![]() ![]() I'm the Archmage of Infrastructure at Tailscale and I've been using Tailscale personally and professionally for the last two-and-a-half years. Speaker introĪs the nice person with the microphone said, I'm Xe iaso. I'm going to blatantly shill my employer and explain how you can get rid of all of this badness by embedding Tailscale into your services so you can use Tailscale to do your service discovery instead of having to rip your hair out doing things manually. Given the fact that we're at a Tailscale event, you may see where I'm going here. What's the middle path between these two extremes of pain? So if this is done poorly, you get statements like "use port 69 for gitlab", "use port 420 for the wiki", "set up a new AWS machine for that new service" and other statements dreamed up by the utterly deranged. That load balancer also needs to be able to generate HTTPS certificates, and it can be a mess if you have to wire everything up manually. You need to set up some kind of load balancer to point to the different services based on DNS records or other factors. In the same way, you can only have one program bind to a port. The slide shows an anime depiction of bunch of ships at a dockyard, evoking the mood of the Seattle port.Īt a shipyard, every labeled spot can only have one ship in that spot. The reason for this boils down to a fundamental UNIX restriction we've always had to live with: If you want to host some internal-facing services for your home, company, or community you'll need to either set up your own DNS records for every service with annoying to configure tools like nginx or haproxy or make people use arbitrary port numbers. This is just a fact of life and a lot of this boils down to the tradeoffs you want to make with your implementation details. The complexity must exist somewhere, and rejecting it will only make things worse down the line when the complexity finally catches up with you. Two of the most evil ones are balancing complexity and simplicity.Ĭomputers and networking is fundamentally a complicated affair. ![]() However, there are a lot of conflicting forces at play. It turns out that there are a lot of things that you can do with computers, and even more when you network those computers together. Xe's sigil is visible on the title slide. ![]() It contains an AI generated background with the presentation name "The subtle magic of embedding tsnet into your services" and the name Xe iaso underneath it. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |