tailscale/cmd/k8s-operator
Irbe Krumina 44aa809cb0
cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (#11919)
* cmd/k8s-nameserver,k8s-operator: add a nameserver that can resolve ts.net DNS names in cluster.

Adds a simple nameserver that can respond to A record queries for ts.net DNS names.
It can respond to queries from in-memory records, populated from a ConfigMap
mounted at /config. It dynamically updates its records as the ConfigMap
contents changes.
It will respond with NXDOMAIN to queries for any other record types
(AAAA to be implemented in the future).
It can respond to queries over UDP or TCP. It runs a miekg/dns
DNS server with a single registered handler for ts.net domain names.
Queries for other domain names will be refused.

The intended use of this is:
1) to allow non-tailnet cluster workloads to talk to HTTPS tailnet
services exposed via Tailscale operator egress over HTTPS
2) to allow non-tailnet cluster workloads to talk to workloads in
the same cluster that have been exposed to tailnet over their
MagicDNS names but on their cluster IPs.

DNSConfig CRD can be used to configure
the operator to deploy kube nameserver (./cmd/k8s-nameserver) to cluster.

Updates tailscale/tailscale#10499

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
2024-04-30 20:18:23 +01:00
..
deploy cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (#11919) 2024-04-30 20:18:23 +01:00
generate cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (#11919) 2024-04-30 20:18:23 +01:00
connector_test.go cmd/k8s-operator,ipn/conf.go: fix --accept-routes for proxies (#11453) 2024-03-19 14:54:17 +00:00
connector.go cmd/k8s-operator,k8s-operator: proxy configuration mechanism via a new ProxyClass custom resource (#11074) 2024-02-13 05:27:54 +00:00
ingress_test.go cmd/k8s-operator,ipn/conf.go: fix --accept-routes for proxies (#11453) 2024-03-19 14:54:17 +00:00
ingress.go cmd/k8s-operator,k8s-operator: proxy configuration mechanism via a new ProxyClass custom resource (#11074) 2024-02-13 05:27:54 +00:00
nameserver_test.go cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (#11919) 2024-04-30 20:18:23 +01:00
nameserver.go cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (#11919) 2024-04-30 20:18:23 +01:00
operator_test.go cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (#11919) 2024-04-30 20:18:23 +01:00
operator.go cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (#11919) 2024-04-30 20:18:23 +01:00
proxy_test.go all: make use of ctxkey everywhere (#10846) 2024-01-16 13:56:23 -08:00
proxy.go all: make use of ctxkey everywhere (#10846) 2024-01-16 13:56:23 -08:00
proxyclass_test.go cmd/k8s-operator,k8s-operator: allow users to configure proxy env vars via ProxyClass (#11743) 2024-04-15 17:24:59 +01:00
proxyclass.go cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (#11919) 2024-04-30 20:18:23 +01:00
sts_test.go cmd/k8s-operator,k8s-operator: optionally serve tailscaled metrics on Pod IP (#11699) 2024-04-26 08:25:06 +01:00
sts.go cmd/k8s-operator,k8s-operator: optionally serve tailscaled metrics on Pod IP (#11699) 2024-04-26 08:25:06 +01:00
svc.go cmd{containerboot,k8s-operator},util/linuxfw: support ExternalName Services (#11802) 2024-04-23 17:30:00 +01:00
testutils_test.go cmd/k8s-operator/deploy/manifests: check if IPv6 module is loaded before using it (#11867) 2024-04-29 21:12:23 +01:00