R
RunPod3mo ago
Igor

Tailscale on Pod

Hello, all. I need to set up Tailscale VPN in Pod in order to allow access to our DB. Issues is that /dev/net/tun is not available, and using SOCKS5 proxy as described in this article https://tailscale.com/kb/1112/userspace-networking is not an option for us. Are there any recommendations, how I can run Tailscale? Thank you.
Tailscale
Userspace networking mode (for containers)
Find out about userspace networking mode and when it is useful.
7 Replies
digigoblin
digigoblin3mo ago
I don't think you can setup a VPN on a pod due to security restrictions, but you can use Cloudflared - https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/private-net/cloudflared/
Cloudflare Docs
Connect private networks · Cloudflare Zero Trust docs
A private network has two primary components: the server and the client. The server’s infrastructure (whether that is a single application, multiple …
Madiator2011
Madiator20113mo ago
usually tailscale would need to access to tun device with is not possible in non provilaged containers
Igor
Igor3mo ago
and RunPod does not give options to run privileged containers, right?
digigoblin
digigoblin3mo ago
Nope
Igor
Igor3mo ago
understood. thank you
nerdylive
nerdylive3mo ago
"However, not all Linux systems support /dev/net/tun. For example, some container-based app platforms such as Heroku or Google Cloud Run do not. For those environments, userspace networking mode offers a different way of running, where tailscaled functions as a SOCKS5 or HTTP proxy which other processes in the container can connect through." but this @Igor why not use socks or http proxy btw?
Igor
Igor2mo ago
@nerdylive hey. Yeah, I'm still waiting for info from user if their application is capable of working through SOCKS5 proxy.