You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/cmd
Irbe Krumina 19b31ac9a6
cmd/{k8s-operator,k8s-nameserver},k8s-operator: update nameserver config with records for ingress/egress proxies (#11019)
cmd/k8s-operator: optionally update dnsrecords Configmap with DNS records for proxies.

This commit adds functionality to automatically populate
DNS records for the in-cluster ts.net nameserver
to allow cluster workloads to resolve MagicDNS names
associated with operator's proxies.

The records are created as follows:
* For tailscale Ingress proxies there will be
a record mapping the MagicDNS name of the Ingress
device and each proxy Pod's IP address.
* For cluster egress proxies, configured via
tailscale.com/tailnet-fqdn annotation, there will be
a record for each proxy Pod, mapping
the MagicDNS name of the exposed
tailnet workload to the proxy Pod's IP.

No records will be created for any other proxy types.
Records will only be created if users have configured
the operator to deploy an in-cluster ts.net nameserver
by applying tailscale.com/v1alpha1.DNSConfig.

It is user's responsibility to add the ts.net nameserver
as a stub nameserver for ts.net DNS names.
https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#configuration-of-stub-domain-and-upstream-nameserver-using-coredns
https://cloud.google.com/kubernetes-engine/docs/how-to/kube-dns#upstream_nameservers

See also https://github.com/tailscale/tailscale/pull/11017

Updates tailscale/tailscale#10499

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
7 months ago
..
addlicense all: update tools that manage copyright headers 2 years ago
build-webclient client/web: precompress assets 12 months ago
cloner all: use Go 1.22 range-over-int 7 months ago
connector-gen cmd/connector-gen: add helper tool for wide app connector configurations 12 months ago
containerboot cmd/containerboot,kube,ipn/store/kubestore: allow interactive login on kube, check Secret create perms, allow empty state Secret (#11326) 7 months ago
derper net/{interfaces,netmon}, all: merge net/interfaces package into net/netmon 7 months ago
derpprobe cmd/{derper,derpprobe}: add --version flag 8 months ago
dist release/dist/qnap: add qnap target builder 7 months ago
get-authkey util/cmpx: delete now that we're using Go 1.22 10 months ago
gitops-pusher cmd/gitops-pusher: only use OAuth creds if non-empty string 10 months ago
hello cmd/hello: link to the Hello KB article (#11022) 10 months ago
k8s-nameserver cmd/{k8s-operator,k8s-nameserver},k8s-operator: update nameserver config with records for ingress/egress proxies (#11019) 7 months ago
k8s-operator cmd/{k8s-operator,k8s-nameserver},k8s-operator: update nameserver config with records for ingress/egress proxies (#11019) 7 months ago
mkmanifest cmd/mkmanifest, cmd/tailscale, cmd/tailscaled: remove Windows arm32 resources from OSS 2 years ago
mkpkg go.mod: upgrade nfpm to v2 (#8786) 1 year ago
mkversion version/mkversion: open-source version generation logic 2 years ago
nardump all: update copyright and license headers 2 years ago
netlogfmt all: use Go 1.22 range-over-int 7 months ago
nginx-auth tailcfg,all: add and use Node.IsTagged() 2 years ago
pgproxy various: add golangci-lint, fix issues (#7905) 2 years ago
printdep cmd/printdep: print correct toolchain URL 2 years ago
proxy-to-grafana all: use Go 1.22 range-over-int 7 months ago
sniproxy all: use Go 1.22 range-over-int 7 months ago
speedtest all: update copyright and license headers 2 years ago
ssh-auth-none-demo all: replace deprecated ioutil references 1 year ago
stunc all: update copyright and license headers 2 years ago
stund build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#11410) 7 months ago
sync-containers all: adjust some build tags for plan9 1 year ago
tailscale cmd/tailscale/cli: set localClient.UseSocketOnly during flag parsing 7 months ago
tailscaled clientupdate: exec systemctl instead of using dbus to restart (#11923) 7 months ago
testcontrol all: use Go 1.22 range-over-int 7 months ago
testwrapper cmd/testwrapper: apply results of all unit tests to coverage for all packages 9 months ago
tsconnect health, all: remove health.Global, finish plumbing health.Tracker 7 months ago
tsidp cmd/tsidp: add start of OIDC Tailscale IdP 1 year ago
tsshd all: update copyright and license headers 2 years ago
viewer all: use Go 1.22 range-over-int 7 months ago