75 lines
2.1 KiB
YAML
75 lines
2.1 KiB
YAML
|
apiVersion: v1
|
||
|
kind: Pod
|
||
|
metadata:
|
||
|
name: debug-tsnet
|
||
|
spec:
|
||
|
shareProcessNamespace: true
|
||
|
containers:
|
||
|
- name: tailscale
|
||
|
image: ghcr.io/tailscale/tailscale:v1.50.1
|
||
|
imagePullPolicy: IfNotPresent
|
||
|
command:
|
||
|
- /bin/sh
|
||
|
- -c
|
||
|
- |
|
||
|
export PATH=$PATH:/tailscale/bin
|
||
|
export PINGIP="100.64.0.20"
|
||
|
export PROCESS_TO_WAIT_FOR="bash"
|
||
|
set -e
|
||
|
|
||
|
if [[ ! -d /dev/net ]]; then
|
||
|
mkdir -p /dev/net
|
||
|
fi
|
||
|
if [[ ! -c /dev/net/tun ]]; then
|
||
|
mknod /dev/net/tun c 10 200
|
||
|
fi
|
||
|
|
||
|
echo "==> Starting tailscaled in background"
|
||
|
tailscaled --socket=/tmp/tailscaled.sock --state=mem: --statedir=/tmp &
|
||
|
TS_PID=$!
|
||
|
|
||
|
echo "==> Running tailscale up"
|
||
|
tailscale --socket=/tmp/tailscaled.sock up --authkey=${TS_AUTH_KEY} --accept-dns=false --login-server https://headscale.tbrnt.ch
|
||
|
|
||
|
echo "==> Waiting for Tailscale to connect properly"
|
||
|
until tailscale --socket=/tmp/tailscaled.sock status; do
|
||
|
echo "... Tailscale not ready yet"
|
||
|
sleep 2
|
||
|
done
|
||
|
|
||
|
echo "==> Checking Tailscale connection to target"
|
||
|
until tailscale --socket=/tmp/tailscaled.sock ping $PINGIP; do
|
||
|
echo "==> ... No Tailscale connection yet"
|
||
|
sleep 2
|
||
|
done
|
||
|
|
||
|
echo "==> Checking network connection to brunnernas"
|
||
|
until ping -c1 $PINGIP; do
|
||
|
echo "==> ... No network connection yet"
|
||
|
sleep 2
|
||
|
done
|
||
|
|
||
|
echo "==> Connected! Waiting for main container to exit"
|
||
|
while pidof $PROCESS_TO_WAIT_FOR > /dev/null; do sleep 1; done
|
||
|
|
||
|
echo "==> Main container ended - stopping Tailscale"
|
||
|
kill -s SIGINT $TS_PID
|
||
|
wait ${TS_PID}
|
||
|
env:
|
||
|
- name: TS_AUTH_KEY
|
||
|
valueFrom:
|
||
|
secretKeyRef:
|
||
|
key: TS_AUTH_KEY
|
||
|
name: tailscale-auth-backup
|
||
|
resources: {}
|
||
|
securityContext:
|
||
|
capabilities:
|
||
|
add:
|
||
|
- NET_ADMIN
|
||
|
- name: debugger
|
||
|
image: docker.io/nicolaka/netshoot:latest
|
||
|
imagePullPolicy: Always
|
||
|
command: ["/bin/bash"]
|
||
|
args: ["-c", "while true; do ping -i 10 localhost; sleep 60;done"]
|
||
|
resources: {}
|