From d64d75a4dc1c482cd63b613cacbbaaf34cfd3706 Mon Sep 17 00:00:00 2001 From: Xe Iaso Date: Fri, 13 Jan 2023 17:39:46 -0500 Subject: talks: add pulumi talk Also add skip_ads field that will allow a post to skip the advertisements. Signed-off-by: Xe --- talks/virtual-networks-pulumi-tailscale.markdown | 69 ++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 talks/virtual-networks-pulumi-tailscale.markdown (limited to 'talks') diff --git a/talks/virtual-networks-pulumi-tailscale.markdown b/talks/virtual-networks-pulumi-tailscale.markdown new file mode 100644 index 0000000..06a4aba --- /dev/null +++ b/talks/virtual-networks-pulumi-tailscale.markdown @@ -0,0 +1,69 @@ +--- +title: Building Virtual Networks with Pulumi and Tailscale +date: 2023-01-11 +tags: + - pulumi + - tailscale +skip_ads: true +--- + +This was a +[workshop](https://www.pulumi.com/resources/building-virtual-networks-with-pulumi-and-tailscale/) +that I helped with so that people could learn how to glue Tailscale and +[Pulumi](https://www.pulumi.com/) (think Terraform but you can declare resources +in programming languages such as TypeScript instead of HCL) together by creating +a Tailscale subnet router to connect you to a VPC in AWS. I'm including the +speaking bits that I did for the talk, but most of what I was there for was to +help field questions about Tailscale. Internet streamer brain is a useful tool +when properly harnessed. + + + +--- + + + +Tailscale is a networking tool that helps you connect your computers together +like they were on the same network to begin with. Tailscale is built on top of +WireGuard and lets you access your servers, internal services, or file shares +from anywhere you have Internet access. + + + +Today we're going to cover these important parts of Tailscale by setting up a +new AWS VPC and some servers behind it: + + + +Tailscale lets you share machines on your tailnet (Tailscale network) so that +you can access them remotely, no matter where you are on the planet. Write that +screenplay at Starbucks via remote desktop without having to muck with port +forwarding or risking everything by exposing the port to the public Internet. +Grab the missing bit of paperwork that immigration needs from your NAS while you +are at the airport. Tailscale makes it possible for you to forget that you were +away from your home or work networks to begin with. + + + +Tailscale doesn't stop at sharing individual computers though, you can share any +existing network segment with your tailnet using subnet routing. Subnet routing +lets existing infrastructure such as a legacy VPC with all of the computers +you're too afraid to touch be accessed over Tailscale too. No more StrongSwan +required. This is also useful for connecting to remote devices like IoT devices +that you really don't want to open up to the public internet. You can do this +all without having to configure complicated firewall rules. + + + +This isn't limited to existing private networks. You can set up your own +"privacy VPN" on top of Tailscale by setting up an exit node. An exit node is a +machine on your tailnet that can act as a subnet router _for the entire +internet_. This will let you access things that are geo-restricted like tax +software. + + + +Tailscale doesn't stop there, there's SSH management, file sharing, an +ngrok-like tunnelling solution, and so much more. + +I'll hand things back over to Josh so we can learn more about Pulumi. -- cgit v1.2.3