You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using Tailscale to get access to GCP resources. I followed https://tailscale.com/kb/1147/cloud-gce/ so I used tailscale up --advertise-routes=.. --allow-dns=false and this seemed to work well.
However, as we've been bringing more resources online in GCP I've sometimes needed to add more routes (for example, for resources peered to a project's default VPC). I could not find (a) a way to add/remove advertised routes without recreating the full list of routes and passing this to tailscale up, and (b) a way to review which routes are currently being advertised. After enabling some routes, then advertising different routes by calling tailscale up again, the admin console still shows all the routes that were ever enabled/allowed, seemingly as if they're active.
How should we solve this?
Add the currently advertised routes to the output of tailscale status
Add a subcommand to tailscale that lets me add or remove advertised routes
Make it obvious in the admin console which routes are currently being advertised
Some suggested improvements for the KB article:
The screenshots could be updated to match the current state of GCP
It does not explicitly mention the need to allow routes from the Tailscale admin console
It could mention the 10.128/9 subnet that appears to be the default for GCP resources
What is the impact of not solving this?
There is no UX for managing routes incrementally and you have to repeat yourself/keep track of the current state.
Anything else?
The initial setup of the Tailscale gateway following the KB article was pretty easy and the result is pretty magic once it works! Figured I'd document my paper cuts so they might get looked at -- I think this is mostly "superficial" UI work. Also, I'd like to use Tailscale more but am prevented by the lack of #713.
The text was updated successfully, but these errors were encountered:
What are you trying to do?
I'm using Tailscale to get access to GCP resources. I followed https://tailscale.com/kb/1147/cloud-gce/ so I used
tailscale up --advertise-routes=.. --allow-dns=false
and this seemed to work well.However, as we've been bringing more resources online in GCP I've sometimes needed to add more routes (for example, for resources peered to a project's default VPC). I could not find (a) a way to add/remove advertised routes without recreating the full list of routes and passing this to
tailscale up
, and (b) a way to review which routes are currently being advertised. After enabling some routes, then advertising different routes by callingtailscale up
again, the admin console still shows all the routes that were ever enabled/allowed, seemingly as if they're active.How should we solve this?
tailscale status
tailscale
that lets me add or remove advertised routesSome suggested improvements for the KB article:
10.128/9
subnet that appears to be the default for GCP resourcesWhat is the impact of not solving this?
There is no UX for managing routes incrementally and you have to repeat yourself/keep track of the current state.
Anything else?
The initial setup of the Tailscale gateway following the KB article was pretty easy and the result is pretty magic once it works! Figured I'd document my paper cuts so they might get looked at -- I think this is mostly "superficial" UI work. Also, I'd like to use Tailscale more but am prevented by the lack of #713.
The text was updated successfully, but these errors were encountered: