Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Release 1.26] Integrate tailscale into k3s #7723

Closed
manuelbuil opened this issue Jun 9, 2023 · 1 comment
Closed

[Release 1.26] Integrate tailscale into k3s #7723

manuelbuil opened this issue Jun 9, 2023 · 1 comment
Assignees
@manuelbuil @ShylajaDevadiga
Milestone
v1.26.6+k3s1

Comments

@manuelbuil
Copy link
Contributor

manuelbuil commented Jun 9, 2023
edited
Loading

Backport: #7353
@manuelbuil manuelbuil added this to the v1.26.6+k3s1 milestone Jun 9, 2023
@manuelbuil manuelbuil self-assigned this Jun 9, 2023
@manuelbuil manuelbuil moved this from New to Working in K3s Development Jun 9, 2023
@manuelbuil manuelbuil mentioned this issue Jun 9, 2023
Merged
@manuelbuil manuelbuil moved this from Working to To Test in K3s Development Jun 12, 2023
@ShylajaDevadiga ShylajaDevadiga self-assigned this Jun 12, 2023
@ShylajaDevadiga
Copy link
Contributor

ShylajaDevadiga commented Jun 13, 2023
edited
Loading

Validated tailscale integration into k3s using commit id 3668584 on release-1.26 branch

Environment Details

Infrastructure
Cloud EC2 instance

Node(s) CPU architecture, OS, and Version:
SLES15 SP3

Config.yaml on first node:

cat /etc/rancher/k3s/config,yaml
write-kubeconfig-mode: 644
token: <TOKEN>
cluster-init: true
vpn-auth: "name=tailscale,joinKey=tskey-auth-<AUTHKEY>"

Config.yaml on other nodes:

cat /etc/rancher/k3s/config,yaml
write-kubeconfig-mode: 644
token: <TOKEN>`
server: https://<tailscale IP on server 1>
vpn-auth: "name=tailscale,joinKey=tskey-auth-<AUTHKEY>"

Steps:

  1. Create tailscale account
  2. Generate auth key from the UI using Settings Tab -> Keys -> Generate auth. Enable Reusable, Set-expiration to 1-2 days or as long as you need the authKey for your nodes, and enable Ephemeral
  3. Add the key generated to the config.
  4. Install tailscale on every node that you would like to join the cluster and access over vpn including agent nodes
  5. Install k3s using the configs above

Validation results

> ip a |grep tailscale
3: tailscale0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN group default qlen 500
    inet <REDACTED>/32 scope global tailscale0

> ip route show table 52
10.42.0.0/24 dev tailscale0 
10.42.1.0/24 dev tailscale0 
10.42.2.0/24 dev tailscale0 
10.42.3.0/24 dev tailscale0 
1.8.7.50 dev tailscale0 
1.8.1.51 dev tailscale0 
1.9.2.101 dev tailscale0 
1.1.1.100 dev tailscale0 
1.1.3.12 dev tailscale0

> kubectl get nodes -o wide
NAME               STATUS   ROLES                       AGE    VERSION                INTERNAL-IP      EXTERNAL-IP   OS-IMAGE                              KERNEL-VERSION         CONTAINER-RUNTIME
ip-<REDACTED>  Ready    <none>                      23m    v1.26.5+k3s-36685840   <REDACTED>     <none>        SUSE Linux Enterprise Server 15 SP3   5.3.18-59.37-default   containerd://1.7.1-k3s1
ip-<REDACTED>   Ready    control-plane,etcd,master   161m   v1.26.5+k3s-36685840   <REDACTED>      <none>        SUSE Linux Enterprise Server 15 SP3   5.3.18-59.37-default   containerd://1.7.1-k3s1
ip-<REDACTED>     Ready    control-plane,etcd,master   139m   v1.26.5+k3s-36685840   <REDACTED>   <none>        SUSE Linux Enterprise Server 15 SP3   5.3.18-59.37-default   containerd://1.7.1-k3s1
ip-<REDACTED>    Ready    control-plane,etcd,master   28m    v1.26.5+k3s-36685840   <REDACTED>   <none>        SUSE Linux Enterprise Server 15 SP3   5.3.18-59.37-default   containerd://1.7.1-k3s1

> kubectl get ep -A
NAMESPACE     NAME             ENDPOINTS                                                 AGE
default       kubernetes       <REDACTED>:6443,<REDACTED>:6443,<REDACTED>:6443   164m
kube-system   kube-dns                                                                   163m
kube-system   metrics-server                                                             163m

@github-project-automation github-project-automation bot moved this from To Test to Done Issue in K3s Development Jun 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@manuelbuil manuelbuil

@ShylajaDevadiga ShylajaDevadiga

Labels
None yet
Projects
K3s Development
Archived in project
Milestone
v1.26.6+k3s1
Development

No branches or pull requests
2 participants
@manuelbuil @ShylajaDevadiga