896efcde9361e51d49e21c7157f40ebf37383
    cni.projectcalico.org/podIP: 10.244.180.4/32
    cni.projectcalico.org/podIPs: 10.244.180.4/32
  ownerReferences:
    - apiVersion: apps/v1
      kind: StatefulSet
      name: tailscale-tailscale-relay
      uid: 694538e2-57b5-4183-b152-db90252d5769
      controller: true
      blockOwnerDeletion: true
  hostIP: 173.x.x.209
  podIP: 10.244.180.4
  podIPs:
    - ip: 10.244.180.4
  startTime: '2022-08-21T14:48:19Z'
  containerStatuses:
    - name: tailscale-relay
      state:
        running:
          startedAt: '2022-08-21T14:48:20Z'
      lastState: {}
      ready: true
      restartCount: 0
      image: docker.io/mvisonneau/tailscale:v1.26.0
      imageID: >-
        docker.io/mvisonneau/tailscale@sha256:2077ff32314e6efff42d81d1f62276a29b2e3f690ee0c57c21a7527a917d0761
      containerID: >-
        containerd://5e48116d02d4552c48dfa5572a379b2b4bee18e107db81497ba397aca3a80b48
      started: true
  qosClass: BestEffort
spec:
  volumes:
    - name: lib-modules
      hostPath:
        path: /lib/modules
        type: ''
    - name: kube-api-access-qhrsj
      projected:
        sources:
          - serviceAccountToken:
              expirationSeconds: 3607
              path: token
          - configMap:
              name: kube-root-ca.crt
              items:
                - key: ca.crt
                  path: ca.crt
          - downwardAPI:
              items:
                - path: namespace
                  fieldRef:
                    apiVersion: v1
                    fieldPath: metadata.namespace
        defaultMode: 420
  containers:
    - name: tailscale-relay
      image: docker.io/mvisonneau/tailscale:v1.26.0
      ports:
        - name: exporter
          containerPort: 8080
          protocol: TCP
      envFrom:
        - configMapRef:
            name: tailscale-tailscale-relay-config
        - secretRef:
            name: tailscale-tailscale-relay-config
      env:
        - name: TAILSCALED_STATE
          value: kube:tailscale-relay-state
      resources: {}
      volumeMounts:
        - name: lib-modules
          mountPath: /lib/modules
        - name: kube-api-access-qhrsj
          readOnly: true
          mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      terminationMessagePath: /dev/termination-log
      terminationMessagePolicy: File
      imagePullPolicy: IfNotPresent
      securityContext:
        capabilities:
          add:
            - NET_ADMIN
  restartPolicy: Always
  terminationGracePeriodSeconds: 30
  dnsPolicy: ClusterFirst
  serviceAccountName: tailscale-relay
  serviceAccount: tailscale-relay
  nodeName: master2
  securityContext: {}
  hostname: tailscale-tailscale-relay-0
  subdomain: tailscale-relay
  schedulerName: default-scheduler
  tolerations:
    - key: node.kubernetes.io/not-ready
      operator: Exists
      effect: NoExecute
      tolerationSeconds: 300
    - key: node.kubernetes.io/unreachable
      operator: Exists
      effect: NoExecute
      tolerationSeconds: 300
  priority: 0
  enableServiceLinks: true
  preemptionPolicy: PreemptLowerPriority

Question: Enable IP Forwading

I'm getting this warning when I start this container. I tried following the command from here but I don't have permissions. Is anyone else experiencing this?

Warning: net.ipv4.ip_forward is disabled.
Subnet routes won't work without IP forwarding.
See https://tailscale.com/kb/1104/enable-ip-forwarding/

Thanks

upgrade tailscale 1.14

New version is out :)

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.