TailScale sidecar POC
Setup using kind because its so easy:
- Install TailScale
- Create the cluster with
kind create cluster
- Install sealed-secrets/kubeseal on the cluster with
kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.15.0/controller.yaml
. (kubeseal
must also be installed on your local machine to create the secret in a later step, do so withbrew install kubeseal
). - Get a reusable token from your Tailscale Admin Console and save it to tailscalekey.unsealed (needs to be that name for the deployment)
- Create a sealed secret called
tailscalekey
withkubectl apply -f <(kubectl create secret generic tailscalekey --dry-run=client --from-file=tailscalekey.unsealed -o yaml | kubeseal -o yaml)
- Deploy!
kubectl apply -f deployments/tailscale-deployment.yaml
What you should have at this point is a deployment with one pod having 2 containers, one being the hashicorp/http-echo container set to respond on port 5678
- Go back to your Tailscale Admin Console machines list and find the new machine that the tailscale container registered using your key from the sealed secret.
curl http://👆<IP>:5678
Dockerfile and entrypoint script for the tailscale image are included for anyone to modify.