K3s Homelab: Access your workloads securely with Tailscale

Hello, homelab enthusiasts! 👋 In part three of our Kubernetes journey, we're diving into secure service access with Tailscale! 🚀 What if you could access your Kubernetes services from anywhere without exposing them to the public internet? 🤔 That's the power of Tailscale! This mesh VPN provider, with its Kubernetes operator, simplifies exposing your services directly to your Tailscale network. No complicated firewall rules or public endpoints needed! 🎉 We'll cover: *Demo 1:* Accessing a PostgreSQL database running in K3s from a remote machine, securely and easily. See how just two annotations make this possible! 🤯 *Demo 2:* Accessing an HTTP service (WETTY - a browser-based terminal to an Alpine Linux pod) via Ingress with Tailscale. HTTPS with automatic TLS certificates? Yes, please! 😎 *Setup:* A step-by-step walkthrough of installing the Tailscale client, K3s, and the Tailscale Operator. We'll cover OAuth client setup, role-based access with tags, and more! *Exposing Services:* Three different methods: ClusterIP service with annotations (for TCP/UDP) LoadBalancer service with Tailscale class Ingress for HTTP services (with automatic HTTPS!) *Bonus:* Exposing services to the public internet using Tailscale Funnel! 🌐 *Comparison:* Tailscale vs. Traditional VPNs vs. CloudflareD. Which is right for you? 🤔 I'm Filip, and let's get started! Join me as we unlock secure and simplified Kubernetes service access with Tailscale! 💻 #kubernetes #tailscale #homelab #k3s #vpn #security #devops #cloudnative #wireguard #meshvpn #ingress #loadbalancer #clustercip #oauth #helm #magicdns Links: https://github.com/filip-lebiecki/k3s... https://tailscale.com/kb/1236/kuberne... Chapters: 00:00 Introduction 01:01 Demo 04:31 Tailscale Client Install 06:14 K3s install 06:46 Install Tailscale K8s Operator 09:57 Exposing ClusterIP 14:43 Exposing Load Balancer 16:33 Exposing Ingress 18:52 Exposing services to the Internet