New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tailscale 1.50 + Tailnet Lock: machine has already been registered
#9539
Comments
Did you get an error like this:
I needed to revert back to previous version from v1.50.0 to make it work, maybe same issue. |
i see this:
But if switched back to 1.48.2, working... (and not need to re-add the client) |
Do you use Tailnet Lock? |
Was |
Yes, i use it. But in 1.48.2, it no problem. |
I understand that 1.48.2 worked in this environment, but that doesn't really help to identify the root cause. The template asks for a A |
machine has already been registered
The container has persistent storage mounted at /var/lib/tailscale? So |
Actually, I was running tailscale with following parameters: --accept-routes --reset and the above error was throwing out. the following start cmd seems to be used:
|
What was the full command you were running in 1.50.0? |
@DentonGentry It was 'tailscale up --accept-routes --reset' but it was throwing error as 'tailscale login -reset' |
@ftasbasi at this point I'd ask to open a new bug. Testing with 1.50.0 just now, |
problematic client (1.50.0): other working client (same tailnet): Hope it help.
Yes, it persisntent, here my yaml:
|
This comment was marked as off-topic.
This comment was marked as off-topic.
I've similarly had to revert back to 1.48, I'm also using tailnet lock. Also running inside a container. There is a volume mounted to store tailscaled.state and had no issues until upgrading to 1.50. After upgrading, the container prompted for the machine to be added anew to the existing tailnet. To try and resolve the issue, I removed the existing machine and re-added it and normal service resumed. However, any time that the container was restarted it would once again provide me with a link to add the machine a new rather than use the existing one. I removed the existing container volume that stored existing tailscaled.state, to provide a fully clean slate, and repeated the process and saw the same results. Container is run under podman rather than docker but with the same results others have reported, e.g.
However, an iOS and Synology device on the same tailnet updated to 1.50 without issue, the only impacted devices appear to be containers. Also of note, when downgrading to 1.48 the machine created under a 1.50 container allows it to start the 1.50 profile, so it appears to be an issue with loading rather than saving. |
Exactly. I also Update a native linux client and not affect any problem. Only with container. |
This comment was marked as off-topic.
This comment was marked as off-topic.
I am experiencing the exact same issue, I've had to revert back to 1.48.2 |
This looks like a regression in |
Thanks. Looking at the documentation, it appears this environment variable should always have been required for my setup but hadn't been previously. Setting the noted environment variable |
It fix the problem! I close the issue. |
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes #9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes #9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes #9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes #9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes #9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes #9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
Unstable release 1.51.25 contains a fix for this. If able to run an unstable release, could you try it? We can incorporate the same fix into a 1.50.1 release. |
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes #9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes #9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com> (cherry picked from commit 4823a7e)
This should be resolved in 1.50.1, released earlier today. |
This partially reverts commit a61a9ab and fully reverts commit 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. Updates #9539 Signed-off-by: Maisem Ali <maisem@tailscale.com>
This partially reverts commits a61a9ab and 7538f38 and fully reverts 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. Updates #9539 Signed-off-by: Maisem Ali <maisem@tailscale.com>
This partially reverts commits a61a9ab and 7538f38 and fully reverts 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. Updates #9539 Signed-off-by: Maisem Ali <maisem@tailscale.com>
This partially reverts commits a61a9ab and 7538f38 and fully reverts 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. Updates #9539 Signed-off-by: Maisem Ali <maisem@tailscale.com>
This partially reverts commits a61a9ab and 7538f38 and fully reverts 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. Updates #9539 Signed-off-by: Maisem Ali <maisem@tailscale.com>
This partially reverts commits a61a9ab and 7538f38 and fully reverts 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. This is a little sad that we have to revert to `tailscale up`, but it fixes the backwards incompatibility problem. Updates #9539 Signed-off-by: Maisem Ali <maisem@tailscale.com>
This partially reverts commits a61a9ab and 7538f38 and fully reverts 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. This is a little sad that we have to revert to `tailscale up`, but it fixes the backwards incompatibility problem. Updates #9539 Signed-off-by: Maisem Ali <maisem@tailscale.com>
This partially reverts commits a61a9ab and 7538f38 and fully reverts 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. This is a little sad that we have to revert to `tailscale up`, but it fixes the backwards incompatibility problem. Updates #9539 Signed-off-by: Maisem Ali <maisem@tailscale.com>
1.50.0 switched containerboot from using `tailscale up` to `tailscale login`. A side-effect is that a re-usable authkey is now re-applied on every boot by `tailscale login`, where `tailscale up` would ignore an authkey if already authenticated. Though this looks like it is changing the default, in reality it is setting the default to match what 1.48 and all prior releases actually implemented. Fixes tailscale#9539 Fixes https://github.com/tailscale/corp/issues/14953 Signed-off-by: Denton Gentry <dgentry@tailscale.com> Signed-off-by: Alex Paguis <alex@windscribe.com>
This partially reverts commits a61a9ab and 7538f38 and fully reverts 4823a7e. The goal of that commit was to reapply known config whenever the container restarts. However, that already happens when TS_AUTH_ONCE was false (the default back then). So we only had to selectively reapply the config if TS_AUTH_ONCE is true, this does exactly that. This is a little sad that we have to revert to `tailscale up`, but it fixes the backwards incompatibility problem. Updates tailscale#9539 Signed-off-by: Maisem Ali <maisem@tailscale.com> Signed-off-by: Alex Paguis <alex@windscribe.com>
What is the issue?
When i restart my docker container (or recreate) it need to re-auth the client.
Steps to reproduce
Are there any recent changes that introduced the issue?
it working 1.48.2. After i update, not working. If i switch back to 1.48.2 image it working well.
OS
Linux
OS version
Docker (Alpine 3.18.3)
Tailscale version
1.50.0
Other software
No response
Bug report
No response
The text was updated successfully, but these errors were encountered: