mirrors
/
tailscale
mirror of https://github.com/tailscale/tailscale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
tailscale/ipn
History
Irbe Krumina d86d1e7601
cmd/k8s-operator,cmd/containerboot,ipn,k8s-operator: turn off stateful filter for egress proxies. (#12075) 
Turn off stateful filtering for egress proxies to allow cluster
traffic to be forwarded to tailnet.

Allow configuring stateful filter via tailscaled config file.

Deprecate EXPERIMENTAL_TS_CONFIGFILE_PATH env var and introduce a new
TS_EXPERIMENTAL_VERSIONED_CONFIG env var that can be used to provide
containerboot a directory that should contain one or more
tailscaled config files named cap-<tailscaled-cap-version>.hujson.
Containerboot will pick the one with the newest capability version
that is not newer than its current capability version.

Proxies with this change will not work with older Tailscale
Kubernetes operator versions - users must ensure that
the deployed operator is at the same version or newer (up to
4 version skew) than the proxies.

Updates tailscale/tailscale#12061

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
Co-authored-by: Maisem Ali <maisem@tailscale.com>
 		2024-05-10 16:32:37 +01:00
..
conffile ipn/{conffile,ipnlocal}: start booting tailscaled from a config file w/ auth key 2023-10-17 07:12:49 -07:00
ipnauth go.mod, all: move away from inet.af domain seized by Taliban 2024-02-13 19:21:09 -08:00
ipnlocal ipnlocal, magicsock: add more description to storing last suggested exit (#11998) 2024-05-10 10:30:10 -04:00
ipnserver ipn/ipnserver: close a small race in ipnserver, ~simplify code 2024-05-07 21:27:06 -07:00
ipnstate cmd/tailscale,controlclient,ipnlocal: fix 'up', deflake tests more 2024-05-07 22:34:45 -07:00
localapi ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
policy ipn,tailconfig: clean up unreleased and removed app connector service 2023-11-09 22:36:52 -08:00
store cmd/containerboot,kube,ipn/store/kubestore: allow interactive login on kube, check Secret create perms, allow empty state Secret (#11326) 2024-04-29 17:03:48 +01:00
backend.go ipn: remove unused Options.LegacyMigrationPrefs 2024-04-15 22:13:53 -07:00
conf.go cmd/k8s-operator,cmd/containerboot,ipn,k8s-operator: turn off stateful filter for egress proxies. (#12075) 2024-05-10 16:32:37 +01:00
doc.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
ipn_clone.go various: implement stateful firewalling on Linux (#12025) 2024-05-06 16:22:17 -06:00
ipn_test.go net/packet: split off checksum munging into different pkg 2023-10-11 14:25:58 -07:00
ipn_view.go various: implement stateful firewalling on Linux (#12025) 2024-05-06 16:22:17 -06:00
prefs.go ipn/ipnlocal: set default NoStatefulFiltering in ipn.NewPrefs (#12031) 2024-05-07 11:28:22 -06:00
prefs_test.go ipn/ipnlocal: set default NoStatefulFiltering in ipn.NewPrefs (#12031) 2024-05-07 11:28:22 -06:00
serve.go all: deprecate Node.Capabilities (more), remove PeerChange.Capabilities [capver 89] 2024-03-24 21:08:46 -07:00
serve_test.go {ipn/serve,cmd/tailscale/cli}: move some shared funcs to ipn 2024-03-05 14:30:38 -05:00
store.go ipn: add comment about thread-safety to StateStore 2024-03-06 12:42:18 -06:00
store_test.go ipn: avoid useless no-op WriteState calls 2023-08-07 08:44:24 -07:00