APERTURE IS NOW AVAILABLE - START BUILDING WITH AI SAFELY IN MINUTES, NO WAITLIST.Read more →
Go back

How Avride saves costs and thousands of engineering hours with Tailscale

Case StudyTechnology
alt

Avride is a technology company that specializes in autonomous vehicles and robotic delivery. Their vision is to create safer roads and a more sustainable world by leveraging the transformative power of technology. And with that in mind, they also began to look into the most advanced strategies, like WireGuard protocol, for their networking needs.

Artem Leshchev, DevTools Team Lead, joins us to share how Avride adopted Tailscale to gain reliable connectivity and save 1000s of engineering hours. Now, their teams securely connect to edge devices like autonomous cars, grant their global teams speedy access, and dramatically increase productivity with far less hassle.

Driving into the future

The Avride team has been a leader in its industry since 2017. They have two main products: autonomous cars that serve as a fleet for robotaxi services, and robots that deliver food from restaurants across the globe.

“We have one of the most experienced teams in the autonomous vehicles market,” shares Artem. “We are the only company that develops a unified autonomous driving technology that works both on cars and delivery robots, which are mutually beneficial to each other.”

Since their founding, their company has grown to over 300 staff members, including more than 200 engineers who use Tailscale daily — a reality that Artem helped facilitate as the Team Lead for the DevTools team.

Tailscale has saved us thousands of engineering hours compared to self-maintained VPN solutions with a similar set of features. It just works, and it provides a lot of features that we did not have to develop ourselves.
Artem LeshchevDevTools Team Lead

Staying connected across complex infrastructure

Avride’s networking environment is heterogeneous and complex, and it features a combination of cloud servers and on-prem hardware. As Artem explains, “We have AWS EC2 instances and EKS clusters running some of our production services. We have bare metal servers rented from different cloud providers and various kinds of on-premises hardware.”

This on-premises hardware includes server architectures that Avride could not rent from cloud providers, hardware stands for development and continuous integration, and ingestion servers for quicker vehicle turnaround.

“We also have hardware on wheels — our autonomous cars and delivery robots,” Artem adds. “Our QA engineers work on the go near these vehicles from their laptops and phones on mobile connectivity. All of that is running Tailscale in one form or another.”

Advancing toward mesh architecture

Artem’s experiences helped refine Avride’s selection process when considering their next solution. “Our engineers and I were aware of WireGuard protocol’s advantages and wanted to use it for our next networking solution. Adopting mesh architecture was also attractive to reduce latency.”

Artem researched various options, and other team leads shared the requirements and features desired by their teams. However, Tailscale had an edge since several staff members were already familiar with it from their in-home use.

“Some of our engineers used Tailscale for our home networks, and we were familiar with its feature set, ease of use, and reliability. It was an obvious option,” Artem explains. “We compared Tailscale to other solutions and decided that it better fit our needs.”

Top security with greater control

Tailscale’s connectivity helps Avride’s teams deploy new software, stream video for remote assistance, and assign deliveries. It also keeps their staff securely connected to their devices and resources in the cloud and on-premises hardware.

One feature that protects these connections is Tailscale’s Access Control Lists, or ACLs, which helped Avride granularly manage access for staff using identity-based permissions. “When we have to connect a new device or service to something on our network, we just set up Tailscale there, add some ACL rules, and it just works,” Artem shares.

This feature has also been helpful for managing Avride’s team of remote contractors who help troubleshoot issues that may arise with their autonomous vehicles. As Artem explains, the contractors “help vehicles resolve unexpected situations on the road by providing suggestions using a separate web service.” Tailscale provides secure access to this web service, and the service also connects to vehicles using Tailscale — ensuring all communications are appropriately authenticated, authorized, and logged.

“We have a pretty lengthy ACL that describes who can access what, so your position and role describe which services you can access,” Artem shares, explaining Avride’s role-based access control. “We also have some services that are accessible company-wide, and contractors use our own authentication system to set the right permissions.”

Avride also manages its autonomous vehicles by leveraging the convenience of Tailscale SSH. This feature provides SSH access without the tedious management of SSH keys — all authenticated and encrypted over WireGuard.

Artem explains, “Tailscale SSH allows us to provide secure access to our autonomous vehicles and other devices when needed, with control over permissions, and without the hassle of managing SSH keys. We’ve also deployed SSH Recorders for observability on actions taken.”

Bespoke network management with Tailscale

Another feature that Avride’s teams appreciate is Tailscale’s API, which allows them to integrate critical applications and make network management much more convenient. “I think Tailscale’s API is the most valuable feature for us right now,” shares Artem. “It allows us to control our network programmatically and implement the features that we need.”

These abilities include Google Groups syncing, the generation of single-use auth keys to automate the setup of autonomous vehicles, and automatic ACL updates that help Avride access devices behind subnet routers that use dynamic IP addresses.

“Some of these features are now available natively in Tailscale itself, but the API allowed us to move fast and unblock ourselves,” Artem explains.

Reducing costs with networking that “just works”

Since adoption, Tailscale has saved Avride considerable costs by reducing its management burdens and labor. As Artem explains, “Tailscale has saved us thousands of engineering hours compared to self-maintained VPN solutions with a similar set of features. It just works, and it provides a lot of features that we did not have to develop ourselves.”

They’ve also significantly increased productivity by leveraging Tailscale’s peer-to-peer connectivity, which reduces latency. Artem shares that this is critical because Avride’s remote operators rely on efficiently accessing applications to assist their fleet.

“I think the most important improvement is the reduction of latency from our autonomous vehicles to our remote operators, so that they can assist the vehicles as efficiently as possible.” This improvement has kept operations at Avride connected, speedy, and efficient. “Tailscale helped us unblock teams,” Artem shares. “We’re able to deploy Tailscale really quickly and easily, and get network connectivity where it’s needed.”

Stay connected on the leading edge

In-house VPNs can be a tempting solution, but custom solutions can be a bigger management burden than a benefit. Avride discovered that Tailscale just works, while offering WireGuard-based security, low-latency architecture, and advanced capabilities in a single control plane.

Chat with us today to see what Tailscale can do for your team.

Loading...

Try Tailscale for free

Get started
Schedule a demo
Contact sales
cta phone
mercury
instacrt
Retool
duolingo
Hugging Face