Kubernetes operator
- New: Use the Tailscale Kubernetes operator to expose a Kubernetes cluster to your tailnet and securely connect to the Kubernetes control plane (alpha)
tailscale exit-node
sub-command--upstream
flag in the tailscale version
commandtailscale funnel
command provides an interactive web UI that prompts you to allow Tailscale to enable Tailscale Funnel on your behalftailscale serve
command provides an interactive web UI that prompts you to allow Tailscale to enable HTTPS and Tailscale Funnel on your behalfNote: 1.48.0 introduced a regression in the interaction between Tailscale and Linux ufw
. The Linux release has been withdrawn pending a fix.
nftables
tailscale update
command on Alpine, Arch and Fedora distro familiestailscale update
commandtailscale update
commandnodeDeleted
webhook event is now generated when a node is removed from the tailnet, including automatic removal of ephemeral nodesmy-server.yak-bebop.ts.net
instead of
my-server.example.com
. This is a display-only change and doesn’t modify the name of any
machines.tailscale netcheck
(#5919)tailscaled --no-logs-no-support
(or TS_NO_LOGS_NO_SUPPORT=true
environment variable)tailscale bugreport --record
flag to pause and write another bug reporttailscale netcheck
looks for a captive portaltailscaled
ExitNodeStatus
to tailscale status --json
tailscale ping -c N
to properly exit after N ping requests even if there are timeoutsSERVFAIL
if all upstream resolvers failssdp:all
ping (hostname)
now works correctlyAllowSameVersionUpgrades
attribute on MajorUpgrade
tag in Windows MSI script*.ts.net
DNS nametailscaled --state=mem:
registers as an ephemeral node and does not store state to disktailscale status --json
now shows Tags
and PrimaryRoutes
for Peers. PrimaryRoutes
shows whether a HA
subnet router is currently the active one.tailscale status --json | jq .TailnetName
will show the name of the tailnettailscaled
debug server’s Prometheus metrics exporter now also includes Go runtime metricstailscaled
supports a new TS_PERMIT_CERT_UID
environment variable containing either a userid or username to
allow to fetch Tailscale TLS certificates for the node. This environment variable can be set in
/etc/default/tailscaled
to permit non-root web servers on the local machine to fetch certs from tailscaled
.--auth-key
and --authkey
both work as tailscale up
arguments/proc/net/route
filestailscale --operator=USER
to use with Taildroptailscale status
failed to look up user from userid
error/var/packages/Tailscale/target/bin/tailscale configure-host
to restore needed
permissions. We recommend adding this as a scheduled task at boot.autogroup:self
for all tagged nodesautogroup:self
ruletailscale up --authkey=file:/path/to/secret
supporttailscale up --qr
for QR codeswhile tailscale up; do sleep 0.1; done
loops in Docker startup scripts.tailscale debug