I’d like to be able to move services to different machines without having to update references everywhere. I’m imagining a virtual tailscale-machine that redirects connections to a particular service on a real machine. Then you can move the service (by some other means) then update the machine referent in the ts config and everything should continue working. (I’m trying to avoid a name collision with the typical sense of “virtual machine”, which is making some of the phrasing awkward.)
I think this would be particularly useful for running services in containers, but this could apply any time you want to run multiple services on one computer.
You could do this by running another instance of tailscale for every service, but it seems wasteful and insecure to do that instead of installing one instance of tailscale on the real machine and mapping its services to named “virtual” machines.