eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/docs/reference/kubernetes/tailscale-operator.md
Erich Blume 1e4e72b923 Address PR review feedback for Phase 3 tutorials 
Tutorial changes:
- Replace what-is-blumeops with adding-a-service tutorial
- Update ai-assistance-guide with Mise Tasks table
- Update contributing with tooling setup, target revisions, DNS preview
- Remove AI-only sections from contributing and exploring-the-docs
- Add replicator explanation to exploring-the-docs
- Add pre-commit link validation note
- Add Core Services phase to replication roadmap
- Add docs service to services list in replicating-blumeops

New reference cards:
- docs.md - Quartz documentation service
- tailscale-operator.md - Kubernetes ingress operator
- ansible/roles.md - Available ansible roles

Other updates:
- Add mise to Brewfile
- Update docs/index.md to link to exploring-the-docs
- Add notes to update exploring-the-docs in future phases
- Link tailscale-operator from apps.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-03 18:50:51 -08:00

40 lines
1 KiB
Markdown
Raw Blame History

---
title: tailscale-operator
tags:
- kubernetes
- tailscale
---
# Tailscale Kubernetes Operator
The Tailscale operator enables Kubernetes services to be exposed directly on the Tailscale network via Ingress resources.
## Quick Reference
| Property | Value |
|----------|-------|
| **Namespace** | `tailscale` |
| **Helm Chart** | `tailscale/tailscale-operator` |
| **ArgoCD App** | `tailscale-operator` |
## How It Works
When you create an Ingress with `ingressClassName: tailscale`:
1. Operator provisions a Tailscale node for the service
2. Service becomes accessible at `<hostname>.tail8d86e.ts.net`
3. TLS is handled automatically via Tailscale
## Limitations
Services exposed via Tailscale Ingress are **not accessible** from:
- Other Kubernetes pods (they're not Tailscale clients)
- Docker containers on indri
For pod-to-service communication, use [[routing | Caddy]] (`*.ops.eblu.me`) instead.
## Related
- [[tailscale]] - Network configuration
- [[routing]] - Service routing options
- [[apps]] - Application registry
Reference in a new issue View git blame Copy permalink