You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
I was stuck debugging a connectivity issue on my newly-created cluster for multiple days.
It turns out the Tailscale ACL I written was insufficient.
It looked like #8372 for a long while.
Describe the solution you'd like
An example Tailscale ACL in the k3s documentation.
Describe alternatives you've considered
Taking a networking course
Banging my head on the table (didn't help)
Asking my friends for moral support
Example ACL
I attached an excerpt from my ACL which might help my fellow Tailscale+k3s enthusiasts.
Some information to know before reading:
My cluster's nodes get auto-assigned the "skynet" tag.
PodCIDR is 10.142.0.0/16 and ServiceCIDR is 10.143.0.0/16
What was missing for me was to approve connections from the above subnets. I think I could skip the ServiceCIDR but I don't want to run into this issue again!
"grafana:80" is just a service running on another machine connected to the network. I don't want skynet to escape...
The text was updated successfully, but these errors were encountered:
clouedoc
changed the title
Improve documentation for Tailscale + K3S with an example ACL
Improve documentation for Tailscale + k3s with an example ACL
May 8, 2024
clouedoc
changed the title
Improve documentation for Tailscale + k3s with an example ACL
Improve documentation for Tailscale + D3s with an example ACL
May 8, 2024
clouedoc
changed the title
Improve documentation for Tailscale + D3s with an example ACL
Improve documentation for Tailscale + K3s with an example ACL
May 8, 2024
cc @manuelbuil - I know we'd intentionally avoided getting too fancy with the example tailscale config in the docs. Not sure if this is something we want to entertain or not.
Is your feature request related to a problem? Please describe.
I was stuck debugging a connectivity issue on my newly-created cluster for multiple days.
It turns out the Tailscale ACL I written was insufficient.
It looked like #8372 for a long while.
Describe the solution you'd like
An example Tailscale ACL in the k3s documentation.
Describe alternatives you've considered
Example ACL
I attached an excerpt from my ACL which might help my fellow Tailscale+k3s enthusiasts.
Some information to know before reading:
The text was updated successfully, but these errors were encountered: