I’ve really wanted to try tailscale. I fear I’ll like it, and I don’t want another company to have a monopoly on simple things so everyone forgets how to do them.
I mean, setting up a WireGuard vpn is pretty darn simple, even into a k8s cluster. It’s not rocket science or anything; which is kinda my point. They make it too easy, and that worries me.
That’s sort of the problem, right. Joining two networks is pretty simple, once you do it a few times. I remember when it was mandatory to know how to set up an email server (for more than one user), configure a secure FTP (+ WebDAV for a little while), and probably other things I’ve totally forgetting about. These things were passed down from senior to junior like we pass down how to write Docker images, and set up our ide while those very simple services of yesterday have been eaten up by monopolies. I’m not saying we shouldn’t have services to make our lives easier… I’m saying we should have more of them. I’m not interested in this space, but someone who is should see this company and go “damn, these guys have validated an idea for me. Maybe I can take some of their pie.” Instead, we just give them more money …
Look at email. It’s basically a “lost technology” in that it is nearly impossible to self-host (though there are people out there doing it, there are very few modern guides from zero to production). Same with file sharing and IRC servers.
Tailscale has several competitors such as ZeroTier and Nebula. There does appear to be a winner-take-all dynamic where being slightly better lets Tailscale take 10x more mindshare than competitors, but I don't see any way around that.
However, when you have 10 nodes and need to add one more node, you now need to update all other nodes so they can speak p2p. Management with scale is the struggle.
For servers sure, but things like `tailscale` exist to save every laptop and cell phone from looking like a devops project.
Furthermore you could extend this argument almost every other cloud service with a primary feature of "convenience" and/or "management". Just build everything yourself.
Tailscale is amazing. I was able to set up our AWS VPN with it in <30 minutes, and it's just worked ever since. Getting new users set up is similarly seamless.
If this means I continue to forget how to run OpenVPN I consider that well worth it.
It's made putting internal apps in a private subnet on a VPC a very trivial process. Like took me an afternoon and works well for my small 40 person company.
My escape hatch from the monopoly is headscale[0] which I can self host.
[0] https://github.com/juanfont/headscale