Ephemeral Castle Tailscale Bridge
The Tailscale Bridge integrates immutable Talos Linux nodes into the private mesh.
Technical Details
Uses the Talos system-extension model together with short-lived AuthKeys minted during the rebirth flow.
- Talos nodes receive Tailscale bootstrap material during the Proxmox/Talos creation path.
- The patching step is driven by
create.shafter the platform layer succeeds. - The AuthKey is generated in memory and is not meant to be persisted into Terraform state.
Connectivity Model
This bridge matters because the operator often runs Tailscale from inside TazPod, where userspace networking can change how reachability works.
In practice, the bridge ensures that cluster nodes still become manageable over the mesh even when the operator path is using the TazPod Nomadic Workflow and a userspace-networked Tailscale client.
See Also
- Security: Tailnet Security
- Rebirth: Ephemeral Castle Rebirth Protocol
- Hub: Ephemeral Castle Entity
- Networking: Tailscale Entity