cmd/{k8s-operator,k8s-proxy}: allow setting login server url (#16504)

This commit modifies the k8s proxy application configuration to include a new field named `ServerURL` which, when set, modifies the tailscale coordination server used by the proxy. This works in the same way as the operator and the proxies it deploys. If unset, the default coordination server is used. Updates https://github.com/tailscale/tailscale/issues/13358 Signed-off-by: David Bond <davidsbond93@gmail.com>
2025-07-16 10:38:39 +00:00 · 2025-07-10 14:33:30 +01:00 · 2025-07-10 14:33:30 +01:00 · 2b665c370c
commit 2b665c370c
parent cf0460b9da
3 changed files with 11 additions and 0 deletions
--- a/cmd/k8s-operator/proxygroup.go
+++ b/cmd/k8s-operator/proxygroup.go
@ -815,6 +815,11 @@ func (r *ProxyGroupReconciler) ensureConfigSecretsCreated(ctx context.Context, p
 					},
 				},
 			}
+
+			if r.loginServer != "" {
+				cfg.ServerURL = &r.loginServer
+			}
+
 			cfgB, err := json.Marshal(cfg)
 			if err != nil {
 				return nil, fmt.Errorf("error marshalling k8s-proxy config: %w", err)
--- a/cmd/k8s-proxy/k8s-proxy.go
+++ b/cmd/k8s-proxy/k8s-proxy.go
@ -91,6 +91,11 @@ func run(logger *zap.SugaredLogger) error {
 		Store:    st,
 		AuthKey:  authKey,
 	}
+
+	if cfg.Parsed.ServerURL != nil {
+		ts.ControlURL = *cfg.Parsed.ServerURL
+	}
+
 	if cfg.Parsed.Hostname != nil {
 		ts.Hostname = *cfg.Parsed.Hostname
 	}
--- a/kube/k8s-proxy/conf/conf.go
+++ b/kube/k8s-proxy/conf/conf.go
@ -53,6 +53,7 @@ type ConfigV1Alpha1 struct {
 	LogLevel      *string        `json:",omitempty"` // "debug", "info". Defaults to "info".
 	App           *string        `json:",omitempty"` // e.g. kubetypes.AppProxyGroupKubeAPIServer
 	KubeAPIServer *KubeAPIServer `json:",omitempty"` // Config specific to the API Server proxy.
+	ServerURL     *string        `json:",omitempty"` // URL of the Tailscale coordination server.
 }

 type KubeAPIServer struct {