mirror of
https://github.com/tailscale/tailscale.git
synced 2024-11-29 04:55:31 +00:00
3af0f526b8
* cmd/containerboot,util/linuxfw: support proxy backends specified by DNS name Adds support for optionally configuring containerboot to proxy traffic to backends configured by passing TS_EXPERIMENTAL_DEST_DNS_NAME env var to containerboot. Containerboot will periodically (every 10 minutes) attempt to resolve the DNS name and ensure that all traffic sent to the node's tailnet IP gets forwarded to the resolved backend IP addresses. Currently: - if the firewall mode is iptables, traffic will be load balanced accross the backend IP addresses using round robin. There are no health checks for whether the IPs are reachable. - if the firewall mode is nftables traffic will only be forwarded to the first IP address in the list. This is to be improved. * cmd/k8s-operator: support ExternalName Services Adds support for exposing endpoints, accessible from within a cluster to the tailnet via DNS names using ExternalName Services. This can be done by annotating the ExternalName Service with tailscale.com/expose: "true" annotation. The operator will deploy a proxy configured to route tailnet traffic to the backend IPs that service.spec.externalName resolves to. The backend IPs must be reachable from the operator's namespace. Updates tailscale/tailscale#10606 Signed-off-by: Irbe Krumina <irbe@tailscale.com> |
||
|---|---|---|
| .. | ||
| bench | ||
| capture | ||
| filter | ||
| magicsock | ||
| netlog | ||
| netstack | ||
| router | ||
| wgcfg | ||
| wgint | ||
| wglog | ||
| winnet | ||
| mem_ios.go | ||
| pendopen.go | ||
| userspace_ext_test.go | ||
| userspace_test.go | ||
| userspace.go | ||
| watchdog_js.go | ||
| watchdog_test.go | ||
| watchdog.go | ||
| wgengine.go | ||