Virtual Private Network (VPN) software provider Tailscale has brought on Kubernetes pioneer Joe Beda as an advisor, the latest move for the company to establish itself in the growing enterprise Kubernetes market.
Beda was one of the three engineers at Google who originally developed the Kubernetes orchestration engine at Google, along with Brendan Burns (currently at Microsoft) and Craig McLuckie (currently heading [Stacklok](https:/…
Virtual Private Network (VPN) software provider Tailscale has brought on Kubernetes pioneer Joe Beda as an advisor, the latest move for the company to establish itself in the growing enterprise Kubernetes market.
Beda was one of the three engineers at Google who originally developed the Kubernetes orchestration engine at Google, along with Brendan Burns (currently at Microsoft) and Craig McLuckie (currently heading Stacklok).
Founded in 2019, Tailscale has enjoyed considerable success from its open source VPN software WireGuard, which provides an easy way to remotely connect to a network by way of VPN protocols. The company has parlayed the open source success of the code into an enterprise platform for running networks as well.
Now, in an effort to expand its reach, Tailscale is looking to break into the cloud native Kubernetes market. The company has kicked off a number of initiatives to support Kubernetes networking in a production-scale facility.
“Kubernetes networking has always been a bit of a challenge,” largely owing to its immense flexibility and ability to work in so many different environments, Beda said in an interview with TNS.
Setting up the networking for a single cluster is easy enough, he said. But as the use cases grow more complex, a solution such as WireGuard could help simplify operations quite a bit.
Enter Kubernetes
Avery Pennarun, Tailscale CEO and co-founder, further explained that WireGuard started as a “super developer-friendly” VPN that could be used to connect a dev’s remote computer to a corporate network. From there, its use quickly expanded to help the organizations themselves connect entire networks together.
And as its user base began relying more heavily on Kubernetes, Tailscale’s next logical step is to support the software as well.
In April, the company released the Kubernetes Operator, which exposes in-cluster apps, connect clusters and control access without opening public endpoints.
Other Kubernetes enhancements around WireGuard followed quickly:
- A Kubernetes proxy to provide high-availability access to the Kubernetes API server over Tailscale).
- A high-availability (HA) ingress to supply resilient routing for a single namespace.
- A Kubernetes private proxy with per-identity authorization.
- Kubectl session recording via the API server proxy (July).
- Various other customizations for Custom IngressClass names, ProxyClass annotations, static cluster IP in DNSConfig, support for priorityClassName and HA replicas for Connectors.
“A lot of folks are already using Tailscale in Kubernetes clusters,” Beda said. “So a lot of the work there has been listening to those customers, taking what they’ve sort of cobbled together with the pieces and formalizing it, making it easier to install and to manage.”
Beda’s Perspective
Joe Beda, LinkedIn
Beda was a senior staff software engineer at Google from 2004 until 2015. After a time advising for container-oriented CoreOS (which was later acquired by Red Hat), he started Kubernetes consultancy Heptio, which was acquired by VMware in 2018.
In 2015, Google helped start the Cloud Native Computing Foundation and donated Kubernetes as a seed technology.
In the years since, Kubernetes has become the de facto container orchestrator, helping thousands of organizations manage large-scale containerized workloads, including many for the emerging AI space.
Due to the growing use of Kubernetes, the accompanying networking setups can also grow more daunting. A system administrator may want to securely connect into a cluster from home — this is WireGuard’s original “bread-and-butter,” Beda said. And it can also help with cloud-to-cloud deployments, or cloud-to-on-premises deployments, all of which are not managed very well by the traditional Kubernetes networking solutions, he said.
“The key here is to talk to and listen to customers, real users, and see what they’re doing, see where they’re trying to force a round peg into a square hole, and then actually make it a square hole for the square peg,” Beda said. “So take that same ease of use that most people know about Tailscale [and applying it] to do more advanced networking patterns within Kubernetes.”
TRENDING STORIES