A blog post on using Tailscale from docker containers by Richard North: https://rnorth.org/tailscale-docker/
So Iām using Richards approach here, but building my own version of the Docker container from the v1.1.0 tag and it doesnāt seem to work. It fails with a whole lot of ātimeout waiting for pongā messages in the logs as well as lots of:
2020/10/20 23:19:04 7.9M/22.5M Failed to write packet to TUN device: packet dropped by filter
2020/10/20 23:19:04 7.9M/22.5M [RATE LIMITED] Failed to write packet to TUN device: packet dropped by filter
This worked fine on a v0.99.1 Docker image version.
Hi Spudly and welcom to tailscale forum!
Can you post your Tailscale version #, OS, and your docker-compose.yml ļ¬le?
thanks!
Hi Spudly,
Please donāt build directly from the v1.1.0 tag - that version is
extremely unstable (the entire v1.1 series is the unstable track, and
1.1.0 is the most unstable of all). If youāre building v1.1, itās
better to use the main branch instead.
Hi all,
Seems like the appropriate thread to build on top of with further questions on how exactly one might implement tailscale in a docker container for use in a VM.
In my case, Iām building a container image to run a dedicated server for a component of Unreal Engine, dockerized from this documentation. Everything builds fine, except that docker wonāt build the layer that includes starting the tailscale daemon tailscaled.
Iāve followed this Github Issue, and understand that I need to enable the TUN adapter. However, it doesnāt seem to work when implemented as RUN layers in the Dockerfile.
RUN mkdir /var/lib/tailscale \
&& mkdir /dev/net \
&& mknod /dev/net/tun c 10 200
RUN tailscaled \
&& tailscale up -authkey "${TAILSCALE_KEY}"
I get the following errors upon running docker build:
How can I set up tailscaled in the build stage? I understand that I need to run the image with flags along the lines of:
docker run -dit -p 7000:7000/udp --cap-add=NET_ADMIN --device=/dev/net/tun:/dev/net/tun repo:imagename
but as mentioned, it gets held up in the build stage because the adapter doesnāt exist.
Is it best to use the Tailscale docker image in a multi-stage build? Is tailscaled only supposed to be run in the CMD stage (not a RUN layer?) Iām jumping off the deep end here and am in over my head, so any pointers or code snippets which show how to implement this in a Dockerfile would be most welcome.
Most solutions referenced in the github issues are made for running on a cluster e.g. with Kubernetes and Docker Compose, but Iām interested in using a single container image built from a single Dockerfile which can be hosted on a container registry and then used to build a VM directly from the image e.g. on Google Cloud Compute Engine.
Thanks
I replied to your same question at Support running in containers (Docker, Kubernetes) Ā· Issue #504 Ā· tailscale/tailscale Ā· GitHub
1 Like
thanks! Conversation moved over there. Cheers