Seems straightforward?
I think if you don't have friends working at e.g. big banks or whatever, you might not grok just how nutty it is to try to run simple agent workflows.
As someone who is on the other side of the fence on this and trying to keep the network secure and preventing data exfiltration there could be a good reason for this. More often than not we have folks doing all kinds of crazy things and ignore what’s in the handbook. For example we had someone who didn’t like MFA for remote access and would use Tailscale to have a remote permanent reverse proxy to their homelab to do whatever work they were doing. What’s funny is that we are not BOFH’s and would have helped them setup whatever they need had they just sent us an email or opened a ticket.
Trying to be all things to all people will inevitably dilute focus, and it’s understandable that OP might be looking at this sub-product and wondering where the value is for their use cases.
They’re probably not the only ones questioning whether they’re still part of Tailscale’s core ICP (ideal customer profile), either.
Edit: expanded ICP for clarity.
Tails ale is not a company I see being involved in my core AI ops. I don't need their visibility tools, I already have LGTM.
Tailscale should focus on their core competency, not chase the gilded Ai hype cycle. I have sufficient complaints about their core product that this effort is a red flag for me. To do this now, instead of years ago, shows how behind the times they are
There's a set of common needs across these gateways, and everyone is building their own proxies and reinventing the wheel, which just feels unnecessary.
~All of our customers at Oso (the launch partner in the article) have been asking us how to get a handle on this stuff...bc their CEO/board/whatever is asking them. So to us it was a no-brainer. (We're also Tailscale customers.)
No idea how this is solved at the moment, so seems like a smart step
I feel exactly the same way.
So many open issues, the majority thoroughly deserving of a resolution.
I would rather they get their house in order on the core product first before rushing out shiny new things .... because the shiny new alpha/beta things will only exponentially increase the number of open issues.
I like tailscale itself but a lot of basic stuff (such as dynamic routing) or ephemeral node auth are very lacking, wish they would concentrate more on their core product we all like and want to see improve
Building software users like doesn't make for a good business model. Especially if that model has to satisfy VC.
Sounds like something your Account Manager or similar would need to work through. Development roadmaps are often driven by the largest, or loudest customers.
A separate goal I have personally: demonstrate that anyone can build really neat stuff directly on top of the "Tailscale platform." One of my rules for the Aperture team was, you're not allowed to change core Tailscale, you have to build entirely on top as if you were some partner company. So this is a demo of how anybody can make pretty slick, easy-to-use, and yet highly secure stuff by building on Tailscale (the open source packages, or the commercial product, or both).
The true moat of Tailscale is the core product. That can’t be easily replicated (still). Perhaps some product to simplify controlling what resources agents in the organization have access to and having 100% visibility + audatability for them will be way more useful.
> By collecting usage information into a single place, engineering and IT leaders can get a complete picture into both user and agent token efficiency across the organization and providers.
What exactly is “user token efficiency”?
Netbird time?
they're not containerised, just plain old daemons.
Tailscale services will do that. You can do the proxying with tailscale serve, services gives you the MagicDNS name and virtual IP address bound to it.
*edited; I initially pointed to Funnel which would be used for sharing outside your tailnet.
