Rendered at 21:38:38 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
mintflow 18 hours ago [-]
Finally a tailscale rust port is coming, i think it's will make build app with builtin tailscale connectivity more easily compared to libtailscale
rirze 3 hours ago [-]
I'm completely new to this space, but how are applications using tailscale as a library?
Are they creating their own mesh networks for internal or user use?
aseipp 1 hours ago [-]
Imagine something like writing a server with an /metrics HTTP endpoint that Prometheus can then scrape -- but you bind it on separate port only inside a tailnet, with an ephemeral tailnet key and name it "metrics-service-blahblah".
Now you can simply write a script that uses the tailscale API to find all "metrics-service-*" nodes in your tailnet, and then adds their IP/DNS to your prometheus scraping list. Run it every 60 seconds. Done, now you can just deploy your app anywhere on any cloud and it will get scraped and that route will never be exposed to the outer internet.
This will basically just let you attach bespoke applications and not just "computers" to your network. I suspect I will get a lot of use from it.
tracker1 2 hours ago [-]
Just speculating, but that it's an option to open/listen to a port, but that port is on a Tailscale network. So the app is largely unaware of the encryption over the top. Similarly, you could do similar for a client app. Where the Tailscale connectivity options are inside the app, instead of a proxy to the app that lives outside the apps.
Likely more transparent than explicit/implicit TLS.
Are they creating their own mesh networks for internal or user use?
Now you can simply write a script that uses the tailscale API to find all "metrics-service-*" nodes in your tailnet, and then adds their IP/DNS to your prometheus scraping list. Run it every 60 seconds. Done, now you can just deploy your app anywhere on any cloud and it will get scraped and that route will never be exposed to the outer internet.
This will basically just let you attach bespoke applications and not just "computers" to your network. I suspect I will get a lot of use from it.
Likely more transparent than explicit/implicit TLS.