tailscale/cmd
Irbe Krumina 19b31ac9a6
cmd/{k8s-operator,k8s-nameserver},k8s-operator: update nameserver config with records for ingress/egress proxies (#11019)
cmd/k8s-operator: optionally update dnsrecords Configmap with DNS records for proxies.

This commit adds functionality to automatically populate
DNS records for the in-cluster ts.net nameserver
to allow cluster workloads to resolve MagicDNS names
associated with operator's proxies.

The records are created as follows:
* For tailscale Ingress proxies there will be
a record mapping the MagicDNS name of the Ingress
device and each proxy Pod's IP address.
* For cluster egress proxies, configured via
tailscale.com/tailnet-fqdn annotation, there will be
a record for each proxy Pod, mapping
the MagicDNS name of the exposed
tailnet workload to the proxy Pod's IP.

No records will be created for any other proxy types.
Records will only be created if users have configured
the operator to deploy an in-cluster ts.net nameserver
by applying tailscale.com/v1alpha1.DNSConfig.

It is user's responsibility to add the ts.net nameserver
as a stub nameserver for ts.net DNS names.
https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#configuration-of-stub-domain-and-upstream-nameserver-using-coredns
https://cloud.google.com/kubernetes-engine/docs/how-to/kube-dns#upstream_nameservers

See also https://github.com/tailscale/tailscale/pull/11017

Updates tailscale/tailscale#10499

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
2024-05-02 17:29:46 +01:00
..
addlicense all: update tools that manage copyright headers 2023-01-27 15:36:29 -08:00
build-webclient client/web: precompress assets 2023-12-07 20:57:31 -05:00
cloner all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
connector-gen cmd/connector-gen: add helper tool for wide app connector configurations 2023-12-15 09:29:42 -08:00
containerboot cmd/containerboot,kube,ipn/store/kubestore: allow interactive login on kube, check Secret create perms, allow empty state Secret (#11326) 2024-04-29 17:03:48 +01:00
derper net/{interfaces,netmon}, all: merge net/interfaces package into net/netmon 2024-04-28 07:34:52 -07:00
derpprobe cmd/{derper,derpprobe}: add --version flag 2024-04-02 12:48:07 -07:00
dist release/dist/qnap: add qnap target builder 2024-04-22 17:43:28 -04:00
get-authkey util/cmpx: delete now that we're using Go 1.22 2024-02-07 18:10:15 -08:00
gitops-pusher cmd/gitops-pusher: only use OAuth creds if non-empty string 2024-02-09 10:55:59 -05:00
hello cmd/hello: link to the Hello KB article (#11022) 2024-02-02 15:48:31 -08:00
k8s-nameserver cmd/{k8s-operator,k8s-nameserver},k8s-operator: update nameserver config with records for ingress/egress proxies (#11019) 2024-05-02 17:29:46 +01:00
k8s-operator cmd/{k8s-operator,k8s-nameserver},k8s-operator: update nameserver config with records for ingress/egress proxies (#11019) 2024-05-02 17:29:46 +01:00
mkmanifest cmd/mkmanifest, cmd/tailscale, cmd/tailscaled: remove Windows arm32 resources from OSS 2023-03-01 15:45:12 -07:00
mkpkg go.mod: upgrade nfpm to v2 (#8786) 2023-08-03 13:00:45 -07:00
mkversion version/mkversion: open-source version generation logic 2023-02-18 05:21:05 +00:00
nardump all: update copyright and license headers 2023-01-27 15:36:29 -08:00
netlogfmt all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
nginx-auth tailcfg,all: add and use Node.IsTagged() 2023-03-13 08:44:25 -07:00
pgproxy various: add golangci-lint, fix issues (#7905) 2023-04-17 18:38:24 -04:00
printdep cmd/printdep: print correct toolchain URL 2023-02-11 17:57:36 +00:00
proxy-to-grafana all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
sniproxy all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
speedtest all: update copyright and license headers 2023-01-27 15:36:29 -08:00
ssh-auth-none-demo all: replace deprecated ioutil references 2023-08-23 23:53:19 +01:00
stunc all: update copyright and license headers 2023-01-27 15:36:29 -08:00
stund build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#11410) 2024-04-17 10:24:31 -06:00
sync-containers all: adjust some build tags for plan9 2023-08-24 15:42:35 -07:00
tailscale cmd/tailscale/cli: set localClient.UseSocketOnly during flag parsing 2024-05-01 17:01:03 +01:00
tailscaled clientupdate: exec systemctl instead of using dbus to restart (#11923) 2024-04-29 13:16:40 -06:00
testcontrol all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
testwrapper cmd/testwrapper: apply results of all unit tests to coverage for all packages 2024-02-21 13:08:17 -06:00
tsconnect health, all: remove health.Global, finish plumbing health.Tracker 2024-04-26 12:03:11 -07:00
tsidp cmd/tsidp: add start of OIDC Tailscale IdP 2023-11-15 14:27:39 -08:00
tsshd all: update copyright and license headers 2023-01-27 15:36:29 -08:00
viewer all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00