Tutorial: Tailscale on AWS with Terraform
#
Tailscale for internal VPNAt MediaMachine.io we use Tailscale for sharing both our internal development environment as well as the internal tooling network layer. For example, we run Nomad and expose the UI on our internal network. Tailscale makes it super easy to isolate our internal resources from our external facing network. We also use tailscale to quickly share our locally running dev servers which is especially useful for our remote team setup.
#
Use Terraform to manage your Tailscale nodesRunning bespoke, hand-crafted infrastructure is not the same as hand-made furniture from your local artists. Infrastructure-as-code has a lot of benefits:
- Quick disaster recovery
- Easy to on-board new team members
- Source control helps keep track changes
We wanted to share our terraform script to easily set up a tailscale node.
#
Let's start with the Security groupNow that we have the security group setup, let's create the tailscale node
#
Tailscale EC2 instance#
Tailscale startup scriptWe use this script on instance startup to install and configure tailscale.
Terraform lets us attach this script via the user_data
field.
This script leverages terraform templates function https://www.terraform.io/docs/language/functions/templatefile.html.
#
Bonus: if you want to store auth keys on ConsulYou can fetch secrets from consul at terraform run time. See https://registry.terraform.io/providers/hashicorp/consul/latest/docs/resources/keys
That's it! A simple tailscale relay node setup via Terraform.
Simplify your video pipelineTry MediaMachine today!
Get started for free →Get access to one of the cheapest Cloud-Transcode pipelines
Engage users early with great Thumbnails and NLP-Like Video summaries
No credit card required