Skip to main content

Tailscale Integration

Step 1: Setup Tailscale Auth

If you don't already have a tailscale account you can sign up here https://login.tailscale.com/login

Go to Settings > Personal Settings > Keys > Generate Auth Key https://login.tailscale.com/admin/settings/keys

Make sure to check Ephemeral and Reusable

Copy the API Key they give you

Step 2: Deploy Tailscale Relay

Go to https://zeet.co/new/helm?repo=https://helm.zeet.dev&chart=tailscale-relay

Paste the following YAML:

config:
  authKey: "YOUR_AUTH_KEY"
  variables:
    TAILSCALE_ADVERTISE_ROUTES: "10.0.0.0/16,172.20.0.0/16"

info

10.0.0.0 is the default value for Zeet managed VPC.

172.20.0.0 is the default value for Zeet managed Cluster.

If you have custom VPC or Cluster configuration you can replace them with your own values. You can also contact support to confirm the values for advertise routes.

Click "Deploy Now" A build should start and complete pretty quickly -- ~10s

Step 3: Configure Tailscale

You should now see a new entry that looks like "name-tailscale-relay-0"

Click the 3 dots on that machine > Review Route Settings

Approve "10.0.0.0/16" and "172.0.0.0/16" by clicking individual routes or approve all routes

Now you should be able to access zeet services with internal IP using tailscale

  • (optional) Disable Key Expiry on that machine as well - if you don't do this, you'll have to refresh the key in a few months

  • (optional) Configure Tailscale Magic DNS

https://login.tailscale.com/admin/dns

Go to DNS settings and click "Add nameserver" with the Custom... option

Put in 172.20.0.10 for Name Server and then enable split DNS and input NAMESPACE.svc.cluster.local as the Search Domain

info

127.20.0.10 is the default DNS address for Zeet managed Clusters. You can replcae it with your own custom values

You can find the value for NAMESPACE in the project settings tab for the tailscale relay project in Zeet

Now you should be able to access internal services using Magic DNS powered domain routing