Had a lot of great conversations yesterday at the #TailscaleUp conference with some new folks and some I haven't seen in a while. Felt like I was around a bunch of people with the same problem-solving outlook. It reminded me of what I like about tech and the internet. Thanks to @tailscale for putting it all together.
Recent searches
Search options
#tailscaleup
0 posts0 participants0 posts today
Tarun, Tailscale as a networking layer for modern apps
the bar for self-hosting is too high for the general user, and networking has too many problems.
Embed "tsnet" into applications, then "login with Tailscale" as the access control.
Demo: todo application, which embeds the tsnet protocol in the browser, and embedded into an Android app.
Tarun PothulapatiTarun PothulapatiWrites about Infra, Networking and Remote Life.
David Rio DeRios - "Opportunity connectivity and Tailscale"
Universities: lots of teams, hundreds of subnets.
Networking with Tailscale more enjoyable that networking at work. So use a subnet route, split DNS to connect to work.
But: you may need to address corporate exceptions and objections.
Use Tailscale to work around random network misconfigurations. tailscaled
is robust to failures.
Current status: in production for his team.
[ @tailscale #tailscaleup #tailscale ]
jaxxstorm - Pulumi
"Connecti"
The scene: temporary connection to private network to get access for management and maintenance.
Use Pulumi to automate access temporary access to bring up "use a subnet router in AWS" (also GCP, other clouds)
GitHubGitHub - jaxxstorm/connecti: A command line tool to quickly create a connection to cloud infrastructureA command line tool to quickly create a connection to cloud infrastructure - GitHub - jaxxstorm/connecti: A command line tool to quickly create a connection to cloud infrastructure
Lightning talks!
Kevin, JPCU
https://github.com/JPCU/share-mount -
application uses Tailscale API to find hosts tagged with "smb", provides a UI to click to mount drives
GitHubGitHub - JPCU/share-mount: Mount SMB from Tailscale HostsMount SMB from Tailscale Hosts. Contribute to JPCU/share-mount development by creating an account on GitHub.
Lightning talks!
Marino - virtualized6ix
stack: Tailscale, Kubernetes, Cilium, Istio
(followed by poetry)
Next! @emilyposting with "All the buttons"
Emily did https://emily.id.au/tailscale - CVE-2022-41924
International CyberSecurity Challenge (Athens). "Attack/defense" capture the flag challenge.
Replicate the challenge with Tailscale, use a Github group for logins, access controls to partition users into groups.
"anonymous tailnets" needed. (ab)use the "subnet router" feature: map the IPv6 tailnet space as a subnet route. Build a tsnet DNS server tool.
emily.id.auCVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and YouTL;DR Recommendations
Well Tailscale Up has the best conference food and coffee I’ve had in years. And talks!! #Tailscale #TailscaleUp
@amye !
"Your Family Needs Tailscale"
Give your parents ad-free Internet, without having a Pi-hole in their house? But things break in mysterious ways when you block ads.
(Shout outs to NextDNS as a cloud alternative to Pi-Hole.)
Seaver Thorn.
Talk already in progress (apologies) about remote home gaming.
Problem: power consumption for home gaming. Use a Pi + a PC running Proxmox; use the Pi as a control point, have it turn power on + start up a VM. (like a BMC?)
Home Assistant, @homeassistant : turn on PC automatically at start of day, turn off with no activity.
Moritz Frenzel - DENOG, Stuttgart-IX.
Build OOB (Out of band) network for resilience.
Old: Layer 3 POP-to-POP going through Cisco 2511 as console server, but: 100W power draw, and redundant OpenVPN not ok.
New hardware: opengear ACM7004-5-L, 8 port console.
New network: whereversim.de, one SIM for 2G-3G-4G+ to pick best carrier. Data pooling to reduce cost.
New VPN: OpenVPN (no), Wireguard (better), Tailscale! Netbox, console.
RFC 6498 conflicts.
Justin Garrison on "Build your own game streaming service"
Product request: multicast!
Favorite game: "fio" - "figure it out".
Steam Deck: Arch Linux ploy to take over the world.
Old games: EmulatorJS.
New games: Steam Remote Play. (crashes sometimes)
New: NVIDIA GameStream (NVIDIA killed it, but Moonlight + Sunshine open source)
"Games on Whales", containerized. run on GPUs in the cloud.
Xe Iaso @cadey talking about embedding #tsnet in your systems.
Success stories:
XeDN - CDN based on Tailscale + fly.io. Caching proxy to Backblaze B2.
@robocadey - bot rendering Stable Diffusion prompts on fly.io + GPU in homelab. "linear algebra or something"
Grafana as part of your tailnet.
tclip: Pastebin clone, self-hosted on tailnet, share selectively via funnel.
golink: URL shortener, runs on fly.io.
libtailscale: wrap Tailscale as C library
new feature: invite users to your tailnet, any user in any domain. (going to do this.)
end of talk!
RAPTUROUS APPLAUSE
next up, tailscale login.
Use Google, Microsoft, Github, Apple, Okta, Onelogin, custom #OIDC
new: passkeys, tied to device or keychain, based on #WebAuthN in browser
use "second factor" as primary factor.
demo ensues. "Sign in with passkey". Demo 1 fails. Demo 2 succeeds. Demo 3 uses hardware security key, works the first time.
"If you have enough demos, one of them has to work."
Replace passwords!
Launching today: VS Code Tailscale extension. Start a server on your Tailnet (or using a Tailscale Funnel for public access) from within Virtual Studio Code. (Demo ensues, successful on 2d try.)
Jeremy and Maya launching Tailscale Up with intros. My badge just says "Ed W8EMV".
First speaker is David Crawshaw, CTO + co-founder.
Let's see who else (if anyone) is using the hashtag.
"trusted human-scale networks"
Hey @tailscale community! I'm gonna be at the #TailscaleUp Ask an Engineer booth! Give me cursed questions!