Tailscale on Pod
Hello, all.
I need to set up Tailscale VPN in Pod in order to allow access to our DB. Issues is that
/dev/net/tun is not available, and using SOCKS5 proxy as described in this article https://tailscale.com/kb/1112/userspace-networking is not an option for us.
Are there any recommendations, how I can run Tailscale?
Thank you.Tailscale
Userspace networking mode (for containers)
Find out about userspace networking mode and when it is useful.
7 Replies
I don't think you can setup a VPN on a pod due to security restrictions, but you can use Cloudflared - https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/private-net/cloudflared/
Cloudflare Docs
Connect private networks · Cloudflare Zero Trust docs
A private network has two primary components: the server and the client. The server’s infrastructure (whether that is a single application, multiple …
usually tailscale would need to access to tun device with is not possible in non provilaged containers
and RunPod does not give options to run privileged containers, right?
Nope
understood. thank you
"However, not all Linux systems support /dev/net/tun. For example, some container-based app platforms such as Heroku or Google Cloud Run do not. For those environments, userspace networking mode offers a different way of running, where tailscaled functions as a SOCKS5 or HTTP proxy which other processes in the container can connect through."
but this
@Igor why not use socks or http proxy btw?
@nerdylive hey. Yeah, I'm still waiting for info from user if their application is capable of working through SOCKS5 proxy.