The official Tailscale subreddit. Not routinely monitored by Tailscale employees. Please contact support via https://tailscale.com/contact/support if you need further help.
Running Tailscale in Docker with Subnet Routes
I'm just playing around with Tailscale the first time, did set up 4 devices (iPhone, Macbook M1, Raspberry Pi 4 and a Windows Machine) and that did work right out of the box
then I looked into Subnet Routes and saw that this is only available under linux and made it work running bare metal on the Raspberry itself
sudo tailscale up --advertise-routes=192.168.0.0/24
but as im a big fan of docker I wanted to try it out, got the container up and running but I can't seem to get subnet routes working
tried the official image and then manually to add the routes with
sudo docker exec tailscaled tailscale up --advertise-routes=192.168.0.0/24
or even
sudo docker exec tailscaled tailscale up --accept-routes --advertise-routes=192.168.0.0/24
before I try to do crazy stuff, is this even supported in the official image or can someone point me to an image that runs of ARM64 with the feature of subnet routes
forgot the compose.... well its basic anyway but maybe... tried to set the env there wasn't able too
version: '3.3'
services:
tailscaled:
container_name: tailscaled
cap_add:
- NET_ADMIN
volumes:
- '/var/lib:/var/lib'
- '/dev/net/tun:/dev/net/tun'
network_mode: "host"
image: tailscale/tailscale
command:
- tailscaled
Did you try running the container in priveleged mode? I'm not the most informed on the exact implementation of cap-add NET_ADMIN, but does it allow proper access to /dev/net/tun on host?
i thought so, but im not quite sure
have running adguard containers running with NET_ADMIN
thought i had privileged in my compose will try to run it with
feeling so dumb right now... I am sure at some point I had "privileged: true" in my compose... added it and now it works
thanks
I was searching too
from: https://hub.docker.com/r/tailscale/tailscale
TS_ROUTES: tailscale --advertise-routes=
Thanks for posting this it got me started!
I do seem to have hit roadblock now that the container stays started for a little while (i was missing the command, i mean geez what container doesnt have a default entry point?! - wow this project has one of the most terribly constructed docker images and getting started doc, and yes i can and have done better myself).
not sure why but i am getting nowhere with this, this is my log and YES my host kernel does have tun module and probe works just fine on the host.
also made sure i set to privileged and add the CAP
any ideas?
2022/02/14 23:42:38 logtail started2022/02/14 23:42:38 Program starting: v1.20.4-t8e32002cf, Go 1.17.6-tse44d304e54: []string{"tailscaled"}2022/02/14 23:42:38 LogID: 98bc02a786cf692a8d62e34909c6e23cc422293efa5654d1cfb48a29f1bcf9ab2022/02/14 23:42:38 logpolicy: using system state directory "/var/lib/tailscale"2022/02/14 23:42:38 wgengine.NewUserspaceEngine(tun "tailscale0") ...2022/02/14 23:42:38 Linux kernel version: 5.10.0-11-amd642022/02/14 23:42:38 is CONFIG_TUN enabled in your kernel? \modprobe tun` failed with: modprobe: can't change directory to '/lib/modules': No such file or directory`2022/02/14 23:42:38 wgengine.NewUserspaceEngine(tun "tailscale0") error: tstun.New("tailscale0"): operation not permitted2022/02/14 23:42:38 flushing log.2022/02/14 23:42:38 logger closing down2022/02/14 23:42:38 logtail: dialed "log.tailscale.io:443" in 79ms2022/02/14 23:42:38 createEngine: tstun.New("tailscale0"): operation not permitteddo you have tailscale running on your host?
had to deinstall it from the host to get the container running