TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-12 05:37:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/k8s-operator,k8s-operator: allow the operator to deploy exit nodes via Connector custom resource (#10724)

Browse Source 
cmd/k8s-operator/deploy/crds,k8s-operator/apis/v1alpha1: allow to define an exit node via Connector CR.

Make it possible to define an exit node to be deployed to a Kubernetes cluster
via Connector Custom resource.

Also changes to Connector API so that one Connector corresponds
to one Tailnet node that can be either a subnet router or an exit
node or both.

The Kubernetes operator parses Connector custom resource and,
if .spec.isExitNode is set, configures that Tailscale node deployed
for that connector as an exit node.

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
Co-authored-by: Anton Tolchanov <anton@tailscale.com>
This commit is contained in:
Irbe Krumina
2024-01-09 14:13:22 +00:00
committed by GitHub
parent 953fa80c6f
commit 05093ea7d9
10 changed files with 1064 additions and 804 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
cmd/k8s-operator/deploy/examples/connector.yaml Normal file
View File

@@ -0,0 +1,19 @@
# Before applying ensure that the operator owns tag:prod.
# https://tailscale.com/kb/1236/kubernetes-operator/#setting-up-the-kubernetes-operator.
# To set up autoapproval set tag:prod as approver for 10.40.0.0/14 route and exit node.
# Otherwise approve it manually in Machines panel once the
# ts-prod Tailscale node has been created.
# See https://tailscale.com/kb/1018/acls/#auto-approvers-for-routes-and-exit-nodes
apiVersion: tailscale.com/v1alpha1
kind: Connector
metadata:
name: prod
spec:
tags:
- "tag:prod"
hostname: ts-prod
subnetRouter:
advertiseRoutes:
- "10.40.0.0/14"
- "192.168.0.0/14"
exitNode: true

17
cmd/k8s-operator/deploy/examples/subnetrouter.yaml
View File

@@ -1,17 +0,0 @@
# Before applyong this ensure that the operator is owner of tag:subnet.
# https://tailscale.com/kb/1236/kubernetes-operator/#setting-up-the-kubernetes-operator.
# To set up autoapproval set tag:subnet as approver for 10.40.0.0/14 route
# otherwise you will need to approve it manually in control panel once the
# subnet router has been created.
# https://tailscale.com/kb/1019/subnets/#advertise-subnet-routes
apiVersion: tailscale.com/v1alpha1
kind: Connector
metadata:
name: exposepods
spec:
subnetRouter:
routes:
- "10.40.0.0/14"
tags:
- "tag:subnet"
hostname: pods-subnetrouter